Guest User!

You are not Sophos Staff.

Thread Info
  • State Suggested Answer
  • Locked Locked
  • Replies 9 replies
  • Answers 1 answer
  • Subscribers 26 subscribers
  • Views 16283 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

unable to reach public ip's.

ReinoutNL

Hi,

 

for a couple of month's now i've been having intermittenly problems with traffic thats going to public (IP) destinations. for instance everything is running smooth and all of sudden you can't resolve a page any more if you try to do a ping  to the DNS FQDN it won't work.

 

First i thought it was a DNS issue, but it wasn't. )The DNS servers are internal and are reachable and they forward the traffic to public DNS servers and thats where i noticed it when't wrong.  The firewall itself is reachable internaly but everything connected on the WAN port isn't from the LAN ip space.

 

I've switched the profiles of the IPS, I've double checked the firewall rules, i've scoured the logs (Thank god you guys are going to fix this in the 17 patch, right?) but to no avail. Is there anybody who knows why this is happening?

I've had this with versions running from 15.x.x to current latest firmware version. (home license)

Regards,

 

Reinout



This thread was automatically locked due to age.
Parents Reply Children
  • 0 in reply to sachingurung

    Hi,

     

    First of all sorry for being so slow in my responses but i'm flooded with work and this is my home issue :)

     

    Like i said tracert just breaks. At that moment the Sophos is unresponsive. I can open te web interface of the Sophos XG i just can't get any traffic throught to the public interface. I've also seen traffic being redirect to rule 0 in the firewall (while it should match with rule 1 for my internet traffic)

     

    Ping's, tracert work one second another they don't it's that simple.

    (i've even tried reinstalling and stuff switching hardware (nic's)

    Regards,

     

    Reinout

  • 0 in reply to ReinoutNL

    Some context in the log the same traffic is getting the correct firewall rule and when everything stops working i see the identical traffic hitting firewall rule 0....

  • 0 in reply to ReinoutNL

    Hi,

    I wonder if you see anything in the drop-packet-capture logs when the issue develops. Do you see any dropped/error packets on the interfaces? Take SSH to the XG and go to option 3. Device Console and execute the following command:

    show network interfaces

    Show me the output, if there are dropped/error packets then that could be the possible cause. Refer #4 in my troubleshooting guide.

    Cheers-