This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Randomly no connection to internet websites but could ping urls works.

Hi guys.
I know there are some thread similar, but this one is different and very strange.

Randomly, once or twice a day, for about one to 5 minutes, we are loosing connection to internet.
Right after that time every thing go back to normal again.

Few thing to noticed:

1. We still can ping Urls

2. DNS seems to work.

3. Accessing URL which are in the DMZ doesn't work as well.

4. I'm not sure if there are more fore shorter time, but this what i know of from my customers.

 

Any help will be appreciate.
[:)]

Goldy



This thread was automatically locked due to age.
Parents
  • Shalom Goldy,

    1. Not sure what you mean.  Are these pings to FQDNs on the Internet?

    2. My gut feeling is that cached FQDNs work but that your ISP has a problem and will not allow resolution of un-cached FQDNs.  How is DNS configured compared to DNS best practice?

    3. Are you running split DNS?  Is the Internal-to-DMZ traffic handled by the UTM's web proxy?

    4. Is this happening at multiple locations?

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • Hi Bob.
    [:)]

    1. Ping to 8.8.8.8 or Youtube (for example) works.

    2. I don't think it's DNS issue sins dns work fine and resolving are ok. (Ping - google.com, Nslookup...)

    3. strangely, it's comes and go randomly, and for about few seconds to 2 minutes.

    4. When it's happens, it's effect all my Lan.

    5. When it's happens, I can't connect connect to the firewall (web) eather.

    6. When it's happens, I can't connect to to the web service of my mail (In the DMZ).

    7. In all cases, ping still works fine.

    It seems kind of issue with the TCP, since ICMP works.
    Very strange :)

    Thanks

    Yaron Gold

     

  • Hi Bob,

     

    here are the results:

     

