Guest User!

You are not Sophos Staff.

Thread Info
  • State Verified Answer
  • +1 person also asked this people also asked this
  • Locked Locked
  • Replies 16 replies
  • Answers 1 answer
  • Subscribers 32 subscribers
  • Views 1635 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

XGS Stopped Working (18.5.3)

Peter Mastrangelo

(2) Sophos XGS4500 (SFOS 18.5.3 MR-3-Build408) HA

I was wondering if anyone has seen this issue.
Yesterday our XGS just stopped passing traffic (nothing would go through). The XGS was accessible internal (web interface and ssh) and was able to communicate to external. Just nothing would pass through and no errors anywhere I could find.

Forcing  a failover to the auxiliary XGS solved the issue and everything came back up. Switching back to the primary also everything is now fine.

The XGS has been solid for months with no issues.
The only change that has been made to the XGS was the update to 18.5.3 last week.

I am now a little uneasy about the stability of 18.5.3 and thinking of rolling back to 18.5.2.
Wanted to see if anyone else has seen this issue or if it was just a fluke.

Thank You,
-Peter Mastrangelo



This thread was automatically locked due to age.
  • 0 in reply to Andreas Hahn

    has everyone here XGS machines or also XG machines? I wonder it is an issue with the co-processor.

  • 0 in reply to LHerzog

    In our case XG, but I read that there are problems with XGS too.

  • 0 in reply to MCSCARRASCO

    OK, so it is mixed hardware. Too bad.

    I remember we had an issue where a specific config change caused XG HA to become unresponsive and at some point did not pass traffic until the HA Aux (yes, the slave node!) node was rebooted.

    Is it possible that this issue begins with any config change? Check Admin audit log for changes and then HA logs if they match together.

    in our case we could see this starting when we did the config change:



    ==> /log/ha_tunnel.log <==
    Mar 02 18:16:40 ssh: connect to host hapeer port 22: Connection refused

    Mar 02 18:16:41 ssh: connect to host hapeer port 22: Connection refused

    Mar 02 18:16:42 ssh: connect to host hapeer port 22: Connection refused

    Mar 02 18:16:47 ssh: connect to host hapeer port 22: Connection timed out

    Mar 02 18:16:52 ssh: connect to host hapeer port 22: Connection timed out

    Mar 02 18:16:57 ssh: connect to host hapeer port 22: Connection timed out

  • 0 in reply to Andreas Hahn

    This site had an XG for a couple of years without any issue. It sat behind a Cisco router. The Cisco router terminated the WAN connections and provided client and site to site VPNs.

    We replaced that solution with two XGS in HA and terminated the WAN connections and client and site to site VPNs on the XGS (completely removing the Cisco router). The rest of the config remained the same. Problems started within a week of making the change.

    I did mention this thread to our support engineer. He said that the problems were too generic to know if they are the same issue we are experiencing. It is worth bearing this in mind. We may not necessarily all be suffering from the same route cause.

  • +1

    We were able to solve our problem, it was the IPv6 DHCP server. The problem has occurred in all versions from 18.5.2

Share Feedback
×

Submitted a Tech Support Case lately from the Support Portal?

Unfiltered HTML