Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 14 replies
  • Subscribers 7 subscribers
  • Views 3089 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Random disconnection from the Internet: possibly from UTM?

Sean Rome

Greetings everyone,

I've been working hard on a company network problem and need some advice.

Our clients are experiencing random drops off the Internet. It's like DNS stops resolving websites. When a client experiences this I can ping inside the network, and also the LAN interface of the UTM, but not out to the Internet.  Something is randomly blocking them from getting online.

This sometimes affects all users... but mainly randomly one or two at a time.

Any advice would be greatly appreciated.



This thread was automatically locked due to age.
Parents
  • 0

    How long has this been an issue? 

    Did you check out BAlfson's Rulz sticky post for DNS related issues? 

    Did it start when you implemented the UTM? 

    Did it start after some kind of update to the UTM or hardware update by the ISP? 

    What type of connection do you have through the ISP?

    Have you checked any of the UTM logs to locate any errors in the logs? 

    Did you check the Kernel message log for anything 'e1000' related (this could be a NIC issue)?

    What changes have you made to the UTM configuration if any?

    Do you have the correct UTM appliance to handle the # of clients and internet traffic?

    I have some questions, as you can tell.  Slight smile

    OPNSense 64-bit | Intel Xeon 4-core v3 1225 3.20Ghz
    16GB Memory | 500GB SSD HDD | ATT Fiber 1GB
    (Former Sophos UTM Veteran, Former XG Rookie)

  • 0 in reply to Amodin

    Thank you for your reply Amodin,

    How long has this been an issue? 

         It started yesterday morning.

    Did you check out BAlfson's Rulz sticky post for DNS related issues? 

         I have in the past, I will review them again.

    Did it start when you implemented the UTM? 

         No, we've had Sophos UTM's for years.

    Did it start after some kind of update to the UTM or hardware update by the ISP? 

         No update to UTM, but we did upgrade our Internet speed.

    What type of connection do you have through the ISP?

         1Gbps Fiber

    Have you checked any of the UTM logs to locate any errors in the logs? 

          Yes, I haven't found any errors    

    Did you check the Kernel message log for anything 'e1000' related (this could be a NIC issue)?

         Yes, none found, but quite a few "IPv4: martian source" entries

    What changes have you made to the UTM configuration if any?

        None

    Do you have the correct UTM appliance to handle the # of clients and internet traffic?

       Yes

  • 0 in reply to Sean Rome

    Guys,

    Great job of posting a problem, asking the range of questions needing an answer and responding.

    I'll make a WAG and blame the ISP's equipment.  Does doing #7.7 in Rulz (last updated 2021-02-16) resolve this?

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • 0 in reply to BAlfson

    Thank you Bob for your reply, I will review. 

    I called support last night for assistance. The conclusion was that since I was able to connect a laptop directly to the LAN interface and access the Internet that the UTM wasn't to blame. 

    I replaced our main Cisco smart switch (that helped), but after logging onto our Remote Desktop server it was not resolving websites, I switched from Google DNS forwarders to my ISP DNS and it immediately resolved.  Lots of weird little network issues like displayed "Limited" access on our server NIC team, but I have gigabit speeds.

    I seem to be finding perhaps symptoms of a problem. I'm at work today searching for something plugged into the network that maybe causing these issues. I'll also look Rulz 7.7.

    Thanks very much, I'll report back later!

Reply
  • 0 in reply to BAlfson

    Thank you Bob for your reply, I will review. 

    I called support last night for assistance. The conclusion was that since I was able to connect a laptop directly to the LAN interface and access the Internet that the UTM wasn't to blame. 

    I replaced our main Cisco smart switch (that helped), but after logging onto our Remote Desktop server it was not resolving websites, I switched from Google DNS forwarders to my ISP DNS and it immediately resolved.  Lots of weird little network issues like displayed "Limited" access on our server NIC team, but I have gigabit speeds.

    I seem to be finding perhaps symptoms of a problem. I'm at work today searching for something plugged into the network that maybe causing these issues. I'll also look Rulz 7.7.

    Thanks very much, I'll report back later!

Children
No Data
Unfiltered HTML