Sophos UTM 9.510-4 released - let's share experiences!

Released yesterday:

https://community.sophos.com/products/unified-threat-management/b/utm-blog/posts/utm-up2date-9-510-released

 

Found out so far, that mailmanager is broken:

Others? :-)

  • In reply to talex:

    With 9.509, I had no problem with the User Portal.  With 9.510-5 on my lab UTM, when I login, my username and email address appear at the upper-right, but then it locks up and displays nothing more.  A reboot and a restore did not help.  Anyone else?

    Cheers - Bob

  • In reply to BAlfson:

    I cant confirm this, UserPortal is working fine as before.

     

    But i have another Issue, dont know if ist from this Version but my config: 

     

    I have the Sophos behind a NAT Router in my Testing environement and would like to establish an IPSECL2TP VPN with preshared key. If i do this in the UTM i cant connnect. If i disable IPSEC in UTM and make 3 DNat Rules to a RAS Server in my Network, i can connect and IPSEC/L2TP works fine.

     

    Can someone explain this to me?

     

    Best Regards

  • In reply to Raven:

    I performed the update to 9.510-4 remotely (on my UTM at home), everything seemed to be fine, no issues noted.

    Today I update to 9.510-5 remotely, and now the system is off-line and has been for well over an hour....

    gonna have to look at this when I get back... :(

  • In reply to Raven:

    Different IPsec remote access servers have different levels of security.  The UTM's L2TP/IPsec implementation doesn't have the ability to "sign" encrypted packets with the public IP on your router, so your L2TP/IPsec client rejects those packets.

    Cheers - Bob

  • It's been over 3 weeks now and the 9.510-4 update is not available through Up2Date yet.  I'm just wondering if the update is being delayed or there is something wrong on my end as a I usually recieve an email stating the firmware has been downloaded and is ready to be installed.

     

    Still running 9.509-3

  • In reply to alan weir:

    The latest is 9.510-5, available on the ftp site earlier this week.  I'm still not recommending it.  When I put it on my lab UTM, the User Portal was hosed, but no one else has reported that, so I may be headed for an install from scratch.

    Cheers - Bob

  • In reply to BAlfson:

    Ok then I'll just wait for the Up2Date firmware to be released.

  • In reply to BAlfson:

    Bob, have you tried deleting your browser cookies?   There was a rash of complaints in this topic that Mail Manager was broken, but it appeared to have been resolved by resetting cookies, so I wonder if it would solve your problem as well.

    I have not seen anything from Sophos indicating that they understand the Mail Manager problem and are addressing it.   At least mail manager is used by a small pool of relatively sophisticated users.   Because  User Portal is offered to a large pool of relatively less sophisticated users, even a requirement to purge cookies is problematic.    So I hope we will see another hotfix to bring us to 9.510-6.

    9.510 has a fix to Country Blocking Exceptions which I am eager to use, but for the moment I am holding firm on 9.506 because of the reported problems with subsequent versions.

  • Just seen the first of my many UTM's notify me that this is now available....

  • In reply to Martin Hepworth:

    Hello all,

    yesterday I updated my Sophos UTM HA environment to version 9.510-5. And yes, HA is working again as it should! In the past I had error messages regarding Pop3 proxy not running, ACC device Agent not running, HA selfcheck after doing a failover and a faultback. Now, after doing a failover or a faultback there no more error messages.

  • In reply to Martin Hepworth:

    9.510-5 just updated

     
  • In reply to StefanLoeser:

    Clear cookies/cache

  • In reply to DouglasFoster:

    Agreed, Douglas, my first solution was to open a different browser (Chrome), and that worked.  Then, I tried to solve it by following this tip - Firefox: Delete cookies to remove the information websites have stored on your computer - no joy.

    Edit 2018-08-15: Resolved - see my post below.

