Important note about SSL VPN compatibility for 20.0 MR1 with EoL SFOS versions and UTM9 OS. Learn more in the release notes.

Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 19 replies
  • Subscribers 44 subscribers
  • Views 11649 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Odd issue with internet access

alxl29

Hi,

I did several research and looked everywhere in the firewall, but I was not able to find an answer to my problem. Basically:

- I have an XGS126w with the latest OS

- The setup is fairly simple: 1 LAN on a private /24 subnet --> The Firewall --> Internet connection via the internet provider's gateway

- I set up a MASQ rule and ACL rule for the /24 subnet to access the internet, and but I still have no internet access

- However, as soon as I ping an internet target (like 8.8.8.8) from the firewall (Diagnostics -> Ping -> Ping 8.8.8.8 from my LAN interface), then the internet access starts working from my LAN.

- A few hours later, the LAN->internet access stops working again, and I have to ping an internet target from the firewall diagnostics tools again...

Did anyone see this issue before? I assume something happens when I ping 8.8.8 from the firewall, and I need to configure that thing in the firewall, but I can't figure out why... I'm happy to provide screenshots of my configuration if needed.

Many thanks for your help.

Alex



This thread was automatically locked due to age.
Parents Reply
  • 0 in reply to alxl29

    Hello there,

    If the issue persists, please open a case with Support and share the Case ID with us.

    I recommend you do a pcap when the issue isn’t happening and one when the issue is happening so support can compare both captures.

    Additionally, do a GUI Packet Capture, showing what firewall rules are hitting the traffic (when it is working) and do the same when the traffic stops working.

    And finally, do a conntrack during both scenarios.

    But it does sound like an issue with ARP, so you might want to check the connection between your Moden and the Sophos Firewall

    That should help support get started with the investigation.

    Regards,

     
    Emmanuel (EmmoSophos)
    Technical Team Lead, Global Community Support
    Sophos Support VideosProduct Documentation  |  @SophosSupport  | Sign up for SMS Alerts
    If a post solves your question use the 'Verify Answer' link.
Children
Unfiltered HTML