    <M> firewall:/home/login # ll /var/storage/pgsql92/data/pg_xlog
    total 3751964
    -rw------- 1 postgres postgres 309 Jul 7 01:52 000000010000092900000063.000000A4.backup
    -rw------- 1 postgres postgres 16777216 Jul 20 18:43 0000000100000949000000E1
    -rw------- 1 postgres postgres 16777216 Jul 20 18:43 0000000100000949000000E2
    -rw------- 1 postgres postgres 16777216 Jul 20 18:43 0000000100000949000000E3
    -rw------- 1 postgres postgres 16777216 Jul 20 18:43 0000000100000949000000E4
    -rw------- 1 postgres postgres 16777216 Jul 20 18:43 0000000100000949000000E5
    -rw------- 1 postgres postgres 16777216 Jul 20 18:43 0000000100000949000000E6
    -rw------- 1 postgres postgres 16777216 Jul 20 18:43 0000000100000949000000E7
    -rw------- 1 postgres postgres 16777216 Jul 20 18:43 0000000100000949000000E8
    -rw------- 1 postgres postgres 16777216 Jul 20 18:43 0000000100000949000000E9
    -rw------- 1 postgres postgres 16777216 Jul 20 18:43 0000000100000949000000EA
    -rw------- 1 postgres postgres 16777216 Jul 20 18:43 0000000100000949000000EB
    -rw------- 1 postgres postgres 16777216 Jul 20 18:43 0000000100000949000000EC
    -rw------- 1 postgres postgres 16777216 Jul 20 18:43 0000000100000949000000ED
    -rw------- 1 postgres postgres 16777216 Jul 20 18:44 0000000100000949000000EE
    -rw------- 1 postgres postgres 16777216 Jul 20 18:44 0000000100000949000000EF
    -rw------- 1 postgres postgres 16777216 Jul 20 18:44 0000000100000949000000F0
    -rw------- 1 postgres postgres 16777216 Jul 20 18:44 0000000100000949000000F1
    -rw------- 1 postgres postgres 16777216 Jul 20 18:44 0000000100000949000000F2
    -rw------- 1 postgres postgres 16777216 Jul 20 18:44 0000000100000949000000F3
    -rw------- 1 postgres postgres 16777216 Jul 20 18:45 0000000100000949000000F4
    -rw------- 1 postgres postgres 16777216 Jul 20 18:45 0000000100000949000000F5
    -rw------- 1 postgres postgres 16777216 Jul 20 18:45 0000000100000949000000F6
    -rw------- 1 postgres postgres 16777216 Jul 20 18:45 0000000100000949000000F7
    -rw------- 1 postgres postgres 16777216 Jul 20 18:45 0000000100000949000000F8
    -rw------- 1 postgres postgres 16777216 Jul 20 18:45 0000000100000949000000F9
    -rw------- 1 postgres postgres 16777216 Jul 20 18:45 0000000100000949000000FA
    -rw------- 1 postgres postgres 16777216 Jul 20 18:48 0000000100000949000000FB
    -rw------- 1 postgres postgres 16777216 Jul 20 18:50 0000000100000949000000FC
    -rw------- 1 postgres postgres 16777216 Jul 20 18:52 0000000100000949000000FD
    -rw------- 1 postgres postgres 16777216 Jul 20 18:55 0000000100000949000000FE
    -rw------- 1 postgres postgres 16777216 Jul 20 18:58 000000010000094A00000000
    -rw------- 1 postgres postgres 16777216 Jul 20 19:00 000000010000094A00000001
    -rw------- 1 postgres postgres 16777216 Jul 20 19:03 000000010000094A00000002
    -rw------- 1 postgres postgres 16777216 Jul 20 19:06 000000010000094A00000003
    -rw------- 1 postgres postgres 16777216 Jul 20 19:09 000000010000094A00000004
    -rw------- 1 postgres postgres 16777216 Jul 20 19:14 000000010000094A00000005
    -rw------- 1 postgres postgres 16777216 Jul 20 19:16 000000010000094A00000006
    -rw------- 1 postgres postgres 16777216 Jul 20 19:19 000000010000094A00000007
    -rw------- 1 postgres postgres 16777216 Jul 20 19:23 000000010000094A00000008
    -rw------- 1 postgres postgres 16777216 Jul 20 19:25 000000010000094A00000009
    -rw------- 1 postgres postgres 16777216 Jul 20 19:30 000000010000094A0000000A
    -rw------- 1 postgres postgres 16777216 Jul 20 19:33 000000010000094A0000000B
    -rw------- 1 postgres postgres 16777216 Jul 20 19:38 000000010000094A0000000C
    -rw------- 1 postgres postgres 16777216 Jul 20 19:40 000000010000094A0000000D
