How to Run Continuous Ping Sophos Utm Cli

October 17, 2022 Post a Comment

Disclaimer: This information is posted as-is and the content should be referenced at your own risk

In this article, we will take a look at the GUI options for the troubleshooting in Sophos XG. All the options mentioned below can be accessed underMONITOR & ANALYZE > Diagnostics > Tools. Two Pop-out options are Log viewer & Policy tester . Please check the linked articles to understand more about how to use both of these options.

ping Ping is the most common network administration utility used to test the reachability of a host on an Internet Protocol (IP) network and to measure the round-trip time for messages sent from the originating host to a destination computer. Ping sends ICMP echo requests/replies to test the connectivity to other hosts. Use standard ICMP ping to confirm that the server is responding. Ping confirms that the server can respond to an ICMP ping request.
Use Ping diagnostically to:
- Ensure that a host computer you are trying to reach is actually operating or the address is reachable or not
- Check how long it takes to get a response
- Get the IP address from the domain name
- Check for the packet loss

The parameters used are:

IP address/Hostname: Specify the IP address (IPv4/IPv6) or fully qualified domain name to be pinged. Ping determines the network connection between the device and a host on the network. The output shows if the response was received, packets transmitted and received, packet loss if any and the round-trip time. If a host is not responding, ping displays 100% packet loss.

IP family: Select the type of IP family from the options available of IPv4 or IPv6.

Interface: Select the interface through which the ICMP echo requests are to be sent.

Size:Specify the ping packet size, in bytes. Default is 32 bytes but you can select size range between 1 to 65507.

Traceroute Traceroute is a useful tool to determine if a packet or communication stream is being stopped at the device, or is lost on the internet by tracing the path taken by a packet from the source system to the destination system, over the internet.
Use Traceroute to:
- find any discrepancies in the network or the ISP network within milliseconds.
- trace the path taken by a packet from the source system to the destination system, over the internet.

The parameters used are:

IP address/Hostname: Specify the IP address (IPv4/IPv6) or fully qualified domain name. Traceroute determines the network connection between the device and a host on the network. The output shows all the routers through which data packets pass on the way from the source system to the destination system, maximum hops and total time taken by the packet to return measured in milliseconds.

IP family: Select the type of IP family from the options available of IPv4 or IPv6.

Interface: Select the interface through which the requests are to be sent.

Name lookupName lookup is used to query the domain name service for information about domain names and IP addresses. It sends a domain name query packet to a configured domain name system (DNS) server. If a domain name is entered, the return is an IP address to which it corresponds, and if an IP address is entered, then the domain name is returned to which it corresponds. In other words, name lookup reaches out over the internet to do a DNS lookup from an authorized name server and displays the information in a user understandable format.

The parameters used and their descriptions are:

IP address/Hostname: IP address (IPv4/IPv6) or fully qualified domain name that needs to be resolved.

DNS server IP:Select the DNS server to which the query is to be sent. Select the optionLookup using all configured serversto view all the available DNS servers configured in the device. Selecting this option will also provide information about the time taken by each DNS server to resolve the query. Based on the response time, of each server, you can prioritize the DNS server.

Route lookup If you have routable networks and wish to search through which interface the device routes the traffic then lookup the route for the IP address (IPv4/IPv6).
URL category lookupThe optionMONITOR & ANALYZE > Diagnostics > URL category lookup allows you to search whether the URL is categorized or not. It searches the specified URL and displays the category name under which the URL is categorized along with the category description. If domain/URL is categorized under both a custom category and a default category, then the name of the custom category will be displayed in the search result.
To search a URL: