Sophos UTM 9.510-4 released - let's share experiences!

Released yesterday:


Found out so far, that mailmanager is broken:

Others? :-)

  • In reply to talex:

    With 9.509, I had no problem with the User Portal.  With 9.510-5 on my lab UTM, when I login, my username and email address appear at the upper-right, but then it locks up and displays nothing more.  A reboot and a restore did not help.  Anyone else?

    Cheers - Bob

  • In reply to BAlfson:

    I cant confirm this, UserPortal is working fine as before.


    But i have another Issue, dont know if ist from this Version but my config: 


    I have the Sophos behind a NAT Router in my Testing environement and would like to establish an IPSECL2TP VPN with preshared key. If i do this in the UTM i cant connnect. If i disable IPSEC in UTM and make 3 DNat Rules to a RAS Server in my Network, i can connect and IPSEC/L2TP works fine.


    Can someone explain this to me?


    Best Regards

  • In reply to Raven:

    I performed the update to 9.510-4 remotely (on my UTM at home), everything seemed to be fine, no issues noted.

    Today I update to 9.510-5 remotely, and now the system is off-line and has been for well over an hour....

    gonna have to look at this when I get back... :(

  • In reply to Raven:

    Different IPsec remote access servers have different levels of security.  The UTM's L2TP/IPsec implementation doesn't have the ability to "sign" encrypted packets with the public IP on your router, so your L2TP/IPsec client rejects those packets.

    Cheers - Bob

  • It's been over 3 weeks now and the 9.510-4 update is not available through Up2Date yet.  I'm just wondering if the update is being delayed or there is something wrong on my end as a I usually recieve an email stating the firmware has been downloaded and is ready to be installed.


    Still running 9.509-3

  • In reply to alan weir:

    The latest is 9.510-5, available on the ftp site earlier this week.  I'm still not recommending it.  When I put it on my lab UTM, the User Portal was hosed, but no one else has reported that, so I may be headed for an install from scratch.

    Cheers - Bob

  • In reply to BAlfson:

    Ok then I'll just wait for the Up2Date firmware to be released.

  • In reply to BAlfson:

    Bob, have you tried deleting your browser cookies?   There was a rash of complaints in this topic that Mail Manager was broken, but it appeared to have been resolved by resetting cookies, so I wonder if it would solve your problem as well.

    I have not seen anything from Sophos indicating that they understand the Mail Manager problem and are addressing it.   At least mail manager is used by a small pool of relatively sophisticated users.   Because  User Portal is offered to a large pool of relatively less sophisticated users, even a requirement to purge cookies is problematic.    So I hope we will see another hotfix to bring us to 9.510-6.

    9.510 has a fix to Country Blocking Exceptions which I am eager to use, but for the moment I am holding firm on 9.506 because of the reported problems with subsequent versions.

  • Just seen the first of my many UTM's notify me that this is now available....

  • In reply to Martin Hepworth:

    Hello all,

    yesterday I updated my Sophos UTM HA environment to version 9.510-5. And yes, HA is working again as it should! In the past I had error messages regarding Pop3 proxy not running, ACC device Agent not running, HA selfcheck after doing a failover and a faultback. Now, after doing a failover or a faultback there no more error messages.

  • In reply to Martin Hepworth:

    9.510-5 just updated

  • In reply to StefanLoeser:

    Clear cookies/cache

  • In reply to DouglasFoster:

    Agreed, Douglas, my first solution was to open a different browser (Chrome), and that worked.  Then, I tried to solve it by following this tip - Firefox: Delete cookies to remove the information websites have stored on your computer - no joy.

    Edit 2018-08-15: Resolved - see my post below.

    Cheers - Bob

  • 9.510-5 email appeared for me!
    will wait 'till I get home with updating :)
    edit: nothing kaput yet