    -rw------- 1 postgres postgres 16777216 Jul 20 19:44 000000010000094A0000000E
    -rw------- 1 postgres postgres 16777216 Jul 20 19:46 000000010000094A0000000F
    -rw------- 1 postgres postgres 16777216 Jul 20 19:50 000000010000094A00000010
    -rw------- 1 postgres postgres 16777216 Jul 20 19:54 000000010000094A00000011
    -rw------- 1 postgres postgres 16777216 Jul 20 19:57 000000010000094A00000012
    -rw------- 1 postgres postgres 16777216 Jul 20 20:00 000000010000094A00000013
    -rw------- 1 postgres postgres 16777216 Jul 20 20:03 000000010000094A00000014
    -rw------- 1 postgres postgres 16777216 Jul 20 20:07 000000010000094A00000015
    -rw------- 1 postgres postgres 16777216 Jul 20 20:10 000000010000094A00000016
    -rw------- 1 postgres postgres 16777216 Jul 20 20:15 000000010000094A00000017
    -rw------- 1 postgres postgres 16777216 Jul 20 20:18 000000010000094A00000018
    -rw------- 1 postgres postgres 16777216 Jul 20 20:23 000000010000094A00000019
    -rw------- 1 postgres postgres 16777216 Jul 20 20:27 000000010000094A0000001A
    -rw------- 1 postgres postgres 16777216 Jul 20 20:31 000000010000094A0000001B
    -rw------- 1 postgres postgres 16777216 Jul 20 20:35 000000010000094A0000001C
    -rw------- 1 postgres postgres 16777216 Jul 20 20:40 000000010000094A0000001D
    -rw------- 1 postgres postgres 16777216 Jul 20 20:45 000000010000094A0000001E
    -rw------- 1 postgres postgres 16777216 Jul 20 20:50 000000010000094A0000001F
    -rw------- 1 postgres postgres 16777216 Jul 20 20:55 000000010000094A00000020
    -rw------- 1 postgres postgres 16777216 Jul 20 21:01 000000010000094A00000021
    -rw------- 1 postgres postgres 16777216 Jul 20 21:05 000000010000094A00000022
    -rw------- 1 postgres postgres 16777216 Jul 20 21:10 000000010000094A00000023
    -rw------- 1 postgres postgres 16777216 Jul 20 21:15 000000010000094A00000024
    -rw------- 1 postgres postgres 16777216 Jul 20 21:20 000000010000094A00000025
    -rw------- 1 postgres postgres 16777216 Jul 20 21:25 000000010000094A00000026
    -rw------- 1 postgres postgres 16777216 Jul 20 21:31 000000010000094A00000027
    -rw------- 1 postgres postgres 16777216 Jul 20 21:36 000000010000094A00000028
    -rw------- 1 postgres postgres 16777216 Jul 20 21:43 000000010000094A00000029
    -rw------- 1 postgres postgres 16777216 Jul 20 21:47 000000010000094A0000002A
    -rw------- 1 postgres postgres 16777216 Jul 20 21:53 000000010000094A0000002B
    -rw------- 1 postgres postgres 16777216 Jul 20 21:58 000000010000094A0000002C
    -rw------- 1 postgres postgres 16777216 Jul 20 22:03 000000010000094A0000002D
    -rw------- 1 postgres postgres 16777216 Jul 20 22:09 000000010000094A0000002E
    -rw------- 1 postgres postgres 16777216 Jul 20 22:15 000000010000094A0000002F
    -rw------- 1 postgres postgres 16777216 Jul 20 22:20 000000010000094A00000030
    -rw------- 1 postgres postgres 16777216 Jul 20 22:26 000000010000094A00000031
    -rw------- 1 postgres postgres 16777216 Jul 20 22:32 000000010000094A00000032
    -rw------- 1 postgres postgres 16777216 Jul 20 22:38 000000010000094A00000033
    -rw------- 1 postgres postgres 16777216 Jul 20 22:44 000000010000094A00000034
    -rw------- 1 postgres postgres 16777216 Jul 20 22:49 000000010000094A00000035
    -rw------- 1 postgres postgres 16777216 Jul 20 22:55 000000010000094A00000036
    -rw------- 1 postgres postgres 16777216 Jul 20 23:00 000000010000094A00000037
    -rw------- 1 postgres postgres 16777216 Jul 20 23:05 000000010000094A00000038
    -rw------- 1 postgres postgres 16777216 Jul 20 23:11 000000010000094A00000039
    -rw------- 1 postgres postgres 16777216 Jul 20 23:18 000000010000094A0000003A
    -rw------- 1 postgres postgres 16777216 Jul 20 23:24 000000010000094A0000003B
    -rw------- 1 postgres postgres 16777216 Jul 20 23:30 000000010000094A0000003C
