This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

QoS change = broken internet

Hi. Hope I'm posting in the correct group..

I'm trying to change the up and down speed of the external NICs QoS rule. When I make the change, I have no internet connection. Turning the QoS of for that interface has the same effect. Looking at the firewall log, there are a lot more blocks taking place than usual. DNS is also getting blocked then.

Reverting the QoS settings gets the internet back and stops the DNS blocking in the firewall. I am however getting packet loss when doing a ping test from the utm to and external IP. Upload speed is also horrible.

I've tried different NICs (Intel), different cables and disabling every protection feature I could find, but nothing helps



This thread was automatically locked due to age.
  • Please show a picture of the Edits of the QoS Interface and rule that works.  Also show a picture of the change you made that blocks connection.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • Hi Bob

    Please see attached here. I don't have any rules yet, only these interface settings

    Working:

    Not working:

  • I've managed to get the settings changed now. First had to turn off the QoS interface, change the settings, turn off the actual interface under Interfaces and wait 1 minute, then turn the interface back on and then turn the QoS interface on. 

    I don't know if it's repeatable. Since I finally got it changed I don't want to test that right now.

    One thing I did notice is that when changing QoS settings, the loading/activity indicator ring at the top of the interface stays active and never stops. Maybe some process getting stuck, or just a glitch in the interface?

  • JOKER_ZA said:
    Hi. Hope I'm posting in the correct group..

    ...

    I've tried different NICs (Intel), different cables and disabling every protection feature I could find, but nothing helps

    Hi,

    strange error. Just for clarification, you don’t run on SG Hardware, but on a PC base system?

    -

  • I normally recommend never selecting 'Limit ...' on the 'Status' tab - what is it that you intended to accomplish with those selections?  I also recommend only selecting 'Upload optimizer' if, and only if, you have no Bandwidth Pools for the interface.  What are the up/down speeds your ISP brings to this connection?

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • BAlfson said:

    I normally recommend never selecting 'Limit ...' on the 'Status' tab - what is it that you intended to accomplish with those selections?  I also recommend only selecting 'Upload optimizer' if, and only if, you have no Bandwidth Pools for the interface.  What are the up/down speeds your ISP brings to this connection?

    Cheers - Bob

     
    Hello Bob,
     
    not directly related to this thread, but could you briefly explain why - never selecting 'Limit ...' on the 'Status' tab?
     
    Best regards,
    Alex
     

    -

  • Because it's a "dull knife" that limits all traffic, Alex.  QoS has the ability to do any desired limiting.  Why pay for bandwidth and then prevent the use of it?

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • Everything is still running fine. I'm going to test changing the settings again this weekend and report back.