New Sophos Support Phone Numbers in Effect July 1st, 2023

This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Force MTU on Sophos SG

Appears to only be an issue the SG models.
Issue may manifest itself in multiple ways, slow internet, pages not loading fully. Issue is because the MTU on the WAN interface uses DHCP to set the MTU to 576. Should be set to 1500.

Use putty to connect to the Sophos. 

Type sudo su to elevate to super user (enter the root password).

type cc and press [enter] (May not work if path not set correctly. May need to type "/usr/local/bin/confd-client.plx")

Note: Following commands are CASE sensitive.

You will get and output like:

Confd command-line client. Maintainer: <Ingo.Schwarze@sophos.com>

Connected to 127.0.0.1:4472, SID = VGdqvYBurSTNHXVdhnqk.
Available modes: MAIN OBJS RAW WIZARD.
Type mode name to switch mode.
Typing 'help' will always give some help.
127.0.0.1 MAIN >

This means your are inside cc shell.

type RAW and press [ENTER]

type lock_override and press [ENTER]

type OBJS and press [ENTER]

type interface and press [ENTER]

 

Now it gets a little tricky. Most setups which has this issue uses an ethernet type WAN, so:

type ethernet and press [ENTER]

Here you will have to "select" your WAN interface. To do that:

type REF_ (this is case sensitive) and press [TAB] two times. It should list all your ethernet type interfaces, like this:

REF_DefaultInternal[Internal,interface,ethernet]
REF_IntEthExternaWan[WAN,interface,ethernet]

On a default configuration system, it should look exactly like this, but don't worry if it doesn't. From that lines, look for the one that contains something like "REF_IntEthExternaWan" or the name of your WAN interface.After you locate the name for your WAN interface from the list, type the rest of the object name (case sensitive). To avoid any typos, you can copy and paste the rest of the object name after REF_.

For example, provided that your WAN interface is using the default name, you should then complete REF_ with:

REF_IntEthExt and press [TAB] again.

That will autocomplete the name for your WAN interface. Then, press [ENTER] again.

You should get an output iike this:

'additional_addresses' => [],
'bandwidth' => 0,
'comment' => 'Added by installation wizard',
'inbandwidth' => 100000000,
'itfhw' => 'REF_ItfEthEth1',
'link' => 1,
'mtu' => 576,
'mtu_auto_discovery' => 1,
'name' => 'WAN',
'outbandwidth' => 20000000,
'primary_address' => 'REF_ItfPri000024',
'proxyarp' => 0,
'proxyndp' => 0,
'status' => 1
}

If you do, you are in the right track. Then type:as

mtu_auto_discovery=0 

and press [ENTER]

You will get the same output as before, but mind the subtle change on 'mtu_auto_discovery' line, that should now be 0.

To save, type 

and press [ENTER]

this will save your configuration.

type exit and press [ENTER]

this will return to the shell.

 

After that, fix the MTU in Webadmin and it should not revert to 576 anymore.



This thread was automatically locked due to age.
Parents Reply Children
No Data