This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Setting up SUM

Hi,

I am new to Sophos and Firewalls in general. I am trying to set up SUM so that i can see all of our UTM's. I have gone to Central Management under the UTM and enabled SUM. It sees the SUM server, however I am getting the following message:  SUM SSL-connect: 'IO::Socket::INET6 configuration failed'. I am a little inexperienced but could someone point me in the right way?



This thread was automatically locked due to age.
  • Hi, Brandon, and welcome to the UTM Community!

    Try a google on site:community.sophos.com/products/unified-threat-management "IO::Socket::INET6 configuration failed".

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • Not to be negative but I gave SUM a spin and in my opinion it was completely useless - at least for me. I am running my UTM 9s on AWS (external load balanced to UTMs; WAF to ELB to App Servers) and was hoping that SUM would provide centralised management. In other words, make one change on the SUM or a master firewall and have the changes replicate to my other 4 UTMs. That was not the case. 

    I have yet to find or be able to procure any competent Sophos support so I could be wrong - take my comments with a huge grain of salt. :(

  • This error is usually caused by not have ports 4444, 4433 & 4422 open on a firewall between the SUM and the UTMS - the UTMs need to be able to see the SUM on those ports - if those ports are blocked the two cant talk to each other.

    Cheers

    Chris Rose

    Doncaster UK

    Currently running 50  - SG310s, SG330s & SG450 UTM's at remote sites via the Sophos SUM

    Currently sandboxing upgrading the hardware on a SG330 to the new SX330 software 

  • Hi, Just to update you I am using the SUM to manage 50+ remote UTM's and deploy web exceptions / firewall rules/ network definitions etc, to the whole estate, the partial estate or just a single UTM. The advantage I find of this method is that objects defined and deployed VIA the SUM - are only viewable to users logged into the UTM locally on site - they are unable to delete or edit these global objects - only view them. This stops local UTM admins from "tweaking" settings that have been deployed by corporate Head Office.  :-)

    Currently running 50  - SG310s, SG330s & SG450 UTM's at remote sites via the Sophos SUM

    Currently sandboxing upgrading the hardware on a SG330 to the new SX330 software 

  • Interesting...is this a new capability or only available for hardware versions? When I tried, it was on AWS and the AWS instance version did not have that capability. If we can centrally manage now then that will be a plus!

  • c53f35a0 said:

    Interesting...is this a new capability or only available for hardware versions? When I tried, it was on AWS and the AWS instance version did not have that capability. If we can centrally manage now then that will be a plus!

     

     

    Ahh... you have me there, I have no idea how to answer your question as I have no idea what an AWS is ? I manage only the dedicated hardware UTM boxes - 310s, 330s and 450's - I have no experience of running UTM's on a PC hardware platform - but I am assuming that you "should" be able to manage PC based UTM's the same way ?

    Kindest regards

    Chris

    Currently running 50  - SG310s, SG330s & SG450 UTM's at remote sites via the Sophos SUM

    Currently sandboxing upgrading the hardware on a SG330 to the new SX330 software 

  • No worries. FWIW, AWS is the cloud service Amazon Web Services and Sophos has a virtual server (i.e. instance) that can be used on AWS. AWS doesn't have a proper firewall / threat manager service yet so Sophos UTM on AWS is an attractive option. When I get a chance I'll spin up a few instances with a SUM and see if the centralized management capability has improved. 

  • c53f35a0 said:

    No worries. FWIW, AWS is the cloud service Amazon Web Services and Sophos has a virtual server (i.e. instance) that can be used on AWS. AWS doesn't have a proper firewall / threat manager service yet so Sophos UTM on AWS is an attractive option. When I get a chance I'll spin up a few instances with a SUM and see if the centralized management capability has improved. 

     

     

    Ahhh - I see now - OK well I am running the Suse SUM software on a virtual server in our server farm - so I can't comment on how it compares to AWS as I've not used that. However this morning for the first time ever my SUM is not working ?? 

    My users are getting :  "The following errors occurred: connection to backend not established" - when they try to login. I am currently investigating what gone wrong 

     

    Its funny as the SUM box has been running for over nine months without a hitch and I have 16 users on it - from first and second line support teams.

    Currently running 50  - SG310s, SG330s & SG450 UTM's at remote sites via the Sophos SUM

    Currently sandboxing upgrading the hardware on a SG330 to the new SX330 software