Internet becomes unresponsive after several days?

This is the second time this has occurred since using v18 EAP. I've also had this issue occur a couple times when running v17 but it wasn't as frequent. With v18 EAP, after Sophos XG has been running for several days (over a week), sometimes the internet becomes unresponsive as in I can't access anything. For example, if I try to access a website, it just continues trying to load and eventually times out. At first, I thought it was an ISP issue so I would reset my cable modem but that didn't fix the issue. I can still access devices on my local network just fine, such as the Sophos XG web UI. What I did notice in the web UI is the "Sessions" count under System in the Control Center indicates a very high number when I'm having these issues. It seems to fluctuate from ~800 up to 2.5k. I have about 30-40 devices on my network (one computer, mobile devices, smart home devices, etc.). Typically, my Sessions count is somewhere around 20-50. After restarting Sophos XG, the count goes back down to what I normally see and everything works fine.

Anyone else experiencing similar issues? Is there any specific log I can save when this issue occurs? Unfortunately, I'm running this on my home network so I can't just leave it in an unusable state.

Parents
  • Hi Shred,

    have you tried editing the WAN interface, but not making any changes then saving?

    Ian

    XG115W - v20.0.2 MR-2 - Home

    XG on VM 8 - v21 GA

    If a post solves your question please use the 'Verify Answer' button.

  • Such issues with multiple sessions could be caused still by WAN ISP. 

    If your client cannot connect properly, he will access multiple times, all the times, and XG will hold those sessions. 

    Without a Dump, it is hard to tell, what is going on. 

     

    If this issue appears, could you take a look at the tcpdump? 

    Which Provider / box do you use? Something on this box? 

     

    I found an issue with my Unitymedia box in Germany. This ISP box did some similar issues. Actually it responded to all DNS request with his own IP. So Google was 192.168.1.1 etc. All my clients started to connect to this unitymedia box. 

    This issue came up couple of times and stopped after some weeks. 

    __________________________________________________________________________________________________________________

Reply
  • Such issues with multiple sessions could be caused still by WAN ISP. 

    If your client cannot connect properly, he will access multiple times, all the times, and XG will hold those sessions. 

    Without a Dump, it is hard to tell, what is going on. 

     

    If this issue appears, could you take a look at the tcpdump? 

    Which Provider / box do you use? Something on this box? 

     

    I found an issue with my Unitymedia box in Germany. This ISP box did some similar issues. Actually it responded to all DNS request with his own IP. So Google was 192.168.1.1 etc. All my clients started to connect to this unitymedia box. 

    This issue came up couple of times and stopped after some weeks. 

    __________________________________________________________________________________________________________________

Children