Hi:
I have a two month old SG330, running 9.315-2.
This has happened four times. On the dashboard, the external interface shows as State - Up, Link - Error. It first happened maybe a month ago.
Since then it has happened three times, last Thursday (aug 27), last Saturday (aug 29), and today (aug 31st).
What happens then is our external users lose their VPN connections, and we lose internet connections, until our backup internet connection kicks in (have uplink balancing both ISP connections active) and multipath rules to steer users out the primary connection and fail to the backup if needed, and to steer some of our BYOB wifi hotspots out the backup connection as primary).
Anyway, when this happened last Thursday, I changed the ISP port on the Sophos from Eth4 (where it was) to Eth5, and also changed the Ethernet cable (all of 3 feet long) between the ISP's box and the Sophos.
We're on a SM fiber connection, with a vendor provided Cisco 3000 series switch, with three active ports - one for the fiber SFP, one Ethernet for the internet connection, and one ethernet that does our phone PRI.
When the internet connection goes down, there is no issue with the phone.
As I said, last Thursday, I switched the ISP primary connection on the Sophos from Eth4 to Eth5.
On Saturday it went down again, and I got a call at home (we are a 24x7operation). I could ping the ISP's DG, but could not connect to the firewall through the primary ISP. I logged remotely into the SG through the backup internet connection. Same as before. On the dashboard page it showed ETH5as State - Up, Link - Error. I disabled it, and re-enabled it, and it came back up.
Today, same situation. I was on site, saw it happen (before people started calling), logged into the SG through the internal interface and Eth5 showed the same. Went to the interfaces tab on interfaces and routing, disabled and re-enabled the interface, and it came right back up.
There are several additional addresses on that port also - we have a /28 from the carrier and have some of the other additional addresses NAT-ing to servers, etc.
Now I'm getting the ISP saying that it's the firewall, etc.
I had Sophos support on the line today, and the connected in, and - in their words, they see line fluctuations, port not responding, which in their minds shows an issue with the vendor's switch.
The ISP says they show no issues, other than when they see my disable/enable the port.
I've changed the port on the SG from Eth4 to ETH5, and changed the Ethernet cable. There is nothing other than the Ethernet cable between the two boxes.
I've attached some snippets of log files that Sophos pulled up.
Ideas?
Thanks,
John S.
This thread was automatically locked due to age.
Quote