    -rw------- 1 postgres postgres 16777216 Jul 20 23:35 000000010000094A0000003D
    -rw------- 1 postgres postgres 16777216 Jul 20 23:43 000000010000094A0000003E
    -rw------- 1 postgres postgres 16777216 Jul 20 23:48 000000010000094A0000003F
    -rw------- 1 postgres postgres 16777216 Jul 20 23:54 000000010000094A00000040
    -rw------- 1 postgres postgres 16777216 Jul 21 00:00 000000010000094A00000041
    -rw------- 1 postgres postgres 16777216 Jul 21 00:09 000000010000094A00000042
    -rw------- 1 postgres postgres 16777216 Jul 21 00:19 000000010000094A00000043
    -rw------- 1 postgres postgres 16777216 Jul 21 00:28 000000010000094A00000044
    -rw------- 1 postgres postgres 16777216 Jul 21 00:37 000000010000094A00000045
    -rw------- 1 postgres postgres 16777216 Jul 21 00:40 000000010000094A00000046
    -rw------- 1 postgres postgres 16777216 Jul 20 16:30 000000010000094A00000047
    -rw------- 1 postgres postgres 16777216 Jul 20 16:01 000000010000094A00000048
    -rw------- 1 postgres postgres 16777216 Jul 20 17:51 000000010000094A00000049
    -rw------- 1 postgres postgres 16777216 Jul 20 15:43 000000010000094A0000004A
    -rw------- 1 postgres postgres 16777216 Jul 20 16:21 000000010000094A0000004B
    -rw------- 1 postgres postgres 16777216 Jul 20 18:35 000000010000094A0000004C
    -rw------- 1 postgres postgres 16777216 Jul 20 16:27 000000010000094A0000004D
    -rw------- 1 postgres postgres 16777216 Jul 20 18:30 000000010000094A0000004E
    -rw------- 1 postgres postgres 16777216 Jul 20 16:41 000000010000094A0000004F
    -rw------- 1 postgres postgres 16777216 Jul 20 18:02 000000010000094A00000050
    -rw------- 1 postgres postgres 16777216 Jul 20 15:36 000000010000094A00000051
    -rw------- 1 postgres postgres 16777216 Jul 20 16:46 000000010000094A00000052
    -rw------- 1 postgres postgres 16777216 Jul 20 17:47 000000010000094A00000053
    -rw------- 1 postgres postgres 16777216 Jul 20 18:40 000000010000094A00000054
    -rw------- 1 postgres postgres 16777216 Jul 20 18:40 000000010000094A00000055
    -rw------- 1 postgres postgres 16777216 Jul 20 16:17 000000010000094A00000056
    -rw------- 1 postgres postgres 16777216 Jul 20 17:33 000000010000094A00000057
    -rw------- 1 postgres postgres 16777216 Jul 20 17:38 000000010000094A00000058
    -rw------- 1 postgres postgres 16777216 Jul 20 17:25 000000010000094A00000059
    -rw------- 1 postgres postgres 16777216 Jul 20 18:40 000000010000094A0000005A
    -rw------- 1 postgres postgres 16777216 Jul 20 18:40 000000010000094A0000005B
    -rw------- 1 postgres postgres 16777216 Jul 20 16:32 000000010000094A0000005C
    -rw------- 1 postgres postgres 16777216 Jul 20 16:43 000000010000094A0000005D
    -rw------- 1 postgres postgres 16777216 Jul 20 18:40 000000010000094A0000005E
    -rw------- 1 postgres postgres 16777216 Jul 20 17:11 000000010000094A0000005F
    -rw------- 1 postgres postgres 16777216 Jul 20 18:17 000000010000094A00000060
    -rw------- 1 postgres postgres 16777216 Jul 20 18:40 000000010000094A00000061
    -rw------- 1 postgres postgres 16777216 Jul 20 15:58 000000010000094A00000062
    -rw------- 1 postgres postgres 16777216 Jul 20 18:40 000000010000094A00000063
    -rw------- 1 postgres postgres 16777216 Jul 20 16:39 000000010000094A00000064
    -rw------- 1 postgres postgres 16777216 Jul 20 16:11 000000010000094A00000065
    -rw------- 1 postgres postgres 16777216 Jul 20 16:53 000000010000094A00000066
    -rw------- 1 postgres postgres 16777216 Jul 20 15:55 000000010000094A00000067
    -rw------- 1 postgres postgres 16777216 Jul 20 17:00 000000010000094A00000068
    -rw------- 1 postgres postgres 16777216 Jul 20 16:23 000000010000094A00000069
    -rw------- 1 postgres postgres 16777216 Jul 20 16:36 000000010000094A0000006A
