Unstable Sophos UTM 9 - please help

Hi,

I'm running Sophos UTM 9 on an older HP Pavillion PC. I'm not sure about the specs but it works fine. Internet/LAN is stable. However, this PC is kinda noisy due to HDD and fans so I'm trying to get something more quiet and modern to run Sophos on.

First I tried installing Sophos on a Mintbox2: http://www.fit-pc.com/web/products/mintbox/mintbox-specifications/

Then I tried using Sophos on a Dell Optiplex 980: https://www.cnet.com/products/dell-optiplex-980-core-i5-650-3-2-ghz-4-gb-320-gb-4688405/specs/

I've installed SSD in both those machines. However, none of them can be used because WAN/LAN is completely unstable. WAN-link keeps going up and down and the network speed is slow. Whenever you do a line test the WAN-link goes completely down and LAN is generally unstable.

Does anyone have a clue why Sophos UTM 9 works on an older HP Pavillion but not on either the Mintbox2 or the Dell Optiplex?

  • Assumptions and coments

    1/. you installed a second nic in the dell?

    2/. you connected the ssd to the sata port?

    3/. Which mintbox did you purchase?

    4/. what chipsets do they run, are they supported by UTM?

    5/. the dell is a very old model or at least the cpu is.

  • In reply to rfcat_vk:

    1. Yes. I installed a Intel Pro 1000 GT NIC in the Dell

    2. Yes, I've mounted SSDs into both the Dell and the Mintbox and the disks work fine.

    3. Mintbox 2, it's standard config with 4GB RAM, only I've changed the 500GB HDD with and 128GB SSD.

    5. The Dell is old yes, but the HP Pavilion is just as old and works fine.

    4. Mintbox 2: Mobile Intel QM77 Chipset (Panther Point)
    Dell Optiplex: Intel something

    This is Sophos requirements stated by Sophos themselves, and it doesn't say anything about chipset:

    Sophos UTM installs on any dedicated X64 machine, turning it into a fully functional unified threat management firewall. Perfect for that spare machine you have sitting around!

    Minimum Hardware Recommendations

    • 1.5+ GHz processor (dual core+ recommended)
    • 1 GB RAM (2GB strongly recommended)
    • 60 GB hard disk
    • Bootable CD-ROM
    • 2 or more network cards
  • I'm running my UTM on a Dell 7010 but with a Dual Intel NIC and Single Intel NIC card.

    The dual LAN Port card is my bridged LAN ports and the other single Intel Card is my WAN port.

    I have yet to see any dropouts with this setup.

    I made sure the bios is setup with NO power management and disabled C-States.

  • In reply to dark moon:

    Well, I just can't get Sophos UTM to work on my Dell Optiplex with two Intel NICS. It's a shame. I wonder why....

  • In reply to Sven David Hildebrandt:

    Sven, does #7 in Rulz offer any help?

    Cheers - Bob

  • In reply to BAlfson:

    Hi, I haven't see this one, but first sight looks great. I will check it out and let you know!

  • In reply to BAlfson:

    Hi,

    I am so sorry for my incredible late answer in this thread. I am now able to continue this issue. I've tried the tips in Rule #7 without success. A MTU of 1350 didn't help.

     

    What happens during a speed test is that download is ok. But when uploading the speed is trash. Sometimes it goes high only to go low, and then the WAN interface goes down for a short while. Any more ideas??

    See images:

     

     

  • In reply to Sven David Hildebrandt:

    I've given up on the Mintbox and try to concentrate on the Dell Optiplex. I tried with the lastest 9.5 firmware but still the same problem (see previous post).

     

    So the NICs are one integrated Intel 82578DM  and the other one is a brand new Intel Pro 1000 GT.

     

    Can anyone please help?

     

     

  • In reply to Sven David Hildebrandt:

    Sven, try a google on

    site:community.sophos.com/products/unified-threat-management/f external state down

    The first result is a 10-year-old thread with a lot of suggestions for you.

    Cheers - Bob

  • In reply to BAlfson:

    Hi Bob,

    Maybe I didn't find the correct thread, because all I can see are suggestions about restarting the cable modem. I believe the issue in this thread is that the WAN link is down all the time.

    My problem is that it just temporarily goes down every time I do a speed test or maximize my connection, and it's only for a few seconds.

    Other info: I live in Norway and the cable modem is basically a fiber modem in transparent mode. I can't access it in any way. This means I can't adjust the connection speed or anything like that. It just passes all the traffic through. The fiber cable is terminated inside it and I have a RJ45 WAN port. I get DHCP from my ISP.

  • In reply to Sven David Hildebrandt:

    Hmm, it sounds like you either need a different NIC for your External interface or that the fault lies in the fiber modem.  If the problem persists when you connect a PC directly to the modem, does your ISP have any throttling in place?

    Cheers - Bob
    PS Norway?  Check out my son Richie in the Alt for Norge reality show.  The 12th episode of the current season airs on Sunday.

  • In reply to BAlfson:

    Hi Bob,

    Thanks for your reply!

    1. So it's likely that the built-in Intel 82578DM NIC is not compliant?

    2. Would it be worth a try to change the 'order' of the adapters? To use the Intel Pro 1000GT as the WAN interface and the other as the LAN interface? Can you do this without reinstall?

    3. What is a recommended compliant NIC with dual GB-port that I can install into a PCI-port? (not PCIe).

    4. Norway it is :-) I don't have access to that channel but I'll try to download it somewhere. Which one is Richie? https://www.facebook.com/altfornorge/photos/rpp.116676995010503/1616113921733462/?type=3&theater

    Rgds,

    Sven David

  • In reply to Sven David Hildebrandt:

    Hei Sven David,

    1. Maybe.  #7 in Rulz includes "(NOT an Intel 82574 based NIC due to bugs from Intel that aren't fixed - the 210 series is good)"

    2. Definitely worth a try.

    4. The tall, really handsome one with the long blond hair. Wink

    Cheers - Bob

  • In reply to BAlfson:

    Unfortunately switching the network adapters didn't help either :-(

    Crap..

    My old PC that works with Sophos UTM has only 100Mbps NIC for the WAN-port and my provider has upgraded me to 250Mbps without any extra charge. Well, this isn't that important, but it's sad to not get Sophos UTM to work stable on any other PC than an OLD HP Pavillion.

    When I do speed tests on the Dell optiplex I get packet loss and generally very unstable internet, and unpredictable speed. Sometimes full speed and other times no speed at all.

  • In reply to Sven David Hildebrandt:

    I've given up on the UTM. In my opinion this software is extremely picky on its NICs. As a last attempt I tried a brand new D-Link network card instead of the Intel PRO 1000GT in the Dell Optiplex, but with the same poor result. (and yes. I did a reinstall of the UTM software after changing the NIC, just to be sure).

    So I gave Sophos XG a shot and turns out it works perfectly on the same Dell Optiplex, whereas the UTM was unusable. I do not at all like the XG user interface compared to the UTM, but I'd rather have something I can use.

    Thanks for every contribution in this thread.

    Regards,

    Sven David