     System will be rebooted
     Configuration will be upgraded
     Connected APs will perform firmware upgrade
     Connected REDs will perform firmware upgrade
     Maintenance Release
     Fix [NUTM-8273]: [Basesystem] Inconsistent reporting data in hot standby environment
     Fix [NUTM-9089]: [Basesystem] ulogd restarting randomly
     Fix [NUTM-9423]: [Basesystem] Missing DMI info or missing WiFi card should turn status LED red for desktop refresh models
     Fix [NUTM-9516]: [Basesystem] CVE-2017-3145: BIND vulnerability
     Fix [NUTM-9764]: [Basesystem] multiple NTP vulnerabilities
     Fix [NUTM-9862]: [Basesystem] CVE-2018-8897: Don't use IST entry for #BP stack
     Fix [NUTM-9944]: [Basesystem] 'ethtool -p' is not working for shared port
     Fix [NUTM-9945]: [Basesystem] SG/XG 125/135 upper 4 ports LEDs at front and rear side not behaving as expected
     Fix [NUTM-10124]: [Email] TLS Errors - renegotiation not allowed
     Fix [NUTM-9286]: [Email] CVE-2011-3389: SSL/TLS BEAST Vulnerability And Weak Algorithms
     Fix [NUTM-9460]: [Email] Quarantine unscannable and encrypted content not working as expected
     Fix [NUTM-9539]: [Email] SMTP callout with TLS does not work
     Fix [NUTM-9627]: [Email] Parent proxy for WAF (ctipd) not applied without active e-mail subscription
     Fix [NUTM-9771]: [Email] Redesign TFT detection to decrease false positives/negatives
     Fix [NUTM-9836]: [Email] HSTS usage breaks Quarantine Report release link
     Fix [NUTM-9789]: [Logging] Not able to archive logs using SMB share
     Fix [NUTM-8969]: [Network] Inconsistent DHCP leases in WebAdmin
     Fix [NUTM-9049]: [Network] Cannot change IPv4 interface as IPv6 gateway is required
     Fix [NUTM-9194]: [Network] Static route switching to different VLAN
     Fix [NUTM-9646]: [Network] eth0 is falsely marked "dead" when running "hs" on slave
     Fix [NUTM-9739]: [Network] Network monitor restarting on slave nodes
     Fix [NUTM-10118]: [Reporting] Authenticated Remote Code Execution in WebAdmin
     Fix [NUTM-9607]: [Reporting] Upper case umlauts in PDF Executive Reports are not displayed correctly
     Fix [NUTM-9624]: [Reporting] WAF - Top attackers won't be displayed after upgrade to v9.5
     Fix [NUTM-9719]: [SUM] Web Protection service shown as down in SUM
     Fix [NUTM-9547]: [UI Framework] UserPortal does not correctly detect browser specified preferred language for Chinese Simplified
     Fix [NUTM-9527]: [WAF] Fix mod_url_hardening stack corruption
     Fix [NUTM-8038]: [WebAdmin] WebAdmin not available
     Fix [NUTM-9232]: [WebAdmin] Sometimes 'backend connection failed' while login
     Fix [NUTM-9529]: [WebAdmin] Role with 'Web Protection Manager' rights can't access Aplication Control
     Fix [NUTM-9689]: [WebAdmin] Report Auditor role is unable to open the dashboard
     Fix [NUTM-5293]: [Web] Google is missed in the Search Engines reports
     Fix [NUTM-6240]: [Web] FTP download through HTTP Proxy in standard mode not possible
     Fix [NUTM-9039]: [Web] Connections may fail when using upstream proxies due to "Proxy-Connection" header being sent
     Fix [NUTM-9399]: [Web] Classification for Windows Updates differs between AFC and conntrack
     Fix [NUTM-9413]: [Web] Unable to upload certificate to "Local Verification CAs"
     Fix [NUTM-9491]: [Web] HTTP Proxy coredumps with SIGABRT
     Fix [NUTM-9549]: [Web] Proceeding after content warning results in display issues on redirected pages
     Fix [NUTM-9599]: [Web] HTTP Proxy requests stuck without appropriate timeout
     Fix [NUTM-9630]: [Web] Fallback log flooded with samlogon cache timeout messages
     Fix [NUTM-9664]: [Web] Country blocking exception not working when HTTP Proxy is using SSO
     Fix [NUTM-9720]: [Web] Can't proceed content warning for MIME types if URL contains spaces
     Fix [NUTM-9745]: [Web] HTTP Proxy coredumps with SIGSEGV
     Fix [NUTM-7628]: [Wireless] Wireless clients frequently failing to connect with STA WPA failure reason code 2
     Fix [NUTM-8946]: [Wireless] APs displayed as inactive in WebAdmin while clients can connect
     Fix [NUTM-9591]: [Wireless] Both local WiFi using 2.4GHz band and same channel in default configuration
     Fix [NUTM-9592]: [Wireless] Unable to broadcast same SSID on both LocalWifi0 and LocalWifi1
     Fix [NUTM-9594]: [Wireless] Incorrect channel information showing on overview for LocalWifi
     Fix [NUTM-9608]: [Wireless] Incorrect generic error message in WebAdmin while configuring band for wireless network
     Fix [NUTM-9638]: [Wireless] Both local WiFi AP named 'Local'
     Fix [NUTM-9731]: [Wireless] Not able to configure channel 12 and 13 on newer desktop models
     Fix [NUTM-9735]: [Wireless] Set default channel width to 40MHz for 5GHz band
     Fix [NUTM-9737]: [Wireless] SGw appliances missing frequency definitions for Nigeria
    RPM packages contained:
  • In reply to DouglasFoster:

    I'd never removed selected cookies with Firefox before, so I had skipped the final step.  After I really removed them, everything works fine.

    Cheers - Bob