Parent SUM not updating child SUMs

Question

Hello - 
 We have four Sophos servers on prem. One parent SEC and three child SUMs. The parent SEC gets updates from Sophos and the child SUMs update from the parent. The SEC and SUMs are configured to use WebCIDs for updating. This has been the configuration for our Sophos environment for the last 10 years. All of the necessary ports on the SEC's firewall have been configured correctly. On August 24, 2021, the child SUMs stopped getting updates from the parent SEC. 
 If I turn off the host firewall on our SEC, the child SUMs update successfully. When the host firewall on SEC is on, the child SUMs can no longer receive updates from the SEC. AFAIK, no changes have been made on the SEC or SUMs. Most of the firewall exceptions have been pushed to the SEC and SUMs via group policy. 
 I have an opened support request with Sophos and we are unable to solve the issue after a couple of Zoom sessions. 
 I guess the work around will have to do for now, which is turning off the firewall on the SEC.

dluneau · Accepted Answer

I received an update from Sophos Support. Changing the registry values below on the child SUMs solved the problem. I did come across the article talking about this but I didn't think it applied to us because we were using HTTP and not HTTPS. 
 
 -"HKEY_LOCAL_MACHINE\SOFTWARE\Sophos\UpdateManager\Security" <Value Name="ConnectionMode" Data="0" Type="REG_DWORD"/> This value should be "0" as default, but please change it to "1"

Parent SUM not updating child SUMs

Top Replies