Internet & Site to Site VPN disconnections after Cyberoam to Sophos Migration

We were using Cyberoam 100iNG and recently migrated to Sophos XG210. The configurations were doing by restoring the backup from Cyberoam to Sophos. After that everything seems to be working fine and sometimes the internet gets disconnected for approximate 10 timeouts and coming back automatically. at the same time the site to site VPN also getting disconnected and connected back.

 

this fluctuation is happening many times in a day of operation. Is this a general issue of migration? How this would be resolved? 

can anybody help us in this case?

  • Hi  

    1)When Internet get disconnected are you able to see gateway up/down events? 

    If this one is true then you may check the dgd.log to confirm why gateway going down ( may be not able to receive PING reply from gateway fail over IP ) and based on that if needed you may change gateway fail over rule under gateway settings.

    Log file guide : 

    https://community.sophos.com/kb/en-us/132211

    How to find the log file:

    https://community.sophos.com/kb/en-us/123185


    2)When Internet get disconnected are you able to see WAN Interface up/down events? 

    If Interface is also getting up/down you may confirm more logs under syslog.log and try by changing the cable or negotiation speed etc.

    3)Is site to site VPN getting disconnected at the same time when Internet gets disconnected ? 

    If disconnection time for IPSec and gateway disconnect matches then it is gateway/Interface which is causing IPSec disconnection.

    If the disconnection time is different for IPSec and gateway disconnection then there could be several reasons and need to check and confirm IPSec disconnection logs from charon.log