Wan interface randomly in error.

Hi everyone. I'm looking for some help in troubleshooting intermittent problem on my Wan interface.

Im using Sophos UTM-9 9.702-1  Home. Software version. Not virtualised

Actually, this problem has been there for a while but since it was hapenning rarely, i just didn't do much. Now, since 2-3 days, i notice frequent interruption. My cable modem is up and does not show any sign of problem but i might connect the modem to my switch and Sophos in the switch as well to see if the problem would be with the cable modem interface. It good to mention that i changed my cable modem 3 times since i noticed this problem.

Now what it does is i'm randomly losing internet during the day and when i log in Sophos, in the dashboard, it show my WAN link being in error. I use a static IP. The other interfaces are ok.

In the logs, i found some interesting lines. The last time it happened today was at 11h07:

2020:03:19-10:29:26 proy [daemon:info] nwd[4640]: Waiting for MDW cycle to end
2020:03:19-11:07:28 proy [daemon:info] nwd[4640]: Reloading Config
2020:03:19-11:08:43 proy [daemon:info] nwd[4640]: Reloading Config
2020:03:19-11:14:32 proy [daemon:debug] rrdcached[4023]: flushing old values
2020:03:19-11:14:32 proy [daemon:debug] rrdcached[4023]: rotating journals
2020:03:19-11:14:32 proy [daemon:debug] rrdcached[4023]: started new journal /var/log/reporting/rrd/rrd.journal.1584630872.853853
2020:03:19-11:14:32 proy [daemon:debug] rrdcached[4023]: removing old journal /var/log/reporting/rrd/rrd.journal.1584623672.853857
2020:03:19-12:00:01 proy [user:notice] logger: WebAdmin: removing stale session sfSJQxDvdpVkyzqKMaFD

 

Here's some more logs:

2020:03:19-10:49:26 proy confd[3668]: W main::cleanup_sessions:1046() => id="3100" severity="warn" sys="System" sub="confd" name="timeout: removing session" user="system" srcip="127.0.0.1" sid="eaf382ef1e1b1911f288d01e055b0dd5f4eb072a68ddca1e51a5b82cf17f2b2f" facility="system" client="audld.plx"
2020:03:19-11:07:24 proy confd[3668]: I main::top-level:682() => id="310a" severity="info" sys="System" sub="confd" name="object changed" class="interface" type="ethernet" ref="REF_IntEthExternaWan" objname="External (WAN)" user="system" srcip="127.0.0.1" sid="3cf89d3affae95cb38d55f8ceacae5c64ced333f2db29278a84a46227c8750a7" facility="system" client="service_monitor" pid="27197" attr_link="0" oldattr_link="1"
2020:03:19-11:07:24 proy confd[3668]: I main::cleanup_changelog:998() => id="3100" severity="info" sys="System" sub="confd" name="trimmed version 77 from changelog"
2020:03:19-11:07:24 proy confd[3668]: I main::top-level:779() => id="310n" severity="info" sys="System" sub="confd" name="applied changes" user="system" srcip="127.0.0.1" sid="3cf89d3affae95cb38d55f8ceacae5c64ced333f2db29278a84a46227c8750a7" facility="system" client="service_monitor" pid="27197" version="79" storage="/cfg"
2020:03:19-11:08:40 proy confd[3668]: I main::top-level:682() => id="310a" severity="info" sys="System" sub="confd" name="object changed" class="interface" type="ethernet" ref="REF_IntEthExternaWan" objname="External (WAN)" user="system" srcip="127.0.0.1" sid="e7a3c4bf3fa5428c47cf4fa14462e98a8c6692c42f952977e74ae5a4ad9aa0f9" facility="system" client="service_monitor" pid="27476" attr_link="1" oldattr_link="0"
2020:03:19-11:08:40 proy confd[3668]: I main::top-level:779() => id="310n" severity="info" sys="System" sub="confd" name="applied changes" user="system" srcip="127.0.0.1" sid="e7a3c4bf3fa5428c47cf4fa14462e98a8c6692c42f952977e74ae5a4ad9aa0f9" facility="system" client="service_monitor" pid="27476" version="80" storage="/cfg"
2020:03:19-11:09:55 proy confd[3668]: W main::cleanup_sessions:1046() => id="3100" severity="warn" sys="System" sub="confd" name="timeout: removing session" user="system" srcip="127.0.0.1" sid="feebf49838c5f5954c039c248acae1ad418278b88041e8d8fa3ff6fdb4a38b35" facility="system" client="audld.plx"
2020:03:19-11:09:55 proy confd[3668]: W main::cleanup_sessions:1046() => id="3100" severity="warn" sys="System" sub="confd" name="timeout: removing session" user="admin" srcip="10.0.0.148" sid="ad066d70820f74bc96325f067126f7f728ff715e2d81f787eaf5ef7e0fc05ac8" facility="webadmin" client="webadmin.plx"

 

 

And some more.

 

2020:03:19-10:29:26 proy middleware[4189]: T main::top-level:264() => ending cycle 77, caught 0 signals, 0 children still running
2020:03:19-11:07:24 proy middleware[4189]: T main::top-level:213() => starting cycle 78, caught 1 signals
2020:03:19-11:07:24 proy middleware[4189]: T core::Config::Changed:198() => configversion=79
2020:03:19-11:07:24 proy middleware[4189]: T core::Config::Changed:208() => nodes=0 objects=1 triggers=0
2020:03:19-11:07:25 proy middleware[4189]: T core::Config::load:351() => modules=28,57
2020:03:19-11:07:25 proy middleware[4189]: T modules::httpd::load:371() => httpd.pm: HSTS enable [1]
2020:03:19-11:07:25 proy middleware[4189]: T modules::httpd::load:372() => httpd.pm: portal_hsts [Include /etc/httpd/httpd-security-hsts-on.conf]
2020:03:19-11:07:25 proy middleware[4189]: T modules::up2date::load:106() => iaas_deployment=
2020:03:19-11:07:25 proy middleware[4189]: [WARN-032] Internet uplink is down
2020:03:19-11:07:25 proy middleware[4189]: T modules::IPTables::Adapters::packetfilter::clearNatCache:83() => Clear out AUTO-RULE NAT Cache
2020:03:19-11:07:25 proy middleware[4189]: T core::Config::load:394() => core::Config: wrote crontab
2020:03:19-11:07:25 proy middleware[4189]: T modules::ipset::deleteUnused:342() => auto#=19/682 confd#=0/341
2020:03:19-11:07:25 proy middleware[4189]: T main::top-level:264() => ending cycle 78, caught 0 signals, 0 children still running
2020:03:19-11:08:40 proy middleware[4189]: T main::top-level:213() => starting cycle 79, caught 1 signals
2020:03:19-11:08:40 proy middleware[4189]: T core::Config::Changed:198() => configversion=80
2020:03:19-11:08:40 proy middleware[4189]: T core::Config::Changed:208() => nodes=0 objects=1 triggers=0
2020:03:19-11:08:40 proy middleware[4189]: T core::Config::load:351() => modules=28,57
2020:03:19-11:08:40 proy middleware[4189]: T modules::httpd::load:371() => httpd.pm: HSTS enable [1]
2020:03:19-11:08:40 proy middleware[4189]: T modules::httpd::load:372() => httpd.pm: portal_hsts [Include /etc/httpd/httpd-security-hsts-on.conf]
2020:03:19-11:08:41 proy middleware[4189]: T modules::up2date::load:106() => iaas_deployment=
2020:03:19-11:08:41 proy middleware[4189]: [WARN-033] Internet uplink is up again
2020:03:19-11:08:41 proy middleware[4189]: T modules::IPTables::Adapters::packetfilter::clearNatCache:83() => Clear out AUTO-RULE NAT Cache
2020:03:19-11:08:41 proy middleware[4189]: T core::Config::load:394() => core::Config: wrote crontab
2020:03:19-11:08:41 proy middleware[4189]: T modules::ipset::deleteUnused:342() => auto#=19/682 confd#=0/341
2020:03:19-11:08:41 proy middleware[4189]: T main::top-level:264() => ending cycle 79, caught 0 signals, 0 children still running

 

 

 

Everytime it happens, its mostly always these kind of logs thats comes back. I'm really puzzled to find what triggers the "Reloading Config".

 

Any ideas or suggestions?

 

Thanks!

  • Salut Patrick,

    I think this is your ISP - have you checked with them why your link is having problems?

    Cheers - Bob