Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 1 reply
  • Subscribers 3 subscribers
  • Views 1339 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Red 50 not letting traffic pass through!

mason driskell

I have a Sophos XG230  and a Sophos Red 50 ( fixed it myself after hours of reading and trying stuff, 2 hours on tech support did nothing )

 

My problem occurred when the Sophos XG230 updated from SFOS 17.5.8 MR-8 to SFOS 17.5.9 MR-9

The Red50 would connect/make a tunnel and pass out IP addresses to the devices behind the red but it stopped letting any traffic through the Red50.

No internet, Not able to touch the subnet the XG230 was on, Nothing!

The tunnel worked, the DHCP worked, I could see the IP addresses from the GUI of the XG230 just fine.

WTF is going on here?

I called tech support and they tried for over an hour and a half then wanted to check the logs via ssh. I do not have my admin password since the MSP who set this up fired their one and only Sophos guy and couldn't find the password anywhere.... so its not all sophos tech support faults although I imagine a bug like this they should have some sort of notes on the firmware about it. 

They told me "we cannot go further until we get the admin password, ill send you the info to reset it and you can call back"

After waiting 30+ minute on hold the first time I thought, I'll backup the setting and read every forum post I can and try to just wing it myself.

After an hour or so of reading and trying to add/remove the red myself, uncheck all subnets, change ip ranges , re-add all the settings, etc... I came across a post on spiceworks about how in a way older version of the firmware there used to be a bug about turning off QOS, the guy had a red10 but I thought I would give it a try, reset all the settings back to the pre-firmware update crash and thats it QOS was causing everything to not pass through.

Answer = Try turning off QOS

in the Sophos XG GUI left menu

[System services]  -  [traffic shaping]

 KB/s(1 - 2560000)
Optimize for real-time (VoIP)  Disable     Enable
Enforce guaranteed bandwidth  Disable      Enable

 

Thats it hours of headache & tech support over some stupid bug and just disabled 2 settings and everything is back to normal. Subnets can see each other, red50 lets internet traffic and network traffic passthrough it just fine now...

This works for us and we haven't seen any voip issues so far at all.

 

 

I hope this helps other people who were looking on this forum and didn't find the answer they need.



This thread was automatically locked due to age.
  • 0

    Hi Mason and welcome to the Sophos Community!

    Thanks for making your first contribution here an answer!

    Please join the XG Firewall Community so that a mod can move this thread there.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Unfiltered HTML