Guest User!

You are not Sophos Staff.

Thread Info
  • State Suggested Answer
  • Locked Locked
  • Replies 10 replies
  • Answers 2 answers
  • Subscribers 29 subscribers
  • Views 924 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Cannot ping or access web GUI of XG Firewall but can access console

ACS IT

Hi All,

I have this problem where I can access our xg Firewall through console connected via micro-usb, but I can't ping the firewall nor access it through the web GUI (I know if I can't ping it, I can't access it). The only changes I made before this happened was change the ip address of the lan port. Before this change I could access it no problem. 

When I go to network interface configuration, I can see the ip of the port that I changed.

I have enabled appliance access, I have changed the IP back to its original address, I have restarted numerous times but it still does not want to connect.

Please give me some advice.



This thread was automatically locked due to age.
Parents
  • 0

    Hi   Thank you for reaching out to the Sophos community team, After changing the IP when you access the Firewall from the machine what is the observation in tcpdump and Drop packet on XG? I hope you have already reverted the "appliance access" command which you have enabled previously, please also confirm services related to UI are not stopped/DEAD state. 

    Please check the below RR to confirm some output and packets, and service status details:

    community.sophos.com/.../sophos-firewall-what-to-do-when-the-web-admin-is-not-accessible

    Regards,

    Vishal Ranpariya
    Technical Account Manager | Sophos Technical Support
    Sophos Support Videos | Knowledge Base  |  @SophosSupport | Sign up for SMS Alerts |
    If a post solves your question use the 'This helped me' link.

  • 0 in reply to Vishal_R

    Hi Vishal, yes I have reverted the appliance_access. The tomcat and apache services shows running. The tcpdump just hangs when I run it. Have to press ctrl+c to cancel. Then it shows 0 packets captured, recieved and dropped.

  • 0 in reply to ACS IT

    Hi   Are you able to see the ARP of the end machine which is connected behind XG on XG via the below command?

    #arp -n 

    If the ARP of the machine is showing completed, are you able to PING that machine from the respective LAN Interface? 

    Example command:

    #ping -I PortX X.X.X.X

    Here in the above command, X.X.X.X is the LAN machine IP, and PortX is the Port behind which that machine is connected. (like Port1 or Port2 based on your setup or scenario).

    Is your relevant PortX (LAN Port) showing proper speed and status in CLI?

    console> sh network interfaces

    As no packets are receiving (as per your previous comment) which could be more on physical cable connectivity or ARP or layer 3 (Incorrect IP, network details, etc) would be the cause of the problem. 

    Regards,

    Vishal Ranpariya
    Technical Account Manager | Sophos Technical Support
    Sophos Support Videos | Knowledge Base  |  @SophosSupport | Sign up for SMS Alerts |
    If a post solves your question use the 'This helped me' link.

Reply
  • 0 in reply to ACS IT

    Hi   Are you able to see the ARP of the end machine which is connected behind XG on XG via the below command?

    #arp -n 

    If the ARP of the machine is showing completed, are you able to PING that machine from the respective LAN Interface? 

    Example command:

    #ping -I PortX X.X.X.X

    Here in the above command, X.X.X.X is the LAN machine IP, and PortX is the Port behind which that machine is connected. (like Port1 or Port2 based on your setup or scenario).

    Is your relevant PortX (LAN Port) showing proper speed and status in CLI?

    console> sh network interfaces

    As no packets are receiving (as per your previous comment) which could be more on physical cable connectivity or ARP or layer 3 (Incorrect IP, network details, etc) would be the cause of the problem. 

    Regards,

    Vishal Ranpariya
    Technical Account Manager | Sophos Technical Support
    Sophos Support Videos | Knowledge Base  |  @SophosSupport | Sign up for SMS Alerts |
    If a post solves your question use the 'This helped me' link.

Children
  • 0 in reply to Vishal_R

    Thx Vishal, I have checked and Port1 which the laptop is directly connected to is showing correct speed of 1000mb/s. There shows that the RX and TX state are getting packets but only kb or bytes. 

    The arp command does not show any other IP other that the router IP, connected on Port4, and IP 128.0.0.1 also on Port4. So I cannot ping the laptop connected.

  • 0 in reply to ACS IT

    Hi   Please try to plug a laptop directly into any other Interface of the firewall where networks are already configured and update the Laptop IP in that interface network and confirm the status further,if no luck then a support case will be the best way to get it concluded with session and required logs.

    Regards,

    Vishal Ranpariya
    Technical Account Manager | Sophos Technical Support
    Sophos Support Videos | Knowledge Base  |  @SophosSupport | Sign up for SMS Alerts |
    If a post solves your question use the 'This helped me' link.

  • 0 in reply to Vishal_R

    Hi Vishal, I connected the laptop to port3 which is also a LAN port and it is doing the same. Is there a way to resore a config backup through the console? I made a backup before I started anything.

Unfiltered HTML