Guest User!

You are not Sophos Staff.

Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 9 replies
  • Subscribers 4 subscribers
  • Views 19979 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Random disconnections in web-access via UTM9

AlexA

Hi,

I’m using this product UTM/Astro software at my network entry point (since 2014) to protect my network, and I have an ongoing problems of disconnections in our web-access.

I have this problem for a long time and despite version updates, hardware upgrades and even change of ISP, router and all infrastructure... , the problem still remain the same.

My configuration is a Site-2-Site VPN on IP Sec, with two severs connected to each other. 

The problem happens randomly, many times during the day, and every time it occurs, it takes about 3 mins till the connection is restored.

During this period, all web access is blocked/disconnected, but other non-web connections such as SKYPE and PING are fully connected without any interruptions.

It occurs for about 3 mins or less.. and then it restores to normal state.

 

This happens to any PC in my network on random basis, so its not that all PCs are disconnected on web at the same time, but each of them behave independently.

 

I can restore the connection by disable/enabling the network adapter, but it reoccurs over and over during day randomly.

 

It seems to be related to the web-protection/control parts.

Please advise how I can solve it.

 

Thank you

Alex



This thread was automatically locked due to age.
  • 0
    What do your logs show for for your network and kernel?

    Ian

    XG115W - v19.5.1 mr-1 - Home

    If a post solves your question please use the 'Verify Answer' button.

  • 0 in reply to rfcat_vk

    Thank you for the involvement.

    I've checked the logs on both and could not find any problems. 
    I also sent the log files to support@sophos... and they also did not find anything in it.

    Its very strange. And when this "disconenction" occur, I can't even access the web-panel of UTM9 on the remote server, so I can only access the local UTM server and I'm disconnected from the web-backend of the remote-server. 

  • 0

    Hi, Alex,9.317?)

    What are the endpoints of this site-to-site connection?

    If it's the servers, then check #1 in community.sophos.com/.../22065.

    If a UTM is an endpoint, disable auto-negotiation on the WAN NIC and set it to a fixed setting like "BaseT/Full" - you also need to get your ISP to make the same setting on their device connected to your WAN NIC.

    Any luck with either of those?

    Cheers - Bob
    PS Please always remember to state the version of UTM (9.317?) and the appliance model (UTM 220?) if applicable.

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • 0 in reply to BAlfson
    Hi,
    Firmware version: 9.352-6
    Pattern version: 92660
    (I use the software version of UTM9, installed on IBM server)

    I have faced this issue since Astro version 8, and non of the upgrades have affected or solved this issue.

    About this suggestion: "disable auto-negotiation on the WAN NIC", should I not try it on client PCs as well?
  • 0 in reply to AlexA
    I tried the above settings in my PC's NIC, but nothing changed. I still have the same problem.
  • 0
    What are the endpoints of the IPsec tunnel? If one endpoint is the UTM, is this a site-to-site connection or remote access?

    Cheers - Bob
     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • 0 in reply to BAlfson
    This is my setup:
    Local LAN > UTM9 (Local) > UTM9 (Remote) > IPS.

    The UTM9 (Local) is connected by site-to-site (IPSEC) to UTM9 (Remote)

    Let me know if any other questions.
  • 0 in reply to AlexA
    On both UTM9 devices, make sure that the connection to the ISP has fixed speed and duplex: disable auto-negotiation on the WAN NIC and set it to a fixed setting like "100BaseT/Full."

    You also need to get your ISP to make the same setting on their device connected to your WAN NIC. In the case of a home modem, you probably can make that setting yourself.

    Do you continue to have a problem after that?

    Cheers - Bob
     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • 0 in reply to BAlfson
    I tried the NIC settings on both servers also, but not solved.
    Now I have removed the remote server from the setup, so only have one UTM9 locally, and so far it seems OK...
    I'll keep you updated.
Unfiltered HTML