Important note about SSL VPN compatibility for 20.0 MR1 with EoL SFOS versions and UTM9 OS. Learn more in the release notes.

This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Wireless Devices stay connected but internet stops working

Hello,

I have a Sophos XG home setup with the Sophos AP 55C configured for wireless. I have a strange issue where the devices at home which are wireless, will be working fine, but then the internet just stops working, but the wireless stays connected.

For example: my iMac which is setup wirelessly will be working fine when I am working on a VPN connection to another site, but then the RDP will become completely unresponsive. I check the wireless and it shows connected. When I try to launch a web page, It sits forever and then says cannot access site. However, everything SEEMS to be working okay. The only way for me to fix this, is to turn off the wireless, then back on and it resumes working perfectly.

This occurs with our phones as well as any wireless connected devices after awhile. It tends to last about a week per device, sometimes devices (like my iMac), require the wireless to cycle once every few days. This is especially the case if I have not used the device for a couple days.

I am not sure where to start looking, I figured this could be the AP, but another device, such as my phone will work fine when the iMac goes out. I am thinking this could be a network issue or possible DHCP? I am not.

Wired devices seem to work just fine.

Thanks.



This thread was automatically locked due to age.
  • FormerMember
    0 FormerMember

    Hi Dfoolio,

    Could you please check below steps when this issue occurs: 

    1. Are you able to ping IP address of the AP?

    2. Are you able to ping gateway IP address? 

    3. Are you able to ping 8.8.8.8? 

    4. Have you notice this issue across all the devices in your home network?

    5. Does it recovers without any changes within 5 to 10 minuets? 

    6. Is there any other wireless access point in your home network? 

    Thanks,

  • Hi Patel,

    1. Are you able to ping IP address of the AP?

    The AP is Pingable from devices that still have network, I have not been able to test this from a device that goes off network and will report back once I do

    2. Are you able to ping gateway IP address?

    I have to test this as well, when one device goes out, I can ping the gateway from a device that has network connectivity

    3. Are you able to ping 8.8.8.8?

    No it doesn’t ping from the device with internet issues

    4. Have you notice this issue across all the devices in your home network?

    Yes but it’s not at the same time. It’s intermittent, sometimes it’s a phone and sometimes it’s a laptop or a desktop.

    5. Does it recovers without any changes within 5 to 10 minuets?

    It doesn’t recover

    6. Is there any other wireless access point in your home network?

    No, we have the one AP

  • Hi Patel, Please see my additional updates below

    1. Are you able to ping IP address of the AP?

    The AP is Pingable from devices that still have network, the AP is not pinging when the device falls off the network

    2. Are you able to ping gateway IP address?

    I did the ping test when my iMac fell off, and I had 89.8% packet loss pinging the gateway, all other devices are fine when they are connected

    3. Are you able to ping 8.8.8.8?

    No it doesn’t ping from the device with internet issues

    4. Have you notice this issue across all the devices in your home network?

    Yes but it’s not at the same time. It’s intermittent, sometimes it’s a phone and sometimes it’s a laptop, phone, appletv or a desktop.

    5. Does it recovers without any changes within 5 to 10 minuets?

    It doesn’t recover

    6. Is there any other wireless access point in your home network?

    No, we have the one AP

  • FormerMember
    0 FormerMember in reply to dfoolio

    Hi dfoolio,

    Can you check what is the AP firmware version? If it is not updated please update it by navigating to Backup & Firmware > Pattern updates > If there is new pattern update available click on install. 

    Thanks,

  • H_Patel said:
    Hi dfoolio,

    Can you check what is the AP firmware version? If it is not updated please update it by navigating to Backup & Firmware > Pattern updates > If there is new pattern update available click on install. 

    Thanks,

    Hi Patel, I have the latest version installed.

  • Hi,

    please provide a simple network diagram showing how your AP is connected eg is it using PoE via an injector or via PoE capable switch?

    Ian

    XG115W - v20.0.2 MR-2 - Home

    XG on VM 8 - v21 GA

    If a post solves your question please use the 'Verify Answer' button.

  • Hello,

    The WAP is connected via power injector to port 3 of the firewall.

    I have a managed switch connected to port 1 of the firewall. Port 2 is the WAN.

    Here's a screenshot of the interfaces:

    rfcat_vk said:

    Hi,

    please provide a simple network diagram showing how your AP is connected eg is it using PoE via an injector or via PoE capable switch?

    Ian

     

  • Hi,

    I haven't given up. I am thinking about your wifi setup and your use of wifi networks rather than wifi of a LAN.

    What happens when you force th iPhone onto a 2.4ghz channel

    Ian

    XG115W - v20.0.2 MR-2 - Home

    XG on VM 8 - v21 GA

    If a post solves your question please use the 'Verify Answer' button.

  • Haven't had a chance to try again per the request, but in the past, it's the same results.

    Additionally, I did the WiFi to LAN because of an earlier problem:

    We have a Lutron Casseta smart lighting system which is plugged into the LAN. So whenever we used wireless siri devices to control the lighting (everything on the wifi), it would only work 25% of the time and couldn't communicate with Apple's protocol. I even tried configuring a Raspberri Pi to be a repeater but it just started causing the devices to replicate host names.

    rfcat_vk said:

    Hi,

    I haven't given up. I am thinking about your wifi setup and your use of wifi networks rather than wifi of a LAN.

    What happens when you force th iPhone onto a 2.4ghz channel

    Ian

     

  • It would help to have a physical and logical drawing of the network.

    So 172.16.10.0/24 and 172.16.12.0/24 is your LAN and 172.16.11.0/24 and 172.16.14.0/24 are your WiFis. Devices on the LAN Network are working as expected.

    Does this happen on devices in WiFi and WiFi5g? If not - which one is not working?

    If it is happening - do you see DHCP lease entries for your WiFi devices on your DHCP server? What is their expiry date and time?

    Could it be that the WiFi devices stop working when the lease expires? Does the behaviour change when you configure a longer leasetime (e.g. one month).

    Are there enough free IPs in the DHCP lease table?

    Is DHCP still working for the devices on the LAN if the issue occurs (do an ipconfig /release and ipconfig /renew) and see wether erverything is working afterwards.


    Check the logs of the Switch.

     

    Advanced troubleshooting:

    Set up a mirror port on the switch for the port the AP is connected. Check the traffic on the port. Is anything (e.g. ping, DHCP requests) coming trough from the client that is not working?

    Check the logs of the firewall for IP entries or MAC entries of the client that is not working.

     

    Possible workaround:

    Create a bridge. Use one LAN subnet and connect Wifi, Wifi5G and Port 1 and Port 5 to the bridge.

    Note: My colleage tells me that his happening in our HP APs / Sophos environment as well also on one Site with Sophos APs and Sophos Firewall. However I never have seen this personally and for this reason I was not able to do any troubleshooting. 


    Lately we had severe issues on one site where DHCP, DNS and internet access was not working. We did a reboot and everything worked fine again.

    We also saw situations where old connections wer still working but no one was able to create new connections.