Thread Info
  • State Suggested Answer
  • Locked Locked
  • Replies 48 replies
  • Answers 1 answer
  • Subscribers 30 subscribers
  • Views 5152 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Can't access Synology server once Sophos XG Firewall is connected to Cisco switch

Chevyavalanche

As I've worked through some (not all) setup issues, one that continues to stump me is the fact that when my NAS is connected to switch along with all other LAN devices and incoming internet from router, life is good. I can access my NAS no problem.

The minute I connect my router to Sophos XG V19 WAN (through bridge interface and one LAN port is connected to an open port on switch), I can connect to other LAN devices with exception being my NAS server. I can't ping the IP address either. Something is blocking access but I'm just not sure what it could be.

I also connected NAS directly to the Sophos XG device and that didn't make a difference. I've tried a couple of firewall rules and that didn't solve the issue. This same phenomenon happened on another firewall device with exception being I could connect NAS directly to the firewall device and access it but when I connected the NAS to my switch (my preferred connection method), I couldn't access or ping it.

So there has to be some setting within the NAS that is being blocked by XG that is unique from a PC, tablet or smart phone. I've scoured the internet and haven't found a solution.

ISP-->Router-->switch-->LAN devices (current state where NAS is accessible)

ISP-->Router-->Sophos XG-->switch-->LAN devices (future state where NAS is not accessible)

Also keep in mind, I'm learning as I go with Sophos XG so I may not completely understand suggested fixes so please bear with me.

Any help is definitely appreciated.



This thread was automatically locked due to age.
Parents
  • 0

    The only scenario I can see giving you this problem is if the NAS IP is duplicated on the XG somewhere. We've used a Synology NAS with Cisco switches and I can't think of anything that is special about the network interface on the NAS, Have you looked at the ARP table on the switch in each scenario ("show ip arp" from command line)?

  • 0 in reply to JasP

    Hey JasP,

    Thanks for the reply.

    As I've looked at the Cisco config, NAS config and XG config, nothing jumps out at me. I don't see any duplication of IPs. I don't know CLI console commands so a bit hesitant to try that. All 3 have static IPs.

    I get this message: ERR_CONNECTION_TIMED_OUT

    Multiple scanners see it and it shows up in router as attached. 

    Just scratching my head on this one.

  • 0 in reply to Chevyavalanche

    The whole point of a switch (and the clue is in the name) is that it makes network connections point to point between two communicating devices (this is ignoring broadcast traffic). If you are losing connection between the workstation and the NAS, then something is happening on the switch that causes it's connection to the NAS to drop. That's why I think this is a switch issue not an XG configuration issue. Plugging in the XG is clearly causing it but it is affecting something on the switch.

    What is the configuration of  the XG and NAS ports on the switch? What port is the NAS on? It's probably also worth trying different ports on the switch (just in case you have a bad port) and changing the network cables.

    Not an expert on Spanning Tree Protocol but I believe that "STP status Forwarding" is a normal status (and probably should be shown as Informational rather than Warning). It basically means that it is passing traffic.

  • 0 in reply to Chevyavalanche

    Please log in on https://id.sophos.com/  login with your registered email id once login

    Go to MySophos -->Network Protection-->View Device filter your appliance key and under action click on subscribe and share the status 

    Regards

    "Sophos Partner: Infrassist Technologies Pvt Ltd".

    If a post solves your question please use the 'Verify Answer' button.

  • 0 in reply to Bharat J

    This is all I see...The line going around the 'S' just keeps going and going...

  • 0 in reply to JasP

    There all like this (and yes, I've already swapped ports). The NAS in on GE12 and it's the same as this. I haven't changed any of these in years if ever.

  • 0 in reply to Chevyavalanche

    I just saw this:

    So is it possible that my Sophos XG isn't properly registered and is it possible that this could cause some of the issues I'm seeing?

  • 0 in reply to Chevyavalanche

    I just noticed in the admin section under admin and user settings:

    I'm wondering if this has any effect when I try and save my network changes. How does one fix this?

  • 0 in reply to Chevyavalanche

    Yes I can see that too, earlier you have bought a valid license ? 

    evaluating means trail license 

    "Sophos Partner: Infrassist Technologies Pvt Ltd".

    If a post solves your question please use the 'Verify Answer' button.

  • 0 in reply to Bharat J

    Because he is using a router in front of the XG and the XG is not seeing the internet correctly.

    Ian

    XG115W - v19.5.1 mr-1 - Home

    If a post solves your question please use the 'Verify Answer' button.

  • 0 in reply to rfcat_vk

    I checked from my end getting the same errors while retrieving the details of my registered device, it was working before not since yesterday 

    "Sophos Partner: Infrassist Technologies Pvt Ltd".

    If a post solves your question please use the 'Verify Answer' button.

  • 0 in reply to Chevyavalanche

    Hi  Chevyavalanche 

    Please raise the case with Customer Care Support as per the same error Sophos Team is working on issue 

    Thanks and regards

    "Sophos Partner: Infrassist Technologies Pvt Ltd".

    If a post solves your question please use the 'Verify Answer' button.

Reply Children
No Data
Cookie Information Banner