Losing DHCP Gateway

This problem started with 17.5.0 GA.  The firewall is handling DHCP for my lan.  Users have started to lose the default gateway(the Firewall) randomly throughout the day.  I have to either reset the switch or the desktop network adapter in order to regain internet connectivity.  This does NOT happen to all users at the same time.

I updated to XG 115 SFOS 17.5.5 MR5 but the problem still exists.  This actually introduced another problem of not being able to access the gui from Sophos Central, but that's not as pressing.  Any thoughts on this would be appreciated.

Thanks

Larnel

  • In reply to LuCar Toni:

    Out of curiosity what is the difference between Old and New?

  • In reply to LuCar Toni:

    DHCP "new" and Logviewers have been working since the upgrade ...

    Paul Jr

  • In reply to M8ey:

    I asked that question many times.  What's the difference between Old and New DHCP method.

    Paul Jr

  • Do other people mark this as solved with MR8? I still have the feeling that this issues is there.

     

    I'm getting a IP,gateway and dns from DHCP but I'm not able to ping to the internet directly, pinging our browsing a local SMB share works instantly. Looks like DNS is not able to resolve right away. We use our internal server for DNS.

     

    After a ipconfig /renew command it is working again, our just wait a few minutes that also solves the problem.

  • In reply to TonV:

    Mine has been good for about a month since i switched to the old dhcp method. I looked today and there is a new firmware update but the only fix it mentions closest to the problem is about wifi. 

    "NC-48031 [Interface Management] Wifi client did not get gateway and other config after reboot until enable and re-enable the wifi on client."

    Leter I will upgrade which I heard defaults back to the new method and then I will see what happens.  Here is the rest about the latest firmware update.

     

    A new firmware 17.5.8 MR-8 is available. We strongly recommend that you upgrade the device.
    Version
    • SF 17.5 MR8 (17.5.8.539)
    News
    • Maintenance Release.
    Resolved issues
    • NC-47055 [Authentication] Support >48 characters password length for Radius Server.
    • NC-46680 [Certificates] Completing CSR with certificate breaks SSL VPN.
    • NC-48512 [Dynamic Routing (PIM)] Multicast traffic getting stopped after update of interface.
    • NC-39749 [Email] Use FQDN in Quarantine Digest.
    • NC-40831 [Email] Add capability to increase size of Mail Quarantine area in UI.
    • NC-45305 [Email] SPX related reports not being displayed on the GUI .
    • NC-48542 [Email] Potential RCE via arbitrary file creation vulnerability.
    • NC-49003 [Email] Custom ports for SMTP proxy stopped working after 17.5.
    • NC-46938 [FQDN] FQDNd doesn't update/create ipset.
    • NC-46401 [Import-Export Framework] "/conf" partition is at 100% .
    • NC-47095 [Interface Management] TSO changes are not permanent in HA.
    • NC-48031 [Interface Management] Wifi client did not get gateway and other config after reboot until enable and re-enable the wifi on client.
    • NC-48487 [IPS Engine] Postgres taking high CPU.
    • NC-48956 [IPS Engine] Modify IPS TCP Anomaly Detection setting to disabled in default setting.
    • NC-46079 [Logging Framework] Garner coredump on aux node following upgrade to 17.5 MR3.
    • NC-46780 [Logging Framework] Reports not being generated when Email Notification feature is enabled.
    • NC-46879 [Sandstorm] Add support for Sandstorm's Frankfurt data centre.
    • NC-48718 [Service Object] Unable to edit service object that is assigned to a firewall rule.
    • NC-43625 [UI Framework] Adding VLAN interface fails in IE in HA Active-Active mode.
    • NC-45371 [UI Framework] Incorrect UI behavior for Web User Activities.
    • NC-45495 [Web] Policy Tester UI and overlay issues.
    • NC-45724 [Web] Full file download retry failure after 416 (Range Not Satisfiable) being returned by proxy.
    • NC-47626 [Web] Web category "Hacking" should be classified as "Objectionable" instead "Acceptable".
    • NC-47075 [Wireless] Export of the WirelessAccessPoint does not contain the Group .
    • NC-47115 [Wireless] WirelessAccessPoint includes the wrong value for .
    • NC-47738 [Wireless] XML import is failing for wireless config failing when RADIUS Server and Pending Access Points data is present in import file
  • In reply to JacobRodriguez:

    I run MR8 on new DHCP method since MR8 was released.

    Runs smoot up to now.

    Paul Jr

  • In reply to Big_Buck:

    Big_Buck

    I run MR8 on new DHCP method since MR8 was released.

    Runs smoot up to now.

    Paul Jr

     

     

    I AM SMOOT!!  Thank god our appliances cannot speak Stick out tongue  Wink

  • In reply to BLS:

    Our Ip phone subnet was down this morning.  Oops ...

    Revert back to Old method ...

    Paul Jr

  • In reply to Big_Buck:

    Thanks for posting. So apprently the fix they did this version MR8 was literally only for wifi like it said... was hoping for it to be across all lan

  • In reply to apalm123:

    I reverted back to OLD method as a preventive measure.  DHCP still failing is not a certainty by no mean.  We'll see if that subnet/interface freezes again tomorrow.

    Paul Jr 

  • In reply to Big_Buck:

    Oh interesting okay so maybe it's something else or maybe it's DHCP issue again in newest firmware. Off topic, but I know there's a command to disable SIP ALG which helped me once with VOIP subnet issues like that.

  • In reply to apalm123:

    Could not observe this issue on LAN anymore. The bug title is a little bit of, so it means, it should be resolved for both clients. 

    Sophos DEV found this issue first in Wireless clients, so the description was "wifi clients". But it was also fixed for LAN clients (basically the DHCP Server got fixed).

    My XGs runs with new. 

     

    Did somebody else observe this issue in new? 

     

     

    SIP: https://community.sophos.com/kb/en-us/123523

  • Guess i will go back to the new version today and try it out but the old dhcp has been great