    Cheers - Bob

  • 9.510-5 email appeared for me!
    will wait 'till I get home with updating :)
    edit: nothing kaput yet

    changelog:
    Remarks:
     System will be rebooted
     Configuration will be upgraded
     Connected APs will perform firmware upgrade
     Connected REDs will perform firmware upgrade
    
    News:
     Maintenance Release
    
    Bugfixes:
     Fix [NUTM-8273]: [Basesystem] Inconsistent reporting data in hot standby environment
     Fix [NUTM-9089]: [Basesystem] ulogd restarting randomly
     Fix [NUTM-9423]: [Basesystem] Missing DMI info or missing WiFi card should turn status LED red for desktop refresh models
     Fix [NUTM-9516]: [Basesystem] CVE-2017-3145: BIND vulnerability
     Fix [NUTM-9764]: [Basesystem] multiple NTP vulnerabilities
     Fix [NUTM-9862]: [Basesystem] CVE-2018-8897: Don't use IST entry for #BP stack
     Fix [NUTM-9944]: [Basesystem] 'ethtool -p' is not working for shared port
     Fix [NUTM-9945]: [Basesystem] SG/XG 125/135 upper 4 ports LEDs at front and rear side not behaving as expected
     Fix [NUTM-10124]: [Email] TLS Errors - renegotiation not allowed
     Fix [NUTM-9286]: [Email] CVE-2011-3389: SSL/TLS BEAST Vulnerability And Weak Algorithms
     Fix [NUTM-9460]: [Email] Quarantine unscannable and encrypted content not working as expected
     Fix [NUTM-9539]: [Email] SMTP callout with TLS does not work
     Fix [NUTM-9627]: [Email] Parent proxy for WAF (ctipd) not applied without active e-mail subscription
     Fix [NUTM-9771]: [Email] Redesign TFT detection to decrease false positives/negatives
     Fix [NUTM-9836]: [Email] HSTS usage breaks Quarantine Report release link
     Fix [NUTM-9789]: [Logging] Not able to archive logs using SMB share
     Fix [NUTM-8969]: [Network] Inconsistent DHCP leases in WebAdmin
     Fix [NUTM-9049]: [Network] Cannot change IPv4 interface as IPv6 gateway is required
     Fix [NUTM-9194]: [Network] Static route switching to different VLAN
     Fix [NUTM-9646]: [Network] eth0 is falsely marked "dead" when running "hs" on slave
     Fix [NUTM-9739]: [Network] Network monitor restarting on slave nodes
     Fix [NUTM-10118]: [Reporting] Authenticated Remote Code Execution in WebAdmin
     Fix [NUTM-9607]: [Reporting] Upper case umlauts in PDF Executive Reports are not displayed correctly
     Fix [NUTM-9624]: [Reporting] WAF - Top attackers won't be displayed after upgrade to v9.5
     Fix [NUTM-9719]: [SUM] Web Protection service shown as down in SUM
     Fix [NUTM-9547]: [UI Framework] UserPortal does not correctly detect browser specified preferred language for Chinese Simplified
     Fix [NUTM-9527]: [WAF] Fix mod_url_hardening stack corruption
     Fix [NUTM-8038]: [WebAdmin] WebAdmin not available
     Fix [NUTM-9232]: [WebAdmin] Sometimes 'backend connection failed' while login
     Fix [NUTM-9529]: [WebAdmin] Role with 'Web Protection Manager' rights can't access Aplication Control
     Fix [NUTM-9689]: [WebAdmin] Report Auditor role is unable to open the dashboard
     Fix [NUTM-5293]: [Web] Google is missed in the Search Engines reports
     Fix [NUTM-6240]: [Web] FTP download through HTTP Proxy in standard mode not possible
     Fix [NUTM-9039]: [Web] Connections may fail when using upstream proxies due to "Proxy-Connection" header being sent
     Fix [NUTM-9399]: [Web] Classification for Windows Updates differs between AFC and conntrack
     Fix [NUTM-9413]: [Web] Unable to upload certificate to "Local Verification CAs"
     Fix [NUTM-9491]: [Web] HTTP Proxy coredumps with SIGABRT
     Fix [NUTM-9549]: [Web] Proceeding after content warning results in display issues on redirected pages
     Fix [NUTM-9599]: [Web] HTTP Proxy requests stuck without appropriate timeout
     Fix [NUTM-9630]: [Web] Fallback log flooded with samlogon cache timeout messages
     Fix [NUTM-9664]: [Web] Country blocking exception not working when HTTP Proxy is using SSO
     Fix [NUTM-9720]: [Web] Can't proceed content warning for MIME types if URL contains spaces
     Fix [NUTM-9745]: [Web] HTTP Proxy coredumps with SIGSEGV
     Fix [NUTM-7628]: [Wireless] Wireless clients frequently failing to connect with STA WPA failure reason code 2
     Fix [NUTM-8946]: [Wireless] APs displayed as inactive in WebAdmin while clients can connect
     Fix [NUTM-9591]: [Wireless] Both local WiFi using 2.4GHz band and same channel in default configuration
     Fix [NUTM-9592]: [Wireless] Unable to broadcast same SSID on both LocalWifi0 and LocalWifi1
     Fix [NUTM-9594]: [Wireless] Incorrect channel information showing on overview for LocalWifi
     Fix [NUTM-9608]: [Wireless] Incorrect generic error message in WebAdmin while configuring band for wireless network
     Fix [NUTM-9638]: [Wireless] Both local WiFi AP named 'Local'
     Fix [NUTM-9731]: [Wireless] Not able to configure channel 12 and 13 on newer desktop models
     Fix [NUTM-9735]: [Wireless] Set default channel width to 40MHz for 5GHz band
     Fix [NUTM-9737]: [Wireless] SGw appliances missing frequency definitions for Nigeria
    
