Currently if the SMB1 protocol has been disabled on the update server* SAV Linux Servers updating from this machine will fail to update. This is because the Samba version used in the current version of Sophos Anti-Virus for Linux relies on the SMB1 protocol when updating from the Windows Server.
The following error will be seen in the syslog/messages file:
2017-02-20 08:12:33: update.failed Failed to update from primary update source. Redirecting to secondary update source.
This is resolved in the just released version of Sophos Anti-Virus for Linux (9.13.2) where the Samba libraries have been updated (version 4.6.1) for compatibility with later SMB versions.
*to check the version enter the command Get-SmbServerConfiguration in a Power Shell Window.
Applies to the following Sophos product(s) and version(s)
Sophos Anti-Virus for Linux
Current workarounds prior to product update to this release:
One option would be to re-enable SMB1 on the Windows Server until the next release of Sophos Anti-Virus for Linux.
If SMB 1 has already been disabled on the Windows Update Server and if this cannot be re-enabled until the next SAV Linux release there are the following workarounds.
1 - Set the Secondary Server in the SEC updating policy to update directly from Sophos using your Sophos credentials. An update from the Primary location (SEC CID share) will be attempted and will fail and the update will the go directly to Sophos on-line.
This means updating may take longer and the logs will contain errors that the attempted update from the Primary Server failed.
2 - Create an IIS Web CID (See KBAs 38238, 64787) and use this as the Primary Update location.
Every comment submitted here is read (by a human) but we do not reply to specific technical questions. For technical support post a question to the community. Or click here for new feature/product improvements. Alternatively for paid/licensed products open a support ticket.