Thread Info
  • State Suggested Answer
  • Locked Locked
  • Replies 15 replies
  • Answers 1 answer
  • Subscribers 40 subscribers
  • Views 1541 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Firewall XG-115w not reachable per LAN, WAN and WLAN

Christian Sander

Dear Forum,

i have a very big Problem with the Firewall XG-115W, SFOS 18.0.4 MR-4.

After a view hours, the firewall is not reachable through LAN, WAN and WLAN. The Firewall is not answering to ping, the WLAN Network is not shown in the WLAN Network List of my Computer.

The Lamps on the Network Connection is light continuously.  The blue activity lamp of the Firewall is permanently off in this Situation.

Just a hard reset, power off an on, will function.

Sophos Support just sends my a new Firewall via RMA. But both Firewalls have the same problem.

I just set the Firewall to factory default and install my backup. I have changed the power Supply.

I have checked the Log-Files, but I found nothing to localize the Problem.

What else I can do? Have andybody any Idea?

Please excuse my English Blush

Christian



This thread was automatically locked due to age.
  • 0

    Hi, 

    what does the diagnostics show for CPU, load, etc before the crash?

    Ian

    XG115W - v20 GA - Home

    XG on VM 8 - v20 GA

    If a post solves your question please use the 'Verify Answer' button.

  • 0

    Hi,

    the performance test will not shown anything unusual. But in the Moment when the Firewall is not reachable i can't login to see, and after the restart the logs are deleted.

    Christian

  • 0 in reply to Brian1941

    I dont hope so, the firewall is new. The Bug is probably existant on older Devices.

  • 0 in reply to Christian Sander

    If you look at the diagnostics you should the graphs after a reboot.

    ian

    XG115W - v20 GA - Home

    XG on VM 8 - v20 GA

    If a post solves your question please use the 'Verify Answer' button.

  • 0 in reply to rfcat_vk

    0743.Sophos.pdfYes, sorry, you are right.  In the log you can see the down time yesterday 5.30 p.m.  But nothing else :-(

  • 0 in reply to Christian Sander

    There is a big spike in memory just before the crash. What if any functions do you have scheduled and are they at a regular time?
    ian

    XG115W - v20 GA - Home

    XG on VM 8 - v20 GA

    If a post solves your question please use the 'Verify Answer' button.

  • 0 in reply to rfcat_vk

    I have no tasks found. Is there any Protokol or Log-File where i can see what happend at this time?

  • 0

    Hello Christian,

    Thank you for contacting the Sophos Community.

    Could you share the Case ID you open with support?

    Since this is the second time it is happening, you would need to open a new case, when opening the new case please share the following:

    csc.log, applog.log, syslog.log, msync.log and networkd.log
    If possible, memory and CPU graph and all this detail with exact date and time when issue observed.

    To run this commands you need to access the Advanced Shell of the XG using Putty and pressing 5 > 3

    • less applog.log | grep "Tainted"
      grep "NMI" syslog.log
      grep "pkt_vma_close+0xc" -B20 syslog.log | grep -E "stuck|spin_lock" | wc -l
      grep "pkt_vma_close+0xa" -B20 syslog.log | grep -E "stuck|spin_lock" | tail -12


    If you have any log under

    • /var/cores

    please submit the output of the command.
    Also the output of this command:  

    • grep 'NMI\|backtrace' /log/syslog.log


    Additionally please run the following command, to disable Firewall-Acceleration and monitor if the issue happens again.


    • console> system firewall-acceleration disable


    To see if the Firewall Acceleration is enabled, please run

    • console> system firewall-acceleration show

    Additionally to this, you’ll need a direct console/serial connection to the device.

    Note: Be sure that the computer in question does not go into Standby or Hibernate while logging.

    Using PuTTY, go to 'Session' - 'Logging.'
    Here, select "All session output', and set the file name to a folder and name for later retrieval.
    Configure the Serial connection to use the proper COM port on your PC and a Speed of 38400.
    Start the session, and log in to ensure it is all proper.
    Once logged in, you can leave it there or log out and leave the session at the password prompt. Either way, leave the session active and allow it to capture the output from the next reboot.
    Once that reboot occurs, you can end the Serial connection and provide the logs to support further investigation.

    Also, can you share the S/N Prefix of your current XG device, only the first letter, and first 5 numbers.

    Regards,

     
    Emmanuel (EmmoSophos)
    Technical Team Lead, Global Community Support
    Sophos Support VideosProduct Documentation  |  @SophosSupport  | Sign up for SMS Alerts
    If a post solves your question use the 'Verify Answer' link.
  • 0

    Hello Christian,

    really looks like a hardware problem but on two machines?

    You can try to use the console cable to login.
    What is the HDMI monitor displaying when the systems crashed?
    Is the same thing happening if you don't load the backup?
    If you want to know the latest logs you could setup a syslog server ...

    Did you install 18.04 as your first OS or was this an update from an older version?

    How much memory do you have?

    Best regards,
    BeEf

Unfiltered HTML