Sophos AP/APX users may experience issues registering to Sophos Central. More info available here: Central Wireless
We'd love to hear about it! Click here to go to the product suggestion community
i have a very strange issue with my XG firewall.
i have 4 vlans and 1 ISP connection.
every few days, i find that connectivity is somehow faulty.
isp connection is stable but machines on (for example) clients vlan cannot get connectivity to nowhere.
i can ping the default gateway, but no more than that.
the firewall is online, but it is somewhat in a decreased functionality
these are example screenshots from a vm on the clients vlan...
ping to GW on the client vlan - OK
ping to GW on the servers vlan - OK
ping to a resource inside the servers vlan - FAIL
ping to 184.108.40.206 - FAIL
this happens every few days
if i do ipconfig /release followed by ipconfig /renew
the issue resolves.
DHCP is not running on the XG device but from a microsoft DHCP server
In reply to Avi Bar Ilan:
Hi Avi Bar Ilan,When there is a connectivity issue, are you able to ping the XG firewall IP of that specific LAN?Please make sure that all the static routes in the XG firewall are in place.Please check with the switch configuration as well.Please share the traceroute output when you face the issue.
In reply to Keyur:
as for your first question, yes - shown in my screenshot.
static routes have not been touched. when i do ipconfig /release + renew the client connectivity is fully restored including internal and external.
if this was an issue with static routes - ipconfig /release + renew would have no effect.
switch configuration is fine - we didnt have these issues before switching from fortigate to sophos.
traceroute when experiencing the issue looks like this: