This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

External Interface: Intermittent random drops, UTM does not come back up unless the VM is rebooted.

Hi All,

I am new to the Sophos UTM product and a junior network technician, please forgive my ignorance if I haven't explained something correctly as I am still learning and I am not an expert by any means.

I have set up a home lab and use the Sophos UTM (Software Appliance) for routing, dhcp, dns and firewall features. 

The External interface is connected to a Ubiquiti Nano AC for my WAN connection (100MB).

When this connection drops it does not come back up until the Sophos VM has been rebooted. No client whether they are on wireless or eth has access to the internet during this time and internal routing stops working as well, Plex streams will just cut out. The Nano is connected to a HP 1810 8G which has spanning tree and storm control disabled.

There are less than 10 clients in the house, everything is on wireless except for the esxi host.

I have tried for countless hours to isolate the issue but I can not seem to work it out. I have replaced the Intel nic for external, the poe injector, searched the UTM logs, searched the esxi logs,  and I can not find the root cause of drop out. If I directly connect to the esxi host during this time, I can open vSphere and all the VM's are still up.

I have checked the status of my radio with the ISP during the times when it drops and they have shown me that the radio is still connected at the time and has been up for days. 

Only a reboot of the Sophos rectifies the issue until it drops again, this issue can occur twice a day, twice a week or I may get three weeks without a hitch and then it will happen.

Does anyone have any advice on what I need to be looking for within the UTM logs or any specific configurations I should be looking at?

I have attached a network diagram to help explain the network better.

Thanks in advance!



This thread was automatically locked due to age.
  • Hi, Jason, and welcome to the UTM Community!

    What happens if instead of rebooting the VM, you toggle the external interface off then on again?

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • Hi Bob,

    Thank you for the warm welcome!

    When I toggle the external interface, the interface is still marked as down when toggled back to on. I have climbed up on the roof and checked the radio and power cycled the radio and still no change. Then I reboot the VM and all is well.

    Not only is the external traffic affected, the internal routing stops and all clients within the network cannot reach the UTM or any other service hosted within the network.

    It truly is puzzling me.

    Cheers,

    Jase

  • Hi Jason,

      I too am having same issue with our Sophos.  I either have to toggle the interface off and on or re-boot the entire device to correct.


    Did you ever get this resolved or leads to a potential issue?

    I have keep firmware uptodate and combed through the logs when issues occur.

    Thanks,


    David,