SG210 stops passing https traffic

We have an SG210 currently running fw version 9.605-1 but the problem has been happening for more than a year so I don't really think the fw version is important. What happens is at random times web traffic just completely stops and sites time out. We are not using decrypt and scan for https traffic. I've tried disabling web filtering completely, as well as IPS, virus scanning, and ATP one at time and all at once but it still drops out. The problem seems to very random it can happen 2 or three times a day or once every two three weeks. To get it back up I can either reboot the utm, disable the WAN interface /or pull the WAN cable for about 20 - 30 seconds and everything goes back to normal. The live logs don't really show much when it's happening other that a bunch of sites timing out. The problem only pops up during working hours and I can't get much troubleshooting in with the phone ringing off the hook and people coming to my office to tell me its down again. Has anyone else had this problem or have any suggestions on what to look at?

  • never seen.

    Seems to be a problem with external connection.

    You are able to ping the ISP-gateway?

    I would place a switch between SG & ISP and pull the SG cable first and ISP cable next.

    If pulling the SG cable don't solve the problem, the ISP-Router is defect.

    But if pulling the SG cable solves the problem, try another Port at SG or RMA the device.

     

  • In reply to dirkkotte:

    Thanks for the reply, I'll give that a try!

  • In reply to csf45:

    Check the Anti-DOS/Flood settings as well since google chrome uses UDP 443 these days for a lot of the traffic.

    Most likely an ISP issue. 

  • In reply to MasterRoshi:

    MasterRoshi

    Check the Anti-DOS/Flood settings as well since google chrome uses UDP 443 these days for a lot of the traffic.

    Most likely an ISP issue. 

     

    Thanks for the reply, I just checked anti-DOS flood protection and none of the options are enabled, I believe I turned them off in a previous trouble shooting session.

  • Hi and welcome to the UTM Community!

    Dirk's suggestion is what I favor.  Sometimes, an ISP's equipment "swears" with a UTM.  Before replacing the ISP's equipment, try #7.7 in Rulz (last updated 2019-04-17).

    Cheers - Bob

  • In reply to BAlfson:

    Thanks for your input, we have a  500/50 fiber internet connection so our UTM is connected to an ONT that I can't get into or change any settings on so I have the WAN interface on our side set to auto negotiate. I currently have an unmanaged gig switch in between the UTM and the ONT as was suggested above. It's been up for a couple days now, of course I've seen it work for weeks at a time before but fingers crossed.

  • In reply to csf45:

    In your situation, that's the only solution.

    Cheers - Bob