    -rw------- 1 postgres postgres 16777216 Jul 20 18:42 000000010000094A0000006B
    -rw------- 1 postgres postgres 16777216 Jul 20 18:41 000000010000094A0000006C
    -rw------- 1 postgres postgres 16777216 Jul 20 18:41 000000010000094A0000006D
    -rw------- 1 postgres postgres 16777216 Jul 20 18:41 000000010000094A0000006E
    -rw------- 1 postgres postgres 16777216 Jul 20 18:41 000000010000094A0000006F
    -rw------- 1 postgres postgres 16777216 Jul 20 18:41 000000010000094A00000070
    -rw------- 1 postgres postgres 16777216 Jul 20 18:42 000000010000094A00000071
    -rw------- 1 postgres postgres 16777216 Jul 20 18:42 000000010000094A00000072
    -rw------- 1 postgres postgres 16777216 Jul 20 18:41 000000010000094A00000073
    -rw------- 1 postgres postgres 16777216 Jul 20 18:42 000000010000094A00000074
    -rw------- 1 postgres postgres 16777216 Jul 20 18:41 000000010000094A00000075
    -rw------- 1 postgres postgres 16777216 Jul 20 18:42 000000010000094A00000076
    -rw------- 1 postgres postgres 16777216 Jul 20 18:41 000000010000094A00000077
    -rw------- 1 postgres postgres 16777216 Jul 20 18:41 000000010000094A00000078
    -rw------- 1 postgres postgres 16777216 Jul 20 18:42 000000010000094A00000079
    -rw------- 1 postgres postgres 16777216 Jul 20 18:42 000000010000094A0000007A
    -rw------- 1 postgres postgres 16777216 Jul 20 18:41 000000010000094A0000007B
    -rw------- 1 postgres postgres 16777216 Jul 20 18:42 000000010000094A0000007C
    -rw------- 1 postgres postgres 16777216 Jul 20 18:41 000000010000094A0000007D
    -rw------- 1 postgres postgres 16777216 Jul 20 18:42 000000010000094A0000007E
    -rw------- 1 postgres postgres 16777216 Jul 20 18:42 000000010000094A0000007F
    -rw------- 1 postgres postgres 16777216 Jul 20 18:42 000000010000094A00000080
    -rw------- 1 postgres postgres 16777216 Jul 20 18:42 000000010000094A00000081
    -rw------- 1 postgres postgres 16777216 Jul 20 18:42 000000010000094A00000082
    -rw------- 1 postgres postgres 16777216 Jul 20 18:42 000000010000094A00000083
    -rw------- 1 postgres postgres 16777216 Jul 20 18:42 000000010000094A00000084
    -rw------- 1 postgres postgres 16777216 Jul 20 18:42 000000010000094A00000085
    -rw------- 1 postgres postgres 16777216 Jul 20 18:42 000000010000094A00000086
    -rw------- 1 postgres postgres 16777216 Jul 20 18:42 000000010000094A00000087
    -rw------- 1 postgres postgres 16777216 Jul 20 18:42 000000010000094A00000088
    -rw------- 1 postgres postgres 16777216 Jul 20 18:42 000000010000094A00000089
    -rw------- 1 postgres postgres 16777216 Jul 20 18:42 000000010000094A0000008A
    -rw------- 1 postgres postgres 16777216 Jul 20 18:42 000000010000094A0000008B
    -rw------- 1 postgres postgres 16777216 Jul 20 18:42 000000010000094A0000008C
    -rw------- 1 postgres postgres 16777216 Jul 20 18:42 000000010000094A0000008D
    -rw------- 1 postgres postgres 16777216 Jul 20 18:42 000000010000094A0000008E
    -rw------- 1 postgres postgres 16777216 Jul 20 18:42 000000010000094A0000008F
    -rw------- 1 postgres postgres 16777216 Jul 20 18:42 000000010000094A00000090
    -rw------- 1 postgres postgres 16777216 Jul 20 18:42 000000010000094A00000091
    -rw------- 1 postgres postgres 16777216 Jul 20 18:42 000000010000094A00000092
    -rw------- 1 postgres postgres 16777216 Jul 20 18:42 000000010000094A00000093
    -rw------- 1 postgres postgres 16777216 Jul 20 18:42 000000010000094A00000094
    -rw------- 1 postgres postgres 16777216 Jul 20 18:42 000000010000094A00000095
    -rw------- 1 postgres postgres 16777216 Jul 20 18:42 000000010000094A00000096
    -rw------- 1 postgres postgres 16777216 Jul 20 18:42 000000010000094A00000097
    -rw------- 1 postgres postgres 16777216 Jul 20 18:42 000000010000094A00000098
    -rw------- 1 postgres postgres 16777216 Jul 20 18:42 000000010000094A00000099
