Thread Info
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Unstable Sophos UTM 9 - please help

Sven David Hildebrandt

Hi,

I'm running Sophos UTM 9 on an older HP Pavillion PC. I'm not sure about the specs but it works fine. Internet/LAN is stable. However, this PC is kinda noisy due to HDD and fans so I'm trying to get something more quiet and modern to run Sophos on.

First I tried installing Sophos on a Mintbox2: http://www.fit-pc.com/web/products/mintbox/mintbox-specifications/

Then I tried using Sophos on a Dell Optiplex 980: https://www.cnet.com/products/dell-optiplex-980-core-i5-650-3-2-ghz-4-gb-320-gb-4688405/specs/

I've installed SSD in both those machines. However, none of them can be used because WAN/LAN is completely unstable. WAN-link keeps going up and down and the network speed is slow. Whenever you do a line test the WAN-link goes completely down and LAN is generally unstable.

Does anyone have a clue why Sophos UTM 9 works on an older HP Pavillion but not on either the Mintbox2 or the Dell Optiplex?



This thread was automatically locked due to age.
  • 0

    Assumptions and coments

    1/. you installed a second nic in the dell?

    2/. you connected the ssd to the sata port?

    3/. Which mintbox did you purchase?

    4/. what chipsets do they run, are they supported by UTM?

    5/. the dell is a very old model or at least the cpu is.

    XGS118 - v21.0.1 MR1

    XG115 converted to software licence v21.0.1 MR-1

    If a post solves your question please use the 'Verify Answer' button.

    • 0 in reply to rfcat_vk

      1. Yes. I installed a Intel Pro 1000 GT NIC in the Dell

      2. Yes, I've mounted SSDs into both the Dell and the Mintbox and the disks work fine.

      3. Mintbox 2, it's standard config with 4GB RAM, only I've changed the 500GB HDD with and 128GB SSD.

      5. The Dell is old yes, but the HP Pavilion is just as old and works fine.

      4. Mintbox 2: Mobile Intel QM77 Chipset (Panther Point)
      Dell Optiplex: Intel something

      This is Sophos requirements stated by Sophos themselves, and it doesn't say anything about chipset:

      Sophos UTM installs on any dedicated X64 machine, turning it into a fully functional unified threat management firewall. Perfect for that spare machine you have sitting around!

      Minimum Hardware Recommendations

      • 1.5+ GHz processor (dual core+ recommended)
      • 1 GB RAM (2GB strongly recommended)
      • 60 GB hard disk
      • Bootable CD-ROM
      • 2 or more network cards
    • 0

      I'm running my UTM on a Dell 7010 but with a Dual Intel NIC and Single Intel NIC card.

      The dual LAN Port card is my bridged LAN ports and the other single Intel Card is my WAN port.

      I have yet to see any dropouts with this setup.

      I made sure the bios is setup with NO power management and disabled C-States.

      Regards Simon

      Sophos XG 17.5.1 MR-1 | Dell 7010 | Intel(R) Core(TM) i5-3550 CPU @ 3.70GHz | 8GB Memory
      Samsung EVO 850 120GB SDD | 1x Intel 82574L / 2x 82571EB Gigabit Ethernet Controller (rev 06)

      • 0 in reply to dark moon

        Well, I just can't get Sophos UTM to work on my Dell Optiplex with two Intel NICS. It's a shame. I wonder why....

        • 0 in reply to Sven David Hildebrandt

          Sven, does #7 in Rulz offer any help?

          Cheers - Bob

           
          Sophos UTM Community Moderator
          Sophos Certified Architect - UTM
          Sophos Certified Engineer - XG
          Gold Solution Partner since 2005
          MediaSoft, Inc. USA
          • 0 in reply to BAlfson

            Hi, I haven't see this one, but first sight looks great. I will check it out and let you know!

            • 0 in reply to BAlfson

              Hi,

              I am so sorry for my incredible late answer in this thread. I am now able to continue this issue. I've tried the tips in Rule #7 without success. A MTU of 1350 didn't help.

