Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 2 replies
  • Subscribers 5 subscribers
  • Views 753 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

UTM Block Communication - Only HA Failover can fix it

David Schotte

Hi Sophos Community,

I am probably a newbie with UTM but also our UTM consulting could not help us. Maybe you can point me in the right direction.

We have two Sophos UTM SG230 with failover configured. Since a couple of months we have the following issue:

- If a Windows server (VM or physical) boots and UTM block the communication. No ping to the UTM, no routing between VLANs, no Internet.

- The only solution is to trigger a manual failover. After that everything works fine.

My thougts and test until now:

-UTM block my IP or MAC, searched different logs, could not find anything. Thought about an option to grep IP/MAC in all logs, files etc. But no clue if that is possible

- When I do the failover maybe the ARP cache will be cleared. Something network related? I already removed our spanning tree. Sadly with no success.

Do you have any idea what could cause a behavior like this or what I should direct my focus to?

Regards

David



This thread was automatically locked due to age.
  • 0

    Little update:

    I forgot to say. There is another option to fix it. Just wait. We're usually doing ASAP a failover / takeover. But if you wait the problem will be fixed automatically. I tried it today with one server. It took 1 hour and 15 minutes +- . After this time the UTM was reachable again

    During this time I tried with  >> grep -r "ServerIPAddress" / << without success (it's still running).

  • 0

    Hallo David and welcome to the UTM Community!

    My first suspicion would be the switch between the UTMs and your LAN.  Before playing with that, check the Firewall logs for blocks as suggested by #1 in Rulz (last updated 2021-02-16).

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Unfiltered HTML