Important note about SSL VPN compatibility for 20.0 MR1 with EoL SFOS versions and UTM9 OS. Learn more in the release notes.

Thread Info
  • State Verified Answer
  • +4 person also asked this people also asked this
  • Locked Locked
  • Replies 16 replies
  • Subscribers 47 subscribers
  • Views 5749 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Problem with many User on V18

TimFranken

Today I had to realize that the V18 still has problems with the SSL-VPN access and several users.

Due to the current situation, home office has been prescribed in our company and so today almost 30 people had to work via SSL-VPN. But this seems to be too much for the V18. From about 20 users the V18 simply restarts without notice.

I watched the whole thing 3-4 times within an hour and had to reboot to V17.5. There the problem does not exist.

We have an XG330 Rev.2 so the Hardware is not the Problem.



This thread was automatically locked due to age.
Parents
  • 0

    Hi,

    I have the same problem. Sophos Support told me there is problem with the hardware. This was the reason he thinks it is the hardware.

    XG310_WP02_SFOS 18.0.0 GA-Build339# tail -f syslog.log
    Mar 18 13:22:49 (none) local0.err [ctipd][5002]: CEnginesContainer::GetCacheDelta - HttpError: 400

    I dont think it is a hardware error tho, since we have a HA setup and the issue is with both firewalls.

    He told me to try and reimage the firewall

    Article ID: 126906
    Title: Sophos XG Firewall: How to re-image the appliance
    URL: https://sophos.com/kb/126906

    I will try to go back to V17 for now and see how it goes.

  • 0 in reply to Jakob P

    Hello all,

    this is not a problem with HW appliance, our customer has vmware virtual appliance (SFV4C6) and has absolutely identical problems!!!

    Regards

    alda

  • 0 in reply to alda

    We run SFV4C6 on VMware 6.5. Upgrade from SFOS 17.5.9 MR-10 to SFOS 18.0.0 GA-Build339 on Saturday. First sudden restart on Monday morning, six times yesterday and ten times today. It looks like some kernel panic problem if the number of SSLVPN connections exceeds 15.

    The dots only in /log/syslog.log before "syslog.info syslogd started: BusyBox v1.21.1" messages. Sometimes "vcpu-0| I125+ The CPU has been disabled by the guest operating system. Power off or reset the virtual machine." messages in vmware.log on ESXi host.

    Regards

    TL

Reply
  • 0 in reply to alda

    We run SFV4C6 on VMware 6.5. Upgrade from SFOS 17.5.9 MR-10 to SFOS 18.0.0 GA-Build339 on Saturday. First sudden restart on Monday morning, six times yesterday and ten times today. It looks like some kernel panic problem if the number of SSLVPN connections exceeds 15.

    The dots only in /log/syslog.log before "syslog.info syslogd started: BusyBox v1.21.1" messages. Sometimes "vcpu-0| I125+ The CPU has been disabled by the guest operating system. Power off or reset the virtual machine." messages in vmware.log on ESXi host.

    Regards

    TL

Children
  • 0 in reply to TomasLavicky

     

    can you share logs with ?

    This issue is serious specially now that the world is relying on VPN and must be treated soon.

    Please let us know.

    Thanks

  • 0 in reply to lferrara

    Nothing interesting in /log/syslog.log around reset:

    Mar 18 10:34:48 (none) user.err kernel: [  400.788292] 215:appfiltermap_adt_parser:policy 7 max app order  
    2 max eac apporder 0
    Mar 18 10:34:48 (none) user.err kernel: [  400.788296] 711:appdev_write:count 2011
    Mar 18 10:34:48 (none) user.err kernel: [  400.788299] 758:appdev_release:dev open 3
    Mar 18 10:34:48 (none) user.err kernel: [  400.788300] 771:appdev_release:counter 7 size 128
    Mar 18 10:34:48 (none) user.err kernel: [  400.788301] 774:appdev_release:dev open 0
    ..........................................................................................................
    ....................................Mar 18 10:35:48 (none) syslog.info syslogd started: BusyBox v1.21.1
    Mar 18 10:35:48 (none) user.notice kernel: klogd started: BusyBox v1.21.1 (2020-03-04 19:44:36 CET)
    Mar 18 10:35:48 (none) user.notice kernel: [    0.000000] Linux version 4.14.38 (jenkins@ci-1) (gcc versio
    n 7.3.0 (OpenWrt GCC 7.3.0 7185-ged7f3dd9)) #2 SMP Wed Mar 4 22:26:05 CET 2020
    Mar 18 10:35:48 (none) user.info kernel: [    0.000000] Command line: BOOT_IMAGE=/18_0_0_339 quiet console
    =tty0 console=ttyS0,38400n8

    /log/sslvpn.log rounds in few minutes. I have none in time of reset.

    SFV4C6_VM01_SFOS 18.0.0 GA-Build339# ll /log/sslvpn*
    -rw-r--r--    1 root     0         51282011 Mar 18 17:25 /log/sslvpn.log
    -rw-------    1 root     0         67640645 Mar 18 17:20 /log/sslvpn.log.0

    We're trying to move to L2TP or we will downgrade to SFOS 17.5.9 MR-10.

Unfiltered HTML