Guest User!

You are not Sophos Staff.

Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 10 replies
  • Subscribers 27 subscribers
  • Views 1181 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

XG115 web gui timeout issue

Ricky Stiles

I received a replacement XG115 device from Sophos (old v2 from 2018) as the old one failed and it seems to have an issue. I restored the backup fine and it seems to pass traffic ok (will know more tomorrow when users are in the office) but the web interface seems to time out. So, for example, I will log in to the web gui (port 4444) and browse through the different sections/tabs. However, if I stop on a page to examine something for a minute or two, when I try and go to a different page, I just get a spinning wheel forever and the page requested never loads. It is not the Webadmin Timeout value as I tried disabling that and setting it to a large number with no affect.

Anybody have any ideas what could be happening and why....



This thread was automatically locked due to age.
  • 0

    Hello Ricky,

    Thank you for contacting the Sophos Community.

    Can you share the first 5 digits of the S/N of your new device.

    If you SSH into the device and wait for the issue to happen, can you run the following command when it kicks you out( this command is to be run from the advanced shell (5>3).

    # csc custom status

    And check the logs

    /log/apache.log

    /log/tomcat.log

    Regards,

  • 0 in reply to emmosophos

    Here is the output from #csc custom status

    =====
    Tue Aug 17 11:15:44 2021
    Listerner is in UNFREEZED STATE
    Freeze INIT wait val : 10
    Freeze wait val : 120
    Opcode queue len : 50
    Service queue len: 50
    Freeze INIT timeout : Not effective Freeze timeout : Not effective
    HANDLE_STATE_CHANGE OPCODE RUNNING(2) ?:- 0
    HA is disabled

    Free Workers:
    25260
    25180
    25179
    25171
    22291
    11360
    11337
    11332
    13507
    5962
    5961
    5959
    5958
    19412
    12751
    12749

    Busy service:


    XG115_XN02_SFOS 18.0.5 MR-5-Build586#

    =====

    Quite often, when I run the command from an SSH session and I have a continuous ping happening in another window, I will simply get this and nothing else.

    XG115_XN02_SFOS 18.0.5 MR-5-Build586# csc custom status

    =====
    Tue Aug 17 11:22:55 2021
    Listerner is in UNFREEZED STATE
    Freeze INIT wait val : 10
    Freeze wait val : 120
    Opcode queue len : 50
    Service queue len: 50
    Freeze INIT timeout : Not effective Freeze timeout : Not effective

    *As you can tell, the command never finishes.

    The apache.log file is 0 bytes in size and the tomcat.log file is shown here:

    XG115_XN02_SFOS 18.0.5 MR-5-Build586# tail tomcat.log
    2021-08-17 14:46:43,896:INFO:CSC - Event Bean:{ opCode: getappkey, mode: 0, waitForeResponse: true, requestType: 0, opcodetype: 0, entityId: 39, beanName: null, syncalbe: true, comProtocol: u }
    2021-08-17 14:46:43,896:INFO:CSC - Keys in json: ["mode", "___serverport", "___component", "___serverprotocol", "___username", "currentlyloggedinuserip", "___serverip"]
    2021-08-17 14:46:43,896:INFO:CSC - final opcode:
    opcode getappkey csc/1.0
    content-type:json
    content-length:189


    2021-08-17 14:46:44,412:INFO:HFHelper - X-FROWARDED-FOR: 192.168.70.88
    2021-08-17 14:46:44,502:INFO:Captcha Helper - isCaptchaRequired() client is in Zone:5
    XG115_XN02_SFOS 18.0.5 MR-5-Build586#

  • 0 in reply to Ricky Stiles

    Hello Ricky,

    Thank for the logs.

    Do you see anything under /var/cores?

    When this happens and if later you check the Graphics utilization do you see any gaps at the time this was happening?

    Regards,

  • FormerMember
    0 FormerMember in reply to Ricky Stiles

    Hi ,

    Could you please turn off the login disclaimer from Administration > Admin and user settings > Login disclaimer settings and monitor the issue? 

    Thanks,

  • 0 in reply to FormerMember

    I turned it off so now I'll just wait and see what happens.

  • 0 in reply to emmosophos

    There are no files under /var/cores. Also, I do not see any gaps in the graphics for CPU or network utilization for the last 48 hours.

  • 0 in reply to Ricky Stiles

    Hello Ricky,

    Thank you for the follow-up.

    Would it be possible for you to put tomcat in debug mode, this commands are to be run from the Advanced Shell of the XG (5>3)

    # touch /log/tomcat_debug

    # service tomcat:restart -d -s nosync

    And 

    # csc custom debug

    You won't see any output from this command after you enter it.

    To turn off debugging for Tomcat

    # rm -rf /log/tomcat_debug

    # service tomcat:restart -d -s nosync

    To turn off debug for csc

    # csc custom debug

    Regards,

  • 0 in reply to emmosophos

    After running the XG firewall for about 5 hours after entering the tomcat debug commands, the tomcat_debug.log file is 0 bytes.

