Guest User!

You are not Sophos Staff.

Thread Info
  • State Verified Answer
  • Locked Locked
  • Replies 10 replies
  • Subscribers 30 subscribers
  • Views 1414 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

connection lost for 30 seconds randomly

Cristiano de Morais Lima

Hi everyone, a customer where I recently deployed a Sophos XGS 136 is reporting that desktops are losing internet connection for 30 seconds and then returns normally, and that this is not for any specific desktop, but randomly.

Is anyone experiencing the same problem?



This thread was automatically locked due to age.
Parents
  • 0

    Hello ,

    Thank you for reaching out to the community, is customer using any authentication method for users to access the internet, if yes then which method ?
    What are policies been applied in the LAN to WAN rule ? is it plain or cx is using scanning ?
    Is web/application policy is being used ?
    Is IPS policy applied on the FW rule ?

    Thanks & Regards,
    _______________________________________________________________

    Vivek Jagad | Team Lead, Global Support & Services 


    Sophos Community | Product Documentation | Sophos Techvids | SMS
    If a post solves your question please use the 'Verify Answer' button.

  • 0 in reply to Vivek Jagad

    Hello, Vivek Jagad, thank you for answer me.

    The Web policy apllied is: No Explicit Content
    The App policy applied is: Block peer to peer
    The IPS policy applied is: LAN TO WAN

    Enabled Scan HTTP and decrypted HTTPS and Block QUIC protocol
    But I'm tried to use without any policies, and the loss stills.

    If I helped you with your question, please, click the 'Verify Answer'.

  • 0 in reply to Cristiano de Morais Lima

    Hi Cristiano de Morais Lima 

    Please connect to the XG following this KB (https://community.sophos.com/kb/en-us/133678)

    Once in there press number 4 to land in the console and run the following command:

    console > drop-packet-capture 'host X.X.X.X and host 8.8.8.8' (Modify the X.X.X.X to be the Private IP of the computer where you are running the Ping)

    If the XG is dropping  the traffic you will see something there.

    You can also check at the time the issue happens the fwlog.log

    In a new Putty session/window now go 5>3 then type cd /log and press enter

    then you can type less # less fwlog.log (ctrl + g takes you to the last line) and check the time when the issue happens

    Additionally, to this, I would also recommend you to leave or run a conntrack when the issue is happening

    #conntrack -E -s X.X.X.X 

    Check for unreplied packets.

    And finally, check the IPS.log for anything the XG might be dropping at that time, and also when the issue is happening confirm if the XG can ping 8.8.8.8

    Thanks and Regards

    "Sophos Partner: Infrassist Technologies Pvt Ltd".

    If a post solves your question please use the 'Verify Answer' button.

Reply
  • 0 in reply to Cristiano de Morais Lima

    Hi Cristiano de Morais Lima 

    Please connect to the XG following this KB (https://community.sophos.com/kb/en-us/133678)

    Once in there press number 4 to land in the console and run the following command:

    console > drop-packet-capture 'host X.X.X.X and host 8.8.8.8' (Modify the X.X.X.X to be the Private IP of the computer where you are running the Ping)

    If the XG is dropping  the traffic you will see something there.

    You can also check at the time the issue happens the fwlog.log

    In a new Putty session/window now go 5>3 then type cd /log and press enter

    then you can type less # less fwlog.log (ctrl + g takes you to the last line) and check the time when the issue happens

    Additionally, to this, I would also recommend you to leave or run a conntrack when the issue is happening

    #conntrack -E -s X.X.X.X 

    Check for unreplied packets.

    And finally, check the IPS.log for anything the XG might be dropping at that time, and also when the issue is happening confirm if the XG can ping 8.8.8.8

    Thanks and Regards

    "Sophos Partner: Infrassist Technologies Pvt Ltd".

    If a post solves your question please use the 'Verify Answer' button.

Children
Share Feedback
×

Submitted a Tech Support Case lately from the Support Portal?

Unfiltered HTML