Firewalls do not connect backup to the internet after ISP goes down and back up

Question

I have two clients that use the same ISP. One client has an XGS87 and the other XGS116. The ISP does scheduled maintenance at night knocking the firewall offline. My clients will have to power cycle the firewalls to get them to connect in the morning after this. One client has a static IP assigned, IPv4 the other client is set to DHCP. 
 I also have a third client with an XGS116 on a different ISP and this happens as well. I have never had this issue with other firewalls I have used in the past. My clients are becoming frustrated. Is there anything I can do or try?

Vishal_R · Accepted Answer

Hi Nicholas Pick Yes work is in progress with the mentioned feature request ID in my last comment to enhance this existing working behavior.

Vishal_R · Answer

Hi Nicholas Pick Thank you for reaching out to the Sophos community team if I summarize the issue here, "XG WAN Interface configured with IP assignment type DHCP" is not getting auto-reconnect after scheduled maintenance at the ISP end and the customer required a reboot of Firewall to make the ISP online! Am I correct in this understanding and issue summarization? If yes, then the DHCP client (XG WAN) will not send new IP [release/renew/reconnect] requests until its lease time ends. So making the modem ON/OFF or plugging/unplugging the physical link/ISP scheduled maintenance generating disconnection.. etc will not trigger any DHCP client renewal events. This is how the DHCP client has worked in SFOS since its inception. Workaround: One can avoid rebooting of firewall and may log in to Firewall Webadmin and save the DHCP WAN interface/update the DHCP WAN interface without any changes in interface settings as this event will forcefully restart the DHCP client and due to that IP will lease from the DHCP server. There is a feature request to try and resolve or to enhance this current behavior under the following existing ID SFSW-I-1139. So you can submit your Feature Request using the in-product feedback in the Sophos Firewall located in the Top Menu Bar. 
 
 You can also log a support case to raise a feature request which you can track it later with your sales account manager/local sales representative or TAM. 
 
 In case I misunderstood the scenario, please brief me with more details or observations, so I can re-assess the situation and may provide my inputs to help you on same!

Firewalls do not connect backup to the internet after ISP goes down and back up

Top Replies