    Here is the output from the command: tail tomcat.log

    XG115_XN02_SFOS 18.0.5 MR-5-Build586# tail tomcat.log
    2021-08-18 17:06:08,718:DEBUG: - timer
    2021-08-18 17:06:11,542:DEBUG: - Time Out con 1
    2021-08-18 17:06:11,542:DEBUG: - source 1800000
    2021-08-18 17:06:11,542:DEBUG: - dest 1629302771541
    2021-08-18 17:06:11,542:DEBUG: - Time Out con 0
    2021-08-18 17:06:11,542:DEBUG: - source 1800000
    2021-08-18 17:06:11,542:DEBUG: - dest 1629302771541
    2021-08-18 17:06:11,542:DEBUG: - IN REMOVE CLOSED CONNECTION
    2021-08-18 17:06:11,555:DEBUG: - Connection Pool Size in timer event: 3
    2021-08-18 17:06:11,556:DEBUG: - timer
    XG115_XN02_SFOS 18.0.5 MR-5-Build586#

    Here is the output from the command: head tomcat.log

    XG115_XN02_SFOS 18.0.5 MR-5-Build586# head tomcat.log
    2021-08-02 22:46:01.033:INFO::main: Logging initialized @33288ms to org.eclipse.jetty.util.log.StdErrLog
    2021-08-02 22:46:05.445:INFO:oejs.Server:main: jetty-9.4.15.v20190215; built: 2019-02-15T16:53:49.381Z; git: eb70b240169fcf1abbd86af36482d1c49826fa0b; jvm 1.8.0_242-internal-GA-b242
    2021-08-02 22:46:05.732:INFO:oejdp.ScanningAppProvider:main: Deployment monitor [file:///usr/share/jetty/webapps/] at interval 1
    2021-08-02 22:46:13.690:WARN:oeja.AnnotationParser:qtp428746855-11: com.sun.jna.AltCallingConvention scanned from multiple locations: jar:file:///usr/share/webconsole/WEB-INF/lib/jna-5.5.0.jar!/com/sun/jna/AltCallingConvention.class, jar:file:///usr/share/webconsole/WEB-INF/lib/jna.jar!/com/sun/jna/AltCallingConvention.class
    2021-08-02 22:46:13.691:WARN:oeja.AnnotationParser:qtp428746855-11: com.sun.jna.Callback$UncaughtExceptionHandler scanned from multiple locations: jar:file:///usr/share/webconsole/WEB-INF/lib/jna-5.5.0.jar!/com/sun/jna/Callback$UncaughtExceptionHandler.class, jar:file:///usr/share/webconsole/WEB-INF/lib/jna.jar!/com/sun/jna/Callback$UncaughtExceptionHandler.class
    2021-08-02 22:46:13.692:WARN:oeja.AnnotationParser:qtp428746855-11: com.sun.jna.Callback scanned from multiple locations: jar:file:///usr/share/webconsole/WEB-INF/lib/jna-5.5.0.jar!/com/sun/jna/Callback.class, jar:file:///usr/share/webconsole/WEB-INF/lib/jna.jar!/com/sun/jna/Callback.class
    2021-08-02 22:46:13.692:WARN:oeja.AnnotationParser:qtp428746855-11: com.sun.jna.CallbackParameterContext scanned from multiple locations: jar:file:///usr/share/webconsole/WEB-INF/lib/jna-5.5.0.jar!/com/sun/jna/CallbackParameterContext.class, jar:file:///usr/share/webconsole/WEB-INF/lib/jna.jar!/com/sun/jna/CallbackParameterContext.class
    2021-08-02 22:46:13.693:WARN:oeja.AnnotationParser:qtp428746855-11: com.sun.jna.CallbackProxy scanned from multiple locations: jar:file:///usr/share/webconsole/WEB-INF/lib/jna-5.5.0.jar!/com/sun/jna/CallbackProxy.class, jar:file:///usr/share/webconsole/WEB-INF/lib/jna.jar!/com/sun/jna/CallbackProxy.class
    2021-08-02 22:46:13.693:WARN:oeja.AnnotationParser:qtp428746855-11: com.sun.jna.CallbackReference$AttachOptions scanned from multiple locations: jar:file:///usr/share/webconsole/WEB-INF/lib/jna-5.5.0.jar!/com/sun/jna/CallbackReference$AttachOptions.class, jar:file:///usr/share/webconsole/WEB-INF/lib/jna.jar!/com/sun/jna/CallbackReference$AttachOptions.class
    2021-08-02 22:46:13.693:WARN:oeja.AnnotationParser:qtp428746855-11: com.sun.jna.CallbackReference$DefaultCallbackProxy scanned from multiple locations: jar:file:///usr/share/webconsole/WEB-INF/lib/jna-5.5.0.jar!/com/sun/jna/CallbackReference$DefaultCallbackProxy.class, jar:file:///usr/share/webconsole/WEB-INF/lib/jna.jar!/com/sun/jna/CallbackReference$DefaultCallbackProxy.class
    XG115_XN02_SFOS 18.0.5 MR-5-Build586#

  • 0 in reply to emmosophos

    I am also trying to copy some of the log files from the XG device following instructions in KB-000035842 and I continue to receive a permission denied message even though I am logging in via admin. Any ideas?

  • 0 in reply to Ricky Stiles

    Hi,

    I was given the answer a couple of days ago to a similar issue. Copy the files to /tmp and then chmod -R +rw /tmp/filename then you can copy the file from the XG.

    Ian