Register Now

Login

Lost Password

Lost your password? Please enter your email address. You will receive a link and will create a new password via email.

Gateway down alerts in Sophos XG Firewall

Issue:

User is getting continuous gateway down alerts or notification in sophos XG firewall log viewer.

Troubleshooting:

Before understanding the resolution, first we need to understand when gateway becomes down or up.

Please go to network >> WAN link manager

WAN link manager screenshot

Here in this location, if the status of the gateway is red in color then it indicates gateway is down.

If the status of the gateway is green in color, then the gateway is up and running.

Whenever the color of the gateway changes from green to red, we will get notification.

So now the question is, when the color of gateway status becomes red?

To answer this, click on the gateway and go to concerned fail over rules as show in below screenshot

wan failover

So as mentioned in the above screenshot, firewall will try to ping the fail over IP very often, in case if it is unable to reach the fail over IP. Then we will get gateway down alert in firewall.

To clearly observe this issue, please follow the below steps:

Step-1: Login to the sophos firewall using putty:

You can follow this article for logging into the cli of the firewall:

https://support.sophos.com/support/s/article/KB-000038697?language=en_US

Step-2:Go to advanced shell (select 5 and 3)

Type “cd /log” and then type this command “grep Dead dgd.log | head -1” as shown in below screenshot.

gateway dead

We will get to know the latest time stamp of the issue. Note down the time stamp and execute this command

grep “May 03 19:41:50” dgd.log

Then you will be able to observe clearly, gateway is trying to reach “fail over IP” and it was unable to reach.

Most of the times this issue could be at ISP level or next hop.

Hope this article helps you.

Thank you.