               

              What happens during a speed test is that download is ok. But when uploading the speed is trash. Sometimes it goes high only to go low, and then the WAN interface goes down for a short while. Any more ideas??

              See images:

               

               

              • 0 in reply to Sven David Hildebrandt

                I've given up on the Mintbox and try to concentrate on the Dell Optiplex. I tried with the lastest 9.5 firmware but still the same problem (see previous post).

                 

                So the NICs are one integrated Intel 82578DM  and the other one is a brand new Intel Pro 1000 GT.

                 

                Can anyone please help?

                 

                 

                • 0 in reply to Sven David Hildebrandt

                  Sven, try a google on

                  site:community.sophos.com/products/unified-threat-management/f external state down

                  The first result is a 10-year-old thread with a lot of suggestions for you.

                  Cheers - Bob

                   
                  Sophos UTM Community Moderator
                  Sophos Certified Architect - UTM
                  Sophos Certified Engineer - XG
                  Gold Solution Partner since 2005
                  MediaSoft, Inc. USA
                  • 0 in reply to BAlfson

                    Hi Bob,

                    Maybe I didn't find the correct thread, because all I can see are suggestions about restarting the cable modem. I believe the issue in this thread is that the WAN link is down all the time.

                    My problem is that it just temporarily goes down every time I do a speed test or maximize my connection, and it's only for a few seconds.

                    Other info: I live in Norway and the cable modem is basically a fiber modem in transparent mode. I can't access it in any way. This means I can't adjust the connection speed or anything like that. It just passes all the traffic through. The fiber cable is terminated inside it and I have a RJ45 WAN port. I get DHCP from my ISP.

                    • 0 in reply to Sven David Hildebrandt

                      Hmm, it sounds like you either need a different NIC for your External interface or that the fault lies in the fiber modem.  If the problem persists when you connect a PC directly to the modem, does your ISP have any throttling in place?

                      Cheers - Bob
                      PS Norway?  Check out my son Richie in the Alt for Norge reality show.  The 12th episode of the current season airs on Sunday.

                       
                      Sophos UTM Community Moderator
                      Sophos Certified Architect - UTM
                      Sophos Certified Engineer - XG
                      Gold Solution Partner since 2005
                      MediaSoft, Inc. USA
                      • 0 in reply to BAlfson

                        Hi Bob,

                        Thanks for your reply!

                        1. So it's likely that the built-in Intel 82578DM NIC is not compliant?

                        2. Would it be worth a try to change the 'order' of the adapters? To use the Intel Pro 1000GT as the WAN interface and the other as the LAN interface? Can you do this without reinstall?

                        3. What is a recommended compliant NIC with dual GB-port that I can install into a PCI-port? (not PCIe).

                        4. Norway it is :-) I don't have access to that channel but I'll try to download it somewhere. Which one is Richie? https://www.facebook.com/altfornorge/photos/rpp.116676995010503/1616113921733462/?type=3&theater

                        Rgds,

                        Sven David

                        • 0 in reply to Sven David Hildebrandt

                          Hei Sven David,

                          1. Maybe.  #7 in Rulz includes "(NOT an Intel 82574 based NIC due to bugs from Intel that aren't fixed - the 210 series is good)"

                          2. Definitely worth a try.

                          4. The tall, really handsome one with the long blond hair. [;)]

                          Cheers - Bob

                           
                          Sophos UTM Community Moderator
                          Sophos Certified Architect - UTM
                          Sophos Certified Engineer - XG
                          Gold Solution Partner since 2005
                          MediaSoft, Inc. USA
                          • 0 in reply to BAlfson

                            Unfortunately switching the network adapters didn't help either :-(

                            Crap..

                            My old PC that works with Sophos UTM has only 100Mbps NIC for the WAN-port and my provider has upgraded me to 250Mbps without any extra charge. Well, this isn't that important, but it's sad to not get Sophos UTM to work stable on any other PC than an OLD HP Pavillion.

                            When I do speed tests on the Dell optiplex I get packet loss and generally very unstable internet, and unpredictable speed. Sometimes full speed and other times no speed at all.

                        Unfiltered HTML