No web GUI, internet access ok, ssh access ok, VPN ok.

Hi,

Any help restarting the TOMCAT service? Execute, service tomcat: restart -ds nosync in the Advance Console Shell.

Hope that helps.

no, i have try that.

:(

Did you try different Web Browsers and also restarted Apache and Awarrenhttp services? Did you try accessing Sophos XG through the WAN IP and the LAN IP address?

Show me the status of services by running the following command in advance shell:

services -S

lcdd RUNNING
postgres RUNNING
sigdb RUNNING
reportdb RUNNING
crreport UNREGISTERED
awarrensmtp RUNNING
awarrenmta RUNNING
nasm RUNNING
ntpclient RUNNING
garner RUNNING
skein RUNNING
awarrenhttp RUNNING
WINGc RUNNING
warren RUNNING
ftpproxy RUNNING
improxy RUNNING
ctipd RUNNING
antispam RUNNING
ips RUNNING
ripd RUNNING
ospfd RUNNING
bgpd RUNNING
zebra RUNNING
dgd RUNNING
dhcpd RUNNING
dhcpd6 UNREGISTERED
ipsec RUNNING
ddc RUNNING
networkd RUNNING
dyniface UNTOUCHED
gateway RUNNING
tomcat RUNNING
apache RUNNING
antivirus RUNNING
dnsd RUNNING
sslvpn RUNNING
clientless_acce RUNNING
smbnetfs RUNNING
pptpd UNREGISTERED
l2tpd UNREGISTERED
mrouting UNREGISTERED
pimd UNREGISTERED
msync UNTOUCHED
WAF UNREGISTERED
red_client UNTOUCHED
red UNREGISTERED
supportaccess UNTOUCHED
heartbeat UNREGISTERED
hwmon UNREGISTERED
access_server RUNNING
bwm RUNNING
fwm UNTOUCHED
radvd UNREGISTERED
fqdnd RUNNING
fwlog RUNNING
pktcapd RUNNING
wifiauth UNTOUCHED
hostapd UNTOUCHED
mdev RUNNING
awed RUNNING
hotspotd RUNNING
policyroute RUNNING
cfs RUNNING
listener RUNNING
timer RUNNING
shm RUNNING
dbh RUNNING

OK, i see that the tomcat log on other xg, and the errors are present too, but tomcat service is running

2017-10-04 10:54:48.661:INFO::main: Logging initialized @7510ms
2017-10-04 10:54:49.534:INFO:oejs.Server:main: jetty-9.3.6.v20151106
2017-10-04 10:54:49.610:INFO:oejdp.ScanningAppProvider:main: Deployment monitor [file:///usr/share/jetty/webapps/] at interval 1
Exception occured.java.util.MissingResourceException: Can't find bundle for base name CentralConsole, locale en_US
2017-10-04 10:54:54.545:INFO:oejsh.ContextHandler:main: Started o.e.j.w.WebAppContext@1afa04c{/userportal,file:///usr/share/webconsole/,AVAILABLE}{/usr/share/userportal}
Exception occured.java.util.MissingResourceException: Can't find bundle for base name CentralConsole, locale en_US
2017-10-04 10:54:56.212:INFO:oejsh.ContextHandler:main: Started o.e.j.w.WebAppContext@187b79e{/webconsole,file:///usr/share/webconsole/,AVAILABLE}{/usr/share/webconsole}
2017-10-04 10:54:56.255:INFO:oejs.ServerConnector:main: Started ServerConnector@1626d54{HTTP/1.1,[http/1.1]}{0.0.0.0:8009}
2017-10-04 10:54:56.261:INFO:oejs.Server:main: Started @15110ms

I deleted the logs and restarted tomcat
unsuccessfully

recovered the connection through 2 steps, I think the problem was that the ssl certificate was expired and that prevented the web interface being launched.

1) I have updated the firmware with this procedure

after restarting with the new firmware the problem is not solved.

2) Then I remembered that a few months ago the customer renewed the certificate. 

was also changed in the firewall? I don `t believe
if the certificate is expired can this prevent the web interface from being started?
let's try

So I tried to reset the web certificate.

https://www.sophos.com/en-us/medialibrary/PDFs/documentation/SophosFirewall/v16/SF-OS-Command-Reference-Guide.pdf?la=en

Restart....

... And all working OK again !!!!!!!

Caution if there is an invalid certificate installed in the web interface, it does not start.