    RPM packages contained:
     libsaviglue-9.50-31.g5e3c21d.rb5.i686.rpm         
     cm-nextgen-agent-9.50-16.gc08104a.rb5.i686.rpm    
     firmwares-bamboo-9400-0.293035296.g3733ac8.rb2.i586.rpm
     hostapd-2.2-1.0.287145451.ga02be97.rb6.i686.rpm   
     modurlhardening-9.50-222.g4fa60fe.rb6.i686.rpm    
     perf-tools-3.12.74-0.292688430.ga5ef2ae.rb5.i686.rpm
     red-firmware2-5125-0.282730588.g354eda3d8.rb7.noarch.rpm
     red15-firmware-5125-0.282730547.g89c84b337.rb10.noarch.rpm
     samba-4.6.8-4.gae6a03c.rb2.i686.rpm               
     ulogd-2.1.0-133.g0d89a85.rb5.i686.rpm             
     ep-reporting-9.50-54.g9e81107.rb4.i686.rpm        
     ep-reporting-c-9.50-151.g7de2457.rb3.i686.rpm     
     ep-reporting-resources-9.50-54.g9e81107.rb4.i686.rpm
     ep-awed-9.50-58.g7de6526.rb5.i686.rpm             
     ep-branding-ASG-afg-9.50-78.gabee2c3.noarch.rpm   
     ep-branding-ASG-ang-9.50-78.gabee2c3.noarch.rpm   
     ep-branding-ASG-asg-9.50-78.gabee2c3.noarch.rpm   
     ep-branding-ASG-atg-9.50-78.gabee2c3.noarch.rpm   
     ep-branding-ASG-aug-9.50-78.gabee2c3.noarch.rpm   
     ep-confd-9.50-1822.g447351b3.i686.rpm             
     ep-ha-daemon-9.50-5.g7d07dcc.rb5.i686.rpm         
     ep-init-9.50-38.g352a07a.rb8.noarch.rpm           
     ep-libs-9.50-33.g690bd32.rb9.i686.rpm             
     ep-logging-9.50-18.g10653ef.rb3.i686.rpm          
     ep-mdw-9.50-1060.gc9c553bb.rb9.i686.rpm           
     ep-postgresql92-9.50-109.g359d1c5.rb8.i686.rpm    
     ep-postgresql92-64-9.50-109.g359d1c5.rb7.x86_64.rpm
     ep-screenmgr-9.50-3.g07035cc.rb46.i686.rpm        
     ep-utm-watchdog-9.50-88.ge2d9ca8.rb2.i686.rpm     
     ep-webadmin-9.50-1416.gb92b94217.i686.rpm         
     ep-webadmin-contentmanager-9.50-84.g749571d.rb20.i686.rpm
     ep-chroot-httpd-9.50-37.g1cad00c.rb4.noarch.rpm   
     ep-chroot-smtp-9.50-149.g1ad0a54.rb2.i686.rpm     
     chroot-bind-9.10.7-0.292458892.g9711d3a.rb2.i686.rpm
     chroot-ntp-4.2.8p11-0.gc174a78.rb3.i686.rpm       
     chroot-smtp-9.50-24.gb41bc0f8.rb3.i686.rpm        
     ep-httpproxy-9.50-547.g1f8aab75.rb3.i686.rpm      
     kernel-smp-3.12.74-0.292688430.ga5ef2ae.rb5.i686.rpm
     kernel-smp64-3.12.74-0.292688430.ga5ef2ae.rb5.x86_64.rpm
     ep-release-9.510-5.noarch.rpm                     
  • In reply to DouglasFoster:

    I'd never removed selected cookies with Firefox before, so I had skipped the final step.  After I really removed them, everything works fine.

    Cheers - Bob