    -rw------- 1 postgres postgres 16777216 Jul 20 18:42 000000010000094A0000009A
    -rw------- 1 postgres postgres 16777216 Jul 20 18:42 000000010000094A0000009B
    -rw------- 1 postgres postgres 16777216 Jul 20 18:42 000000010000094A0000009C
    -rw------- 1 postgres postgres 16777216 Jul 20 18:42 000000010000094A0000009D
    -rw------- 1 postgres postgres 16777216 Jul 20 18:42 000000010000094A0000009E
    -rw------- 1 postgres postgres 16777216 Jul 20 18:42 000000010000094A0000009F
    -rw------- 1 postgres postgres 16777216 Jul 20 18:42 000000010000094A000000A0
    -rw------- 1 postgres postgres 16777216 Jul 20 18:42 000000010000094A000000A1
    -rw------- 1 postgres postgres 16777216 Jul 20 18:42 000000010000094A000000A2
    -rw------- 1 postgres postgres 16777216 Jul 20 18:42 000000010000094A000000A3
    -rw------- 1 postgres postgres 16777216 Jul 20 18:42 000000010000094A000000A4
    -rw------- 1 postgres postgres 16777216 Jul 20 18:42 000000010000094A000000A5
    -rw------- 1 postgres postgres 16777216 Jul 20 18:42 000000010000094A000000A6
    -rw------- 1 postgres postgres 16777216 Jul 20 18:43 000000010000094A000000A7
    -rw------- 1 postgres postgres 16777216 Jul 20 18:43 000000010000094A000000A8
    -rw------- 1 postgres postgres 16777216 Jul 20 18:43 000000010000094A000000A9
    -rw------- 1 postgres postgres 16777216 Jul 20 18:43 000000010000094A000000AA
    -rw------- 1 postgres postgres 16777216 Jul 20 18:43 000000010000094A000000AB
    -rw------- 1 postgres postgres 16777216 Jul 20 18:43 000000010000094A000000AC
    -rw------- 1 postgres postgres 16777216 Jul 20 18:43 000000010000094A000000AD
    -rw------- 1 postgres postgres 16777216 Jul 20 18:43 000000010000094A000000AE
    -rw------- 1 postgres postgres 16777216 Jul 20 18:43 000000010000094A000000AF
    -rw------- 1 postgres postgres 16777216 Jul 20 18:43 000000010000094A000000B0
    -rw------- 1 postgres postgres 16777216 Jul 20 18:43 000000010000094A000000B1
    -rw------- 1 postgres postgres 16777216 Jul 20 18:43 000000010000094A000000B2
    -rw------- 1 postgres postgres 16777216 Jul 20 18:43 000000010000094A000000B3
    -rw------- 1 postgres postgres 16777216 Jul 20 18:43 000000010000094A000000B4
    -rw------- 1 postgres postgres 16777216 Jul 20 18:43 000000010000094A000000B5
    -rw------- 1 postgres postgres 16777216 Jul 20 18:43 000000010000094A000000B6
    -rw------- 1 postgres postgres 16777216 Jul 20 18:43 000000010000094A000000B7
    -rw------- 1 postgres postgres 16777216 Jul 20 18:43 000000010000094A000000B8
    -rw------- 1 postgres postgres 16777216 Jul 20 18:43 000000010000094A000000B9
    -rw------- 1 postgres postgres 16777216 Jul 20 18:43 000000010000094A000000BA
    -rw------- 1 postgres postgres 16777216 Jul 20 18:43 000000010000094A000000BB
    -rw------- 1 postgres postgres 16777216 Jul 20 18:43 000000010000094A000000BC
    -rw------- 1 postgres postgres 16777216 Jul 20 18:43 000000010000094A000000BD
    -rw------- 1 postgres postgres 16777216 Jul 20 18:43 000000010000094A000000BE
    -rw------- 1 postgres postgres 16777216 Jul 20 18:43 000000010000094A000000BF
    -rw------- 1 postgres postgres 16777216 Jul 20 18:43 000000010000094A000000C0
    -rw------- 1 postgres postgres 16777216 Jul 20 18:43 000000010000094A000000C1
    -rw------- 1 postgres postgres 16777216 Jul 20 18:43 000000010000094A000000C2
    -rw------- 1 postgres postgres 16777216 Jul 20 18:43 000000010000094A000000C3
    -rw------- 1 postgres postgres 16777216 Jul 20 18:43 000000010000094A000000C4
    -rw------- 1 postgres postgres 16777216 Jul 20 18:43 000000010000094A000000C5
    -rw------- 1 postgres postgres 16777216 Jul 20 18:43 000000010000094A000000C6
    drwx------ 2 postgres postgres 20480 Jul 21 00:39 archive_status
    <M> firewall:/home/login #

