This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

After replacing old ASG220 by new Sophos SG210: Clients do not have internet access while LAN functionality works just fine

Hello everyone,

I have a more or less huge problem in the office and I would be very grateful to receive some help of yours. :-)

So, a short summary of the problem: some of the clients in the office do not have internet access even though the network functionality works just fine. I can ping any device (of course I can also ping the SG), work on network shares and do just anything I want as long as I do not try to go "outside". As soon as I try to open a website or use my MS Outlook on the clients it just does not work.

It works again when I go to the IPv4 settings and set a static IP address. But I wonder why this step is necessary because the computer does indeed receive an IP address from the new SG (and can also ping any device and work inside the LAN as described before) . 

So here's what I did: We had an Astaro/Sophos ASG220 which has been replaced by a new Sophos SG210. I first unpacked the SG210, then updated it to the latest version so I could import the backup from the ASG220. Then I shut down the ASG220 in order to boot the SG210. Everything looks just fine, most of the computers appear to be running fine (with internet access), but some others just do not.

Edit: Funny thing. The fileserver in the office also shows "No internet access" and refuses to open websites in a browser. But when I try to connect to our FTP-Server from an external network (e.g. my home), which is hosted just on this machine, it works just fine and I can download files. So obviously there IS a network connection, but still it shows the error and will not open websites or synchronize Outlook.

Does anyone know what causes this issue?

Thank you very much in advance!

Best Regards

Sebastian



This thread was automatically locked due to age.
  • Hi
    Not being able to get online could have a lot of causes.

    Was the original ASG220, that you exported your config from, running the same UTM version, that you just tried importing into?
    You said everything works well from inside of the network.. Is everything on the same subnet, therefor not going through the UTM?
    Can you ping the gateway of the UTM? Can you login to the administration page?
    Can the UTM ping your ISPs gateway? ( Check under Support->tools)
    What method are you using to get your users online? A NAT, or the webproxy?
    What does your Firewall logs say?
  • Hi,

    thanks for your effort!
    I meanwhile experienced that the affected machines were those running during the SG-deployment / shutting down the ASG220.
    So they somehow had this old lease and did not really recognize the new SG even though it has the same IP and settings. I do not understand why the computers were able to communicate inside the LAN while being unable to access the internet but everything's good now.

    Quick solution was to give those computers a static IP address. Now internet access was totally there. After rebooting I could switch them back to DHCP-mode and everything was still fine. Problem solved.

    Other solution (which demands way more patience) was to simply wait until the DHCP lease expired and the clients requested a new one. (I wonder why this worked because ipconfig /release and ipconfig /renew did not!).

    However, new SG210 is running just fine. Thank you!

    Best Regards
    Sebastian