Guest User!

You are not Sophos Staff.

Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 3 replies
  • Subscribers 26 subscribers
  • Views 443 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

C2S VPN and Heartbeat: no traffic allowed for several minutes

BasSanders

Hi All,

We have been facing severe issues with our VPN clients using Sophos Connect and Heartbeat. After connecting the VPN, it takes several minutes for the firewall to realize the newly connected client has a green status. Therefor, the clients traffic is blocked for several minutes.

In some cases, client status is green. Yet, XG sees it as red

In some cases, client status is green. Yet XG does not see any heartbeat (OSX)

In every case, if client status is green, it can take up to 5 minutes for the XG to realize and start allowing traffic.

Sophos Support have been amazingly quiet apart from asking us every 2 or 3 days is the issue still occurs.. As if they hope the issues automagically disaappear.

Regardless of my opinion about the quality of support, I wonder if there are more customers/partners with these issues.

Thanks in advance for any reply.

Regards,

Bas



This thread was automatically locked due to age.
  • 0

    Hello there,

    Thank you for contacting the Sophos Community.

    Could you please share the Case ID to see what has been done so far.

    Regards,

  • 0 in reply to BasSanders

    Hello Bas,

    Thank you for the Case ID and I apologize for the support experience.

    It looks like at this point you’re looking for an RCA on what is causing this issue and a solution to the same.

    I have followed up with one of our escalation managers in EMEA about this, so they can assist to align the specific resources to move forward with your case.

    About your specific issue, have you configured on the XG the following command, I just wonder if this might help with your issue. 

    delay-missing-heartbeat-detection set NUMERICAL VALUE in seconds.

    Range: 30 to 285 in multiples of 15

    Sets the time to wait before moving the endpoint to missing heartbeat status. Use this when there are frequent adapter changes (for example, when switching between Wi-Fi & LAN connections).

    Regards,