Hi everyone,
I hope you can help me out here.
I found something quite strange, but since I just started using Sophos recently, I might have misconfigured something.
Via WebUI, when I go to Diagnostics and try to run a ping or traceroute to a specific VLAN using the LAN interface, I always get 100% packet loss on ping, and on traceroute I see multiple host unreachable (!H) responses.
However, when I perform the exact same test via the CLI (console), everything works fine. I can ping the destination and get a proper traceroute result.
Here is an example of the WebUI traceroute output:
Traceroute to 192.168.7.2 (192.168.7.2), 30 hops max, 46 byte packets
1 * * *
2 192.168.1.235 48.110 ms !H * *
3 * 192.168.1.235 68.253 ms !H *
4 * * 192.168.1.235 68.085 ms !H
5 * * *
6 192.168.1.235 68.925 ms !H * *
7 * 192.168.1.235 67.119 ms !H *
8 * * 192.168.1.235 68.349 ms !H
9 * * *
10 192.168.1.235 67.822 ms !H * *
11 * 192.168.1.235 68.479 ms !H *
12 * * 192.168.1.235 67.992 ms !H
13 * * *
14 192.168.1.235 70.116 ms !H * *
15 * 192.168.1.235 68.280 ms !H *
16 * * 192.168.1.235 69.090 ms !H
17 * * *
18 192.168.1.235 69.123 ms !H * *
19 * 192.168.1.235 74.238 ms !H *
20 * * 192.168.1.235 65.492 ms !H
21 * * *
22 192.168.1.235 68.467 ms !H * *
23 * 192.168.1.235 73.351 ms !H *
24 * * 192.168.1.235 69.655 ms !H
25 * * *
26 192.168.1.235 63.660 ms !H * *
27 * 192.168.1.235 68.248 ms !H *
28 * * 192.168.1.235 68.541 ms !H
29 * * *
30 192.168.1.235 68.723 ms !H * *
192.168.1.235 is my Sophos firewall
192.168.7.2 is a device on one of my VLANs
And here is the same test via shell:
SFVH_KV01_SFOS 21.5.0 GA-Build171# traceroute 192.168.7.2
traceroute to 192.168.7.2 (192.168.7.2), 30 hops max, 46 byte packets
1 192.168.7.2 (192.168.7.2) 3.293 ms 1.035 ms 1.141 ms
Could this be a bug? Or am I doing something wrong? Any help would be greatly appreciated!
Thanks in advance.
Quote