Thread Info
  • State Suggested Answer
  • Locked Locked
  • Replies 4 replies
  • Answers 1 answer
  • Subscribers 40 subscribers
  • Views 2556 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Sophos XG HA PPPoE slow reconnect

Svigelj Levi1

Hello!

I have 2 PPPoE WAN connection to each other Sophos appliances

If i switch to the passive device manually or if one of the monitored interfaces goes down the pppoe reconnect time is so long, maybe this caused by the ISP modems?

I am interested in any ideas

Thank you!



This thread was automatically locked due to age.
  • 0

    someone else will know more, but I'm sure it's a known thing that PPPoE (or was it oA?) won't auto reconnect. You have to do it manually or reboot Sophos after the connection drops.

    ------------------------------------------------

    worlds number one free ICMP monitoring platform: https://pinescore.com

  • 0

    I don't know if this is only related to pppoe - we're having a different setup but with only one WAN Gateway on XG. The GW is an other LAN router.

    Whenever we have HA failover, manually or by fault, and the secondary node becomes active, the internal network is up after about 1-3 minutes but WAN traffic is only possible after waiting 10-15 minutes.

  • 0 in reply to LHerzog

    ahh this sounds different then, hopefully someone else can help.

    ------------------------------------------------

    worlds number one free ICMP monitoring platform: https://pinescore.com

  • 0

    Hi,  Technically it is not possible to have a PPPoE connection from both PRIM and AUX on the same link at the same time, and considering that fact PPPoE configuration on XG with HA setup is only supported with Active-Passive mode.

    Now during HA failover PPPoE will disconnect as PPPoE is not running on the AUX machine and AUX (node) which has taken the role of primary will start the PPPoE connection again with ISP modems. During this disconnection now syslog.log will give more clues why the delay happens in reconnecting PPPoE by analyzing the PPPoE handshake status.

    Note: In the past, with such issues, it was observed that the new primary node (after HA failover) was not receiving PADI packets response because of MAC binding at the ISP end/ ISP modem.

    Regards,

    Vishal Ranpariya
    Technical Account Manager | Sophos Technical Support
    Sophos Support Videos | Knowledge Base  |  @SophosSupport | Sign up for SMS Alerts |
    If a post solves your question use the 'This helped me' link.

Unfiltered HTML