Hi,
I have problem with pppoe connection which I don't know how to solve
MTU 1492
MSS 1452
no web policy
no ips
no DoS
tried changing port (on port 2 connection was terrible)
Problem is that pages are loading slow, after I press "enter" on url nothing happens for 10 seconds and then it start to looking for page. I checked on multiple pc's, diferent browsers and directly plugged to lan port (without other clients). Internet speed is about 200 mbps faster on ISP equipment. Behind XG I get around 350 download and 200 upload.
Maybe this has to do something with dns but I don't know how to troubleshoot.
Thanks.
Carlo
A good indicator of troubleshooting is developer mode of your browser.
Press F12 and check the Network tab.
There you should find an information about delays.
Hi Carlo
How about you connect PPPoE directly on laptop and what speet test shows ? and output for ipconfig /all for windows system ?
Please take SSH access of the device and Login to console and execute the command system diagnostics show syslogSave the PPPoE interface configuration and check the output command for PPPoE and share the output.You may also execute the command show pppoe connection status
Please refer the below link and update the ppoe configuration :
https://support.sophos.com/support/s/article/KB-000035683?language=en_US
The web GUI only shows the PPPOE WAN connection MTU value of 1500, and this is the physical interface. The command-line interface (CLI) shows the physical interface and the logical interface. The physical interface for the WAN connection in the CLI has an MTU value of 1500. The logical interface displays an MTU of 1492 and is always deducted by eight due to the PPPOE overhead. The only way to drop the MTU for a PPPOE connection is through the web GUI. For example, if the physical interface is 1500 and an MTU of 1484 is required by the PPPOE connection, drop the physical interface to 1492.
To change the mss or mtu use below command
console> set network mtu-mss PortB mtu <value> mss <value>
Thanks and Regards
"Sophos Partner: Infrassist Technologies Pvt Ltd".
If a post solves your question please use the 'Verify Answer' button.
Thank you for answering.
Output's
console> system diagnostics show syslog Jul 22 18:52:33Z localhost pppd: Port2.995: peer from calling number XX:4D:29:EX:XX:XX authorized Jul 22 18:52:36Z localhost pppd: Port2.995: Failed to create /etc/ppp/resolv.conf: Read-only file system Jul 22 18:52:36Z localhost pppd: Port2.995: local IP address xxx.xxx.xxx.xxx Jul 22 18:52:36Z localhost pppd: Port2.995: remote IP address 10.0.0.1 Jul 22 18:52:36Z localhost pppd: Port2.995: primary DNS address 18x.xxx.xxx.1 Jul 22 18:52:36Z localhost pppd: Port2.995: secondary DNS address 10.0.0.1 Jul 22 18:52:40Z localhost ipsec_starter: expanding file pattern '/_conf/ipsec/connections/*.conf' failed: No such file or directory Jul 22 18:52:40Z localhost up_tunnels_on_id(): Making connections on interfaceid 3 up or add (as per their auto= configuration) Jul 22 18:52:40Z localhost ipsec_starter: expanding file pattern '/_conf/ipsec/connections/*.conf' failed: No such file or directory Jul 22 19:01:26Z localhost cish: session opened from console
console> show pppoe connection status ----- PPPoE Connection Status ----- Port2(xxx.xxx.xxx.xxx) : Connected
After I execute that command I cannot browse internet any more. Need to return to old settings 1492/1444
does this mean something?
Please check the status for the below commands
system appliance_access show
system firewall-acceleration show
Thanks
console> system appliance_access show Appliance access disabled. console> system firewall-acceleration show Firewall Acceleration is Enabled in Configuration. Firewall Acceleration is Loaded.
can you disable firewall acceleration and check website loads ?
Since when you identified the issue, any change done on upstream router and caused the issue?
May be live session is required to generate proper logs and investigate the issue along with packet flow from Sophos firewall
Have you raised support case ?
Please check if there is no issue with mss too as tcpdump you shared not having enough information
console> set network mtu-mss Port2 mtu default mss 1380
Please revert the old settings if no change is found
Aslo, check the interface negotiation 100FD or 100HD ,you may also check if there is any negotiation issue between WAN or LAN with the next-in-line device.
Open Console go to Option 4 and type ethe command
console > system dia uti band "press 'u' twice"
Check if there is any error's E/S (error/second)
If so then lower the link speed.
Also, another step provide us the output of the command;
Console> sh net interfaces
Please check SSL/TLS Inspection logs as well and share the output