  • Hi Bob,

    the problem is not specific to the slave. On what do you base that we have a problem with PostgreSQL?

    We have this issue for a couple of weeks now and we switched to the other node about 2 weeks ago. Since last week the issue also occurs on the new master.

    Franc.

  • You right.

    Just the same with us.
    We also change Master/Slave about two weeks ago, but the alert I'm getting still the same.
    Franc, do you also getting those alerts concerning the partition feeling up?

     

    Goldy.

    PS, Sophos insist opening two different cases - the internet drops and the Postgress issue.

  • Hi,

     

    no, we aren't getting the root partition filling up messages. I guess disk space is not an issue with us.

     

    Franc.

  • I was obviously not doing a good job of multitasking, Franc!  I saw that the directory was taking up 3.5 GB and thought that it was on dev/sda6 - the / directory that only has 5.2GB, regardless of disk size.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • Sophos just confirmed with us that this is a known issue in the latest version 9.703-3 with specific configurations (I don't know the details yet). It will be fixed in the next update which will be released in the coming weeks. They are looking if they can supply a hotfix for the issue and install it on our systems.

  • yippee ki-yay.

    At least we are going somewhere.

    Strangely, I think there was some similar issues before the last update.

     

    Goldy.

     

  • We're having a very similar issue (proxy times out intermittently while other services such as routing,NAT,firewall,antispam work normally) with 9.702. Also experienced the same problem with 9.604 and 9.605 back in October 2019, although at that time we were informed that vmotioning the UTM nodes (both nodes are vms and the HA's active/passive) without rebooting them can cause some weird stuff. We started shutting the nodes down during vmotion and had no reported instability for months until this past June, with it worsening in July.

    We use standard web filtering. I have firewall rules set up for my system to bypass the proxy, so it is easy to confirm Internet access is up when these outages occur. I did some playing around with transparent filter as well, and that had the same issue as the standard filter.

    I put a ticket in with Sophos and am following this particular thread with great interest. Hopefully a solution'll be found!

  • Our machines aren't VM's. They are two SG330's in HA.

     

    Franc.

  • Since Snort is all the same, my suspect that there was an update in the snort that cause this issue.

Reply Children
  • Hi Guys.

    Not sure if it's the reason, but I have switched the antivirus from Sophos to Avira in the Firewall, and for about 6 hours all is quite....
    I'll keep monitoring and let you know. [:O]

  • Hi Guys.

    Just got it from Sophos Support:

    We had found http was reloading multiple times and as per the update from our GES Team, the below workaround solution should help resolve the issue :-

    1. <M> mhgate:/root # cc

    2. 127.0.0.1 MAIN > http

    3. 127.0.0.1 MAIN http > sc_local_db$

    4. 127.0.0.1 MAIN http/sc_local_db (LISTPICK) > none

    This should not be causing any impact to connections

     

  • Did this work for you? Sophos is working on our case for 2 weeks now, but they can’t find a cause and don’t have a solution yet. Do you have a case ID so that I can give that to Sophos support for more info?

  • Rather than going into cc as Support told Goldy, I prefer to make the change at the command line:

    cc set http sc_local_db none

    Franc, you can see what setting you have with:

    cc get http sc_local_db

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • Hi Bob,

    this is the result:

    <M> firewall:/home/login # cc get http c_local_db
    0

    I haven’t used the set command (yet), since I don’t know what it does.

    Franc

  • Hoi Franc,

    Please see the correct version of that command above.  I first posted it with a typo, c_local_db, but the correct parameter is sc_local_db.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • Hi Bob,

    then the result is:

    <M> firewall:/home/login # cc get http sc_local_db
    mem


    Franc.

  • This is a known complication, Franc.  You definitely should try with "none":

    cc set http sc_local_db none

    Working now?

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • Hi Bob,

     

    Thanks, changed it let's see what happens.

     

    But I have a couple of questions/remarks:

    - we had this setting for several years now, it was advised by then to speed up the web-proxy. Why should it be a problem now suddenly?

    - What known complications are there when using this setting?

    - Sophos has been looking into this issue for the last 2 weeks now on our system, wonder why they didn't come up with this...

     

    Franc.

  • Hi Franc.

    Something someone wrote long time ago [:)]:

    Run HTTP proxy database localy
    1. ssh to SOPHOS-UTM and login with loginuser
    2. su – root
    3. cc set http sc_local_db [disk][mem][none] (Choose what you prefer)
         None - default, don't use local categorization at all use online query as default.
         Disk - use local Database, but use it only on disk. Useful for boxes with little RAM.
         Mem - use local Database, and keep it in memory for faster access.
    4. Reload the service:
        /var/mdw/scripts/httpproxy restart

    Verify first DB download (Web surfing will be stopped until done - about 370 MB):
    ls -lh /var/chroot-http/var/pattern/sfcontrol

    Web surfing will be extremely slow until the database has downloaded and been put into place. The time is link speed dependent.

    You must Reload the service!!!.

    As for the issue, it's a bug, and see Sophos answer:
    "In regards to your recent question about when and how this workaround will be fixed within the Web Proxy, I will have to escalate the case to GES ( Tier-3 ) Team"


    Goldy