Hi XG Community!
We've finished SFOS v17.5.3 MR3. This release is available in stages. In first stage it will be available at MySophos. We then start with a small amount of slots and will increase those over time. Later it will be available to all other installations as well.
Please see the following link for further information regarding upgrade - KBA 123285 Sophos Firewall: How to upgrade the firmware.
Enables updates to XG Firewalls deployed in environments that are physically isolated from the internet. Protection patterns, licenses, and firmware updates can be applied from a USB storage device. Learn more.
Enables security pattern updates, client software updates, and firmware updates for access point and RED devices to be uploaded from a file via the XG Firewall management console. Learn more.
Support for our new APX 320, 530, and 740 wireless access points with 802.11ac Wave 2 with 2-3x the performance and added device density over our legacy AP Series models. Learn more.
Support for Migration to XG Series Hardware. Backups from XG Firewall running on SG Series devices can now be restored to XG Series devices. In addition, backups from Cyberoam CROS and SFOS backups can be restored to XG Series devices without any manual conversion.
Firewall rules will be automatically grouped based on source and destination zone when migrating to XG Firewall for consistency.
Administrator can verify recipient email addresses against configured active directory and can reject emails to non-existent users.
To manually install the upgrade, you can find the firmware for your appliance at MySophos portal. Please see the following KBA - Sophos Firewall: How to upgrade the firmware: KBA 123285.
Maybe you guys can give some further informations about taking a previous Cloud-Managed APX to the XG Firewall?
So far I did tried:
1. Check that the APX in Cloud is on 220.127.116.11
2. Check that XG is upgraded to 17.5 MR 3
3. Check that after Upgrade to 17.5 MR 3, the Latest AP-18.104.22.168.6 Pattern is Downloaded to XG
4. Removed APX from Cloud
5. Rebooted APX.
Now i was expecting to see the APX within XG Dashboard. That wasn't the case unless my XG is the DefaultGateway for APX.
Tested APX support with 3 APX530 today, I was not successful.
What I did:
- Upgraded firewall to SFOS 17.5.3 MR-3
- Rebooted firewall.
- Upgraded AP Firmware to 11.0.006
- Rebooted firewall (just to go sure)
- Connected APs
APs get an IP with DCHP but then it's over. They do not appear in the wireless module. Do I miss something? APs are new and were not connected to the cloud.
Seeing the same thing with my APX530, which has never been connected to the cloud. Also running newest AP firmware...
Hi, I have struggled with this all days since the release of 17.5.3. I upgraded a couple of XG firewalls with the new firmware. Then i checked policys, wireless settings (enabled), Checked Device settings so that my Zones were active for Wireless. Then I installed the patternupdates for Wireless 11.0.006 and rebooted the units again. I have then Tried APX 320, APX 530 and APX 740 all with the same results. They get IP from DHCP services but it seems that they do not talk magic IP 22.214.171.124 on port 2712? I see nothing in LogViewer (logcomp Wireless). None of the APX´s are connected to any Sophos Central account. I have submitted a supportcase and are waiting for some feedback. I will let you all know if I get a breakthrough in this case.
talex are we failing or was it quality department? :-D
Regarding wifi issues:
Please see this KBA that has been published for this issue: community.sophos.com/.../133538
After upgrade from 17.5 mr1 to 17.5 mr3 I notice that the virtual appliance is slower then before. Nothing on the settings changed, and hardware is also the same. I run it on hyper-v 2016. Is there away to troubleshoot why its much slower now? Anyone else has the same experience ??
Not sure if this is related to the upgrade, when we upgraded one of our firewalls the SMTP service stopped. There's no way to restart this service via the gui. Dropping to the CLI and running service -s nosync awarrenmta:restart seems to have done the trick.
Do not install MR3 if you have RED Tunnels. Did this last night and my remote firewalls (RED Clients) are constantly rebooting itself. Rolled back to MR1.
Bjoern Freiherr Thanks for the data, I was thinking about updating, but seeing that detail with the red15. I better wait for you will there be information about why this happens with the red15?
I've just updated one xg in a branch office to 17.5.3.
Now the ipsec vpn between this device and the xg in our headquarter running 17.5.1 doesn't come up.
Will it work when both xg are running same firmware?
I don't want to update the xg in our headquarter because there are also many aps and reds managed by the xg.
Not saying the RED issues aren't related to MR3, but we're running an 17.5MR3 internally with 5 RED 15Ws and haven't had any issues so far. However, based on the feedback of others, we're going to wait before we roll MR3 to our external clients.
I'm having a terrible time trying to get 17.5.3 to install on 3 XG85's. I click on "Check for New Firmware" and it finds the update, HW-17.5.3_MR-3.SF110-372. I click Download and it downloads the update. Then I click on Install, and the spinning thing runs for about 30 seconds, and then I get an error message stating the update could not be installed and I should check on the online documentation for possible reasons why. If I go through that process about 3 times it will eventually install. At least that has worked on 1 of the 3 XG85's. On another one it only installed if I clicked on install on the message you get about the update when you first login to the XG85. Doing it through the "Backups and Firmware" page didn't work.
Be aware of the possible issue with this update and the workaround to avoid it - community.sophos.com/.../133799 (Device booting into safe mode after upgrade to v17.5)