Thread Info
  • State Verified Answer
  • Replies 2 replies
  • Subscribers 9 subscribers
  • Views 3898 views
  • Users 0 members are here
Options
Suggested

Central Firewall management unresponsive. Unable to load page. Check your network connection; 504 Gateway Time-out

LHerzog

Im currently managing and deleting built-in Host Objects, Web Policies and so on and creating my own stuff on a fresh install of XG136 HA on a 400Mbit cable WAN line from Sophos Central Management.

While working it occours often that the Web-Frontend is not responding and shows a spinning wheel for minutes

and showing errors like:

On WebAdmin in a red box on top right corner:

Unable to load page. Check your network connection

Or the Browser showing an error:

504 Gateway Time-out

URL (edited for privacy) is: fw-sso.0101.fw.prod.hydra.sophos.com/.../index.jsp

If you wait 5 minutes and refresh the page, you can start working again until it happens again after a random short time.

Other issues:

Page not loading correctly

  • 0

    Hi,

    an update: there are 2 HA Clusters connected simultaneous from that WAN Router IP.

    Not enough, there is a 3rd HA cluster connected from that WAN IP but to an other Central account.

    It is for setup of the machines and testing only. Not a productive scenario.

    FW Management is currently not possible over Central. It is unusable.

    As a test I shut down one of the clusters.

    Management of the remaining cluster is now possible and response time is good.

    Can you please describe why it does not work, when 2 clusters are connected to Central Management from the same WAN IP? This does not make much sense to me.

    Our Sophos Partner told us, this should not be a problem. But it is for us.

    From the screenshot: I shut down the first HA cluster.

    The 3rd cluster on the other Central account is already off since 14 days.

    The second cluster is now manageable only since the first is turned off. You see from the WAN IP, they  use(d) the same WAN IP.

  • +1 in reply to LHerzog

    This issue is probably caused by XG / XGS of the same Modell are all using the same MAC address on WAN Port2 when HA is active.

    So this is ARP issue because the WAN switch is continously relearning the same MAC on different Ports.

    Workaround:

Unfiltered HTML