Guest User!

You are not Sophos Staff.

Thread Info
  • State Suggested Answer
  • Locked Locked
  • Replies 13 replies
  • Answers 1 answer
  • Subscribers 27 subscribers
  • Views 1303 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Some websites get ERR_TIMED_OUT

FJay

Hello

I have been looking for this problem for a while now.

Support was useless.

On 2 different sites, at random moments, some websites are returning ERR_TIMED_OUT .

Site https://www.bankinter.com/ or another one point on a server on Azure.

I know they work because on the third site with Ubiquiti or from home, it works.

I have : 

1. pretty much any filtering from Firewall rules

2. checked and changed the DNS

3. upgraded to 19.5MR1

4. Disabled HA (no matter if it is disabled / A/P or A/A)

5. changed the internet connection

I already have a post about this but never really got help.

This is my last attempt before I ditch these Sophos.

Any clue is appreciated.

Don't hesitate to ask for screens or logs, I can provide.

Thanks

Fab



This thread was automatically locked due to age.
  • 0

    Did you give more infos in your earlier/older post?

    I find your explanations very unclear and unspecific:

    1. You switched off filtering for testing, ok. But do you use the proxy, if yes, which mode? Did you implement a MASQ rule for the ISP uplink port?

    2. You "checked" the DNS? How? Show us the configuration. please. (paste screenshot)

    3. At least we know the release version your are on.

    4. Do you have a second firewall with HA in place? Is your cabling correct?

    5. What do you mean by "changed the internet connection"? Do you have different providers you can use alternatively?

    We are volunteers trying to help, but we do not have a crystal ball.

  • 0 in reply to jprusch

    Hi Philip,

    Thank you for the reply.

    Sorry if it is unspecific. I'll try to make it clearer.

    2 Sites, both in HA.

    One Has XG2100 (19.0.1) and the other XG2300 (19.5MR1).

    1. There is no upstream proxy. I don't get MASQ on the uplink port. MASQ is linked to the FW rule

    2. Here you go.

    3. 19.0.1 on one site and 19.5MR1 on the other.

    4. I have checked the cabling on both sites, change from HA A/A to A/P, remove HA. Remove second appliance completely, remove the second internet line, change the internet line. I have replaced the XG2100 by a UDMPro to test and discard any other equipment -> This is working like a breeze.
    5. Yes indeed. On one site I have Telefonica and Orange. On the other I have Proximus and Colt.

    I am sorry if it was not clear enough and I am happy to add anything that might help.

    This is what I get...


    Thank you very much for your time.

    Fab

  • 0

    Hi FJay,

    Thank you for reaching out to Sophos Community.

    I apologies for the experienced. Would it be possible to share your case ID. Thank you

  • 0 in reply to FJay

    Could you try using IPv4 DNS resolution only? Disable IPv6?

  • 0 in reply to jprusch

    Tried all the options to no avail.

    I tried also no IPv6 address and any combination of internal DNS, ISP DNS and Google/Cloudflare DNS.

  • 0 in reply to FJay

    Hi FJay,

    Thank you for the information. Will further check the issue. 

  • 0 in reply to FJay

    Hi FJay,

    Good day, Upon checking on the cases.

    Case 05657043
    The case was closed due to No Answer from the Customer side.

    Case 05156521
    The case was closed as the issue does not reside within Sophos Firewall

    Also, based on the screenshot of your SSL/TLS Logs on the previous post, It indicates that "Server did not respond to client Hello"

    • Have you tried Excluding the domain by creating a new exception (web > Exceptions > Add) and checking all the skip actions

    https://docs.sophos.com/nsg/sophos-firewall/18.5/Help/en-us/webhelp/onlinehelp/AdministratorHelp/Web/Exceptions/index.html

    • Can you share the TLS/SSL log when accessing the said sites?

    I would recommend creating another case so that it can be properly investigated and kindly share the case#

  • 0 in reply to Erick Jan

    Hi Erick Jan,

    Thank you for looking.

    Funny to see how cases like that are closed by Sophos. But that's the past.

    Anyway, it seems a lot faster and to the point here. Let's give it a try !

    This is what I get in the Firewall logs for one of the site I am trying to reach :

    I will add the exceptions as you suggested.
    Would I have to continue adding any other site that doesn't work when Sophos is in the chain ?

    For the TLS/SSL, could you guide me on where you want me to grab that ? 

    I went to TLS/SSL inspection but there is nothing there.

    Thank you very mush for your help.

    Fab

  • 0 in reply to Erick Jan

    Hi again,

    I went to the Exceptions... and apparently I tried that already (sorry it has been so long we have this issue...)

    Is this correct ?