This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Unstable Sophos UTM 9 - please help

Hi,

I'm running Sophos UTM 9 on an older HP Pavillion PC. I'm not sure about the specs but it works fine. Internet/LAN is stable. However, this PC is kinda noisy due to HDD and fans so I'm trying to get something more quiet and modern to run Sophos on.

First I tried installing Sophos on a Mintbox2: http://www.fit-pc.com/web/products/mintbox/mintbox-specifications/

Then I tried using Sophos on a Dell Optiplex 980: https://www.cnet.com/products/dell-optiplex-980-core-i5-650-3-2-ghz-4-gb-320-gb-4688405/specs/

I've installed SSD in both those machines. However, none of them can be used because WAN/LAN is completely unstable. WAN-link keeps going up and down and the network speed is slow. Whenever you do a line test the WAN-link goes completely down and LAN is generally unstable.

Does anyone have a clue why Sophos UTM 9 works on an older HP Pavillion but not on either the Mintbox2 or the Dell Optiplex?



This thread was automatically locked due to age.
Parents
  • I'm running my UTM on a Dell 7010 but with a Dual Intel NIC and Single Intel NIC card.

    The dual LAN Port card is my bridged LAN ports and the other single Intel Card is my WAN port.

    I have yet to see any dropouts with this setup.

    I made sure the bios is setup with NO power management and disabled C-States.

    Regards Simon

    Sophos XG 17.5.1 MR-1 | Dell 7010 | Intel(R) Core(TM) i5-3550 CPU @ 3.70GHz | 8GB Memory
    Samsung EVO 850 120GB SDD | 1x Intel 82574L / 2x 82571EB Gigabit Ethernet Controller (rev 06)

  • Well, I just can't get Sophos UTM to work on my Dell Optiplex with two Intel NICS. It's a shame. I wonder why....

  • Sven, does #7 in Rulz offer any help?

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • Hi, I haven't see this one, but first sight looks great. I will check it out and let you know!

  • Hi,

    I am so sorry for my incredible late answer in this thread. I am now able to continue this issue. I've tried the tips in Rule #7 without success. A MTU of 1350 didn't help.

     

    What happens during a speed test is that download is ok. But when uploading the speed is trash. Sometimes it goes high only to go low, and then the WAN interface goes down for a short while. Any more ideas??

    See images:

     

     

  • I've given up on the Mintbox and try to concentrate on the Dell Optiplex. I tried with the lastest 9.5 firmware but still the same problem (see previous post).

     

    So the NICs are one integrated Intel 82578DM  and the other one is a brand new Intel Pro 1000 GT.

     

    Can anyone please help?

     

     

  • Sven, try a google on

    site:community.sophos.com/products/unified-threat-management/f external state down

    The first result is a 10-year-old thread with a lot of suggestions for you.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • Hi Bob,

    Maybe I didn't find the correct thread, because all I can see are suggestions about restarting the cable modem. I believe the issue in this thread is that the WAN link is down all the time.

    My problem is that it just temporarily goes down every time I do a speed test or maximize my connection, and it's only for a few seconds.

    Other info: I live in Norway and the cable modem is basically a fiber modem in transparent mode. I can't access it in any way. This means I can't adjust the connection speed or anything like that. It just passes all the traffic through. The fiber cable is terminated inside it and I have a RJ45 WAN port. I get DHCP from my ISP.

  • Hmm, it sounds like you either need a different NIC for your External interface or that the fault lies in the fiber modem.  If the problem persists when you connect a PC directly to the modem, does your ISP have any throttling in place?

    Cheers - Bob
    PS Norway?  Check out my son Richie in the Alt for Norge reality show.  The 12th episode of the current season airs on Sunday.

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Reply
  • Hmm, it sounds like you either need a different NIC for your External interface or that the fault lies in the fiber modem.  If the problem persists when you connect a PC directly to the modem, does your ISP have any throttling in place?

    Cheers - Bob
    PS Norway?  Check out my son Richie in the Alt for Norge reality show.  The 12th episode of the current season airs on Sunday.

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Children
  • Hi Bob,

    Thanks for your reply!

    1. So it's likely that the built-in Intel 82578DM NIC is not compliant?

    2. Would it be worth a try to change the 'order' of the adapters? To use the Intel Pro 1000GT as the WAN interface and the other as the LAN interface? Can you do this without reinstall?

    3. What is a recommended compliant NIC with dual GB-port that I can install into a PCI-port? (not PCIe).

    4. Norway it is :-) I don't have access to that channel but I'll try to download it somewhere. Which one is Richie? https://www.facebook.com/altfornorge/photos/rpp.116676995010503/1616113921733462/?type=3&theater

    Rgds,

    Sven David

  • Hei Sven David,

    1. Maybe.  #7 in Rulz includes "(NOT an Intel 82574 based NIC due to bugs from Intel that aren't fixed - the 210 series is good)"

    2. Definitely worth a try.

    4. The tall, really handsome one with the long blond hair. [;)]

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • Unfortunately switching the network adapters didn't help either :-(

    Crap..

    My old PC that works with Sophos UTM has only 100Mbps NIC for the WAN-port and my provider has upgraded me to 250Mbps without any extra charge. Well, this isn't that important, but it's sad to not get Sophos UTM to work stable on any other PC than an OLD HP Pavillion.

    When I do speed tests on the Dell optiplex I get packet loss and generally very unstable internet, and unpredictable speed. Sometimes full speed and other times no speed at all.

  • I've given up on the UTM. In my opinion this software is extremely picky on its NICs. As a last attempt I tried a brand new D-Link network card instead of the Intel PRO 1000GT in the Dell Optiplex, but with the same poor result. (and yes. I did a reinstall of the UTM software after changing the NIC, just to be sure).

    So I gave Sophos XG a shot and turns out it works perfectly on the same Dell Optiplex, whereas the UTM was unusable. I do not at all like the XG user interface compared to the UTM, but I'd rather have something I can use.

    Thanks for every contribution in this thread.

    Regards,

    Sven David