Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 2 replies
  • Subscribers 0 subscribers
  • Views 12546 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Sophos Firewall blocking antivirus update packages

cce27

Hi all,

I've just put Sophos Firewall in place for the first time (I had been using routers inside our network for that until now) with a custom set up with a few particular ports excluded from the block list. And while the policies seem to work (I can still get in to the computers remotely, policy shows updated to the new settings inside the enterprise console), the computers I tested immediately started failing to recieve Sophos Antivirus updates with the message "ERROR: Could not find a source for updates packages" and error code 00000071.

I assume that Sophos firewall is blocking sophos antivirus in some way, but I don't know how or where. Can anyone give advice?

:57236


This thread was automatically locked due to age.
  • 0

    Hello cce27,

    immediately started failing

    how did you deploy the firewall, Protect computers from the console with a reboot afterwards?

    Sophos firewall is blocking sophos antivirus

    [nitpicking] AutoUpdate is the component responsible for updating [/nitpicking] You might have noticed the scf.dat files in the Sophos program folders. SCF has a "hidden" rule Allow Sophos application connection and the scf.dat files identify the respective executables. Thus SCF is supposed not to block AutoUpdate.

    00000071

    You should start with the ALUpdate logs on the endpoints and check for the specific error to determine what caused the download to fail.

    Christian

    :57239
  • 0

    As QC says above starting with the updating log on the endpoint computer will tell you what package AutoUpdate isn't finding.  The following KBAs may help...

    https://www.sophos.com/en-us/support/knowledgebase/39155.aspx

    https://www.sophos.com/en-us/support/knowledgebase/110302.aspx - worth checking through point 9-12 if you have altered the subscriptions when adding in the firewall component.  Also see point 13 (end bit about the precise folder) and compare with where the endpoint says it is going in it's log.

    :57241

     - - - - - - - - - - - -

    Communities Moderator, SOPHOS
    Knowledge Base  |  @SophosSupport  |  Video tutorials
    Remember to like a post.  If a post (on a question thread) solves your question use the 'This helped me' link.

Unfiltered HTML