Guest User!

You are not Sophos Staff.

Thread Info
  • State Verified Answer
  • Locked Locked
  • Replies 3 replies
  • Subscribers 0 subscribers
  • Views 12139 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

SWA Error: Last contact < 5 hours

ELS_SA-DM

We are rolling out the Sophos web appliance across multiple locations globally, and have them reporting into a single management appliance. All systems are VM's. No traffic is being handled by these systems, and the only settings configured have been their network settings. The management system has had the management password configured.

11 web appliances total

Issue:

3 Web appliances show up in an errored state on the management appliance, providing the following information:

Last contact: < 5 hours

Monitor: Connection to management appliance

Message: The appliance is unable to connect to the management appliance.

Troubleshooting steps taken:

Connectivity test run from appliances: Passed

Ping/Traceroute test from appliances: Passed

Ping/Traceroute from multiple locations: Passed

Confirmed ability to log on to web appliance's web interface while in same network as manager.

Shutdown/reboot (system & interface): Error continues to exist

Remove/Add appliance to manager: Error continues to exist (still stating last contact < 5hrs)

Created new management system in different location: Error immediately shows up (still stating last contact < 5hrs)

:27049


This thread was automatically locked due to age.
  • 0

    Hello ELS_SA-DM,

    Please confirm that you have port 22 open for SSH between the appliances as outlined in this section of the docutmentation:
    http://ca-repo1.sophos.com/docs/wsa/swa_docs/ws1000/concepts/AppTroubleshootingGroupedAppliances.html

    Otherwise I would suggest contacting Sophos support so they can remote into the backend of your appliance to troubelshoot this issue further.  They will ask you to enable the remote assitance on your Management appliance and the appliances with the system alert.

    Petr.

    :27089
  • 0

    Petr,

    Thank you for looking into my issue. I have followed up with our network department, and port 22 is open for SSH between the appliances and the web manager. They verified traffic going through as connectivity tests were run from multiple systems.

    The list of ports you had provided (via link) were provided to our network team prior to the configuration of the appliances. Connectivity tests pass without issue from appliances to the manager.

    Hence why this issue is confusing, as there don't seem to be any visible connectivity issues.

    :27107
  • 0

    Opened up a support request with Sophos. They remotely connected to the systems and were able to resolve the issue.There were two different issues noted.

    One of the devices host name was incorrectly configured. To resolve it the device was reverted to stand alone, renamed, and re-joined.

    The other two devices had a date/time related issue. The system date/time was too far off for the NTP server to correct. Sophos support was very helpful, and noted that I would not have been able to make the required change to resolve the issue. Once they made the change the devices synched right up.

    :27279