Hi XG Community!
We've released a new build of XG Firewall v18 MR1 (Build 396).
Note: Upgrading from SF 17.5 MR11/ MR12 to v18 MR-1-Build396 is now supported.
Please refer XG Firewall v18 highlights for more details on