This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Firewall drops traffic from internal network

The UTM firewall just drops connections or disconnects itself from internal network, while we are able to access the firewall from external network side, at the same time internally their is no problem, connectivity between the internal network is normal. It happens randomly and may once in week, sometimes once in a month or 3. In all the cases restarting the firewall resolves the issue.



This thread was automatically locked due to age.
Parents
  • do you use LACP or other options to connect more than 1 link to your switches?

    Ho many cables are between UTM and internal switch?

    Something within the switch logs?

    Tell us some more details about device-type, HA, Switches/Stacks, ...


    Dirk

    Systema Gesellschaft für angewandte Datentechnik mbH  // Sophos Platinum Partner
    Sophos Solution Partner since 2003
    If a post solves your question, click the 'Verify Answer' link at this post.

  • yes, LAG was configured just to see if that would resolve this issue, tried changing interface, but still having the issue. Switch log also shows no errors.

    No HA

  • Hala and welcome to the UTM Community!

    If this is not a Sophos hardware appliance, please tell us what NICs are in use.

    When this occurs, do you see any drops in the Firewall log?

    How is external traffic reaching inside your network? NAT rules?  Web Application Firewall?  Remote access?

    When you say "connectivity between the internal network is normal," do you mean that the devices being reached from the outside are in the internal LAN and not in a separate DMZ?

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Reply
  • Hala and welcome to the UTM Community!

    If this is not a Sophos hardware appliance, please tell us what NICs are in use.

    When this occurs, do you see any drops in the Firewall log?

    How is external traffic reaching inside your network? NAT rules?  Web Application Firewall?  Remote access?

    When you say "connectivity between the internal network is normal," do you mean that the devices being reached from the outside are in the internal LAN and not in a separate DMZ?

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Children
No Data