This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Sophos UTM SG 135 problem with internetconnection / DHCP

Hi there,

I have a strange problem with an internet connection on an SG 135 with the current firmware version.

Two identical cable connections from Vodafone Kabel Deutschland with 1 Gbit each on ETH1 and ETH2 are configured identically on the UTM. Both lines have a static IP that is assigned by the provider via DHCP. Line one has been running smoothly for almost two years. Now a second line has been added, it always runs for about 30 minutes, then it is gone for about 30 minutes. In the log file I see that after the lease has expired, the UTM tries to re-establish the connection. She tries that for about 30 minutes, after which it works again. The uplink balancing is also correctly switched on. Both interfaces are configured as standard gateways.

I have already swapped different Internet interfaces on the UTM, no improvement. In the log file I see the following:

reverseproxy/usr/dehydrated/bin/renew_certificate.pl > /dev/null)

2020:12:22-19:29:09 gw dhclient: DHCPREQUEST for 24.134.237.101 on eth2 to 88.134.230.2 port 67

2020:12:22-19:29:30 gw dhclient: DHCPREQUEST for 24.134.237.101 on eth2 to 88.134.230.2 port 67

2020:12:22-19:29:41 gw dhclient: DHCPREQUEST for 24.134.237.101 on eth2 to 88.134.230.2 port 67

2020:12:22-19:30:00 gw dhclient: DHCPREQUEST for 24.134.237.101 on eth2 to 88.134.230.2 port 67

2020:12:22-19:30:01 gw /usr/sbin/cron[23544]: (dehydrated) CMD (/var/chroot-reverseproxy/usr/dehydrated/bin/renew_certificate.pl > /dev/null)

2020:12:22-19:30:01 gw /usr/sbin/cron[23545]: (root) CMD ( /usr/local/bin/reporter/system-reporter.pl)

2020:12:22-19:30:01 gw /usr/sbin/cron[23546]: (root) CMD (/var/mdw/scripts/pmx-blocklist-update)

2020:12:22-19:30:01 gw /usr/sbin/cron[23547]: (root) CMD ( /usr/local/bin/rpmdb_backup )

2020:12:22-19:30:17 gw dhclient: DHCPREQUEST for 24.134.237.101 on eth2 to 88.134.230.2 port 67

2020:12:22-19:30:30 gw dhclient: DHCPREQUEST for 24.134.237.101 on eth2 to 88.134.230.2 port 67

2020:12:22-19:30:44 gw dhclient: DHCPREQUEST for 24.134.237.101 on eth2 to 88.134.230.2 port 67

2020:12:22-19:31:01 gw /usr/sbin/cron[24101]: (dehydrated) CMD (/var/chroot-reverseproxy/usr/dehydrated/bin/renew_certificate.pl > /dev/null)

2020:12:22-19:31:02 gw dhclient: DHCPREQUEST for 24.134.237.101 on eth2 to 88.134.230.2 port 67

2020:12:22-19:31:19 gw dhclient: DHCPREQUEST for 24.134.237.101 on eth2 to 88.134.230.2 port 67

2020:12:22-19:31:27 gw dhclient: DHCPREQUEST for 24.134.237.101 on eth2 to 88.134.230.2 port 67

2020:12:22-19:31:35 gw dhclient: DHCPREQUEST for 24.134.237.101 on eth2 to 88.134.230.2 port 67

2020:12:22-19:31:47 gw dhclient: DHCPREQUEST for 24.134.237.101 on eth2 to 88.134.230.2 port 67

2020:12:22-19:32:01 gw /usr/sbin/cron[24563]: (root) CMD ( nice -n19 /usr/local/bin/gen_inline_reporting_data.plx)

2020:12:22-19:32:01 gw /usr/sbin/cron[24564]: (dehydrated) CMD (/var/chroot-reverseproxy/usr/dehydrated/bin/renew_certificate.pl > /dev/null)

2020:12:22-19:32:06 gw dhclient: DHCPREQUEST for 24.134.237.101 on eth2 to 88.134.230.2 port 67

2020:12:22-19:32:14 gw dhclient: DHCPREQUEST for 24.134.237.101 on eth2 to 88.134.230.2 port 67

2020:12:22-19:32:34 gw dhclient: DHCPREQUEST for 24.134.237.101 on eth2 to 88.134.230.2 port 67

2020:12:22-19:32:43 gw dhclient: DHCPREQUEST for 24.134.95.205 on eth1 to 88.134.230.2 port 67

2020:12:22-19:32:43 gw dhclient: DHCPACK of 24.134.95.205 from 88.134.230.2

2020:12:22-19:32:43 gw dhclient: bound to 24.134.95.205 -- renewal in 1228 seconds.

2020:12:22-19:32:48 gw dhclient: DHCPREQUEST for 24.134.237.101 on eth2 to 88.134.230.2 port 67

2020:12:22-19:33:01 gw /usr/sbin/cron[25076]: (dehydrated) CMD (/var/chroot-reverseproxy/usr/dehydrated/bin/renew_certificate.pl > /dev/null)

2020:12:22-19:33:08 gw dhclient: DHCPREQUEST for 24.134.237.101 on eth2 to 255.255.255.255 port 67

2020:12:22-19:33:17 gw dhclient: DHCPREQUEST for 24.134.237.101 on eth2 to 255.255.255.255 port 67

2020:12:22-19:33:26 gw dhclient: DHCPREQUEST for 24.134.237.101 on eth2 to 255.255.255.255 port 67

2020:12:22-19:33:26 gw dhclient: DHCPACK of 24.134.237.101 from 88.134.230.2

2020:12:22-19:33:26 gw dhclient: bound to 24.134.237.101 -- renewal in 1554 seconds.

Then after a while this comes up:

19:32:06 gw dhclient: DHCPREQUEST for 24.134.237.101 on eth2 to 88.134.230.2 port 67

2020:12:22-19:32:14 gw dhclient: DHCPREQUEST for 24.134.237.101 on eth2 to 88.134.230.2 port 67

2020:12:22-19:32:34 gw dhclient: DHCPREQUEST for 24.134.237.101 on eth2 to 88.134.230.2 port 67

2020:12:22-19:32:43 gw dhclient: DHCPREQUEST for 24.134.95.205 on eth1 to 88.134.230.2 port 67

2020:12:22-19:32:43 gw dhclient: DHCPACK of 24.134.95.205 from 88.134.230.2

2020:12:22-19:32:43 gw dhclient: bound to 24.134.95.205 -- renewal in 1228 seconds.

2020:12:22-19:32:48 gw dhclient: DHCPREQUEST for 24.134.237.101 on eth2 to 88.134.230.2 port 67

2020:12:22-19:33:01 gw /usr/sbin/cron[25076]: (dehydrated) CMD (/var/chroot-reverseproxy/usr/dehydrated/bin/renew_certificate.pl > /dev/null)

2020:12:22-19:33:08 gw dhclient: DHCPREQUEST for 24.134.237.101 on eth2 to 255.255.255.255 port 67

2020:12:22-19:33:17 gw dhclient: DHCPREQUEST for 24.134.237.101 on eth2 to 255.255.255.255 port 67

2020:12:22-19:33:26 gw dhclient: DHCPREQUEST for 24.134.237.101 on eth2 to 255.255.255.255 port 67

2020:12:22-19:33:26 gw dhclient: DHCPACK of 24.134.237.101 from 88.134.230.2

2020:12:22-19:33:26 gw dhclient: bound to 24.134.237.101 -- renewal in 1554 seconds.

2020:12:22-19:34:01 gw /usr/sbin/cron[25630]: (dehydrated) CMD (/var/chroot-reverseproxy/usr/dehydrated/bin/renew_certificate.pl > /dev/n


I have no idea what else to try.

Any help is very welcome.

Cheers,

Horst



This thread was automatically locked due to age.
Parents
  • FormerMember
    0 FormerMember

    Hi ,

    Thank you for reaching out to the Community! 

    What is the firmware version on your firewall? 

    Can you share a screenshot of Uplink Balancing?  Did you select automatic monitoring? 

    Did you define the gateway for the new WAN interface on the UTM? 

    If UTM is sending DHCP requests and does not get DHCP Ack from the server, it needs to be looked at at the upstream device. 

    Thanks,

Reply
  • FormerMember
    0 FormerMember

    Hi ,

    Thank you for reaching out to the Community! 

    What is the firmware version on your firewall? 

    Can you share a screenshot of Uplink Balancing?  Did you select automatic monitoring? 

    Did you define the gateway for the new WAN interface on the UTM? 

    If UTM is sending DHCP requests and does not get DHCP Ack from the server, it needs to be looked at at the upstream device. 

    Thanks,

Children
No Data