Guest User!

You are not Sophos Staff.

Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 11 replies
  • Subscribers 28 subscribers
  • Views 15768 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

HTTP and majority of HTTPS returns 502 error or will not connect

TomEng

Hi there,

Twice in three days I've had a network issue caused by Sophos XG210 and I would like some feedback on how to prevent it re-occurring or, at the very least, how to solve it in the future.

In both cases, connections to HTTP do not work, giving intermittent 502 errors on Chrome and Safari whilst only some connections to HTTPS work including Google (and its derivatives) and Facebook. Failed HTTPS connections would also give intermittent 502 errors. Pings and other protocols still worked as expected during the outage.

These issues were experienced regardless of the policies the traffic was governed by and were found with HTTP and HTTPS decryption turned on and off, and web and application filters turned on or off. I even set up a policy for a small Lab network with a *shudder* "Permit Any" policy and even this didn't solve the issue. 

The device was fully updated. The last successful update occurred around 45 minutes before the last issue arose and involved the Avira and Sophos AV. This may be the place to start as another Sophos governed network in our company also experienced issues around the same time. Unfortunately there is no network admin at this location and I haven't been able to get a hold of the logs yet so I cannot compare the two.

The outages both resolved themselves after 1-1.5 hours. During this time I had to connect our internal network directly to the WAN links due to connectivity being more of an issue than security (not my words!). This situation cannot be allowed to become a common occurrence. 

What troubleshooting steps can I now follow to find the source of this problem? Any help is greatly appreciated!

Tom



This thread was automatically locked due to age.
Parents
  • 0

    Hi Tom,

    Check #1 in the Analysis Guide.

    Post the logs.

    Thanks

  • 0 in reply to sachingurung

    Hi there, 

    I will record the logs from the console the next time I have the issue. It is common but intermittent and irregular so I cannot say when it will next occur. 

    Viewing the web filter logs from the GUI shows that the connection to the website in question does not get logged (no allow or deny log). The next log is an "allowed" log from the google server serving the HTTP502 page to my browser. 

    I am also working with my ISP to see if we can eliminate the VSAT link from the troubleshooting. I still havent determined whether it is due to the firewall, a compatability issue between the firewall and the modem or the VSAT connection itself that is to blame for the errors. Changing gateway sometimes solves the issue but it doesnt always work.

    Thanks for your continued help!

    Tom

Reply
  • 0 in reply to sachingurung

    Hi there, 

    I will record the logs from the console the next time I have the issue. It is common but intermittent and irregular so I cannot say when it will next occur. 

    Viewing the web filter logs from the GUI shows that the connection to the website in question does not get logged (no allow or deny log). The next log is an "allowed" log from the google server serving the HTTP502 page to my browser. 

    I am also working with my ISP to see if we can eliminate the VSAT link from the troubleshooting. I still havent determined whether it is due to the firewall, a compatability issue between the firewall and the modem or the VSAT connection itself that is to blame for the errors. Changing gateway sometimes solves the issue but it doesnt always work.

    Thanks for your continued help!

    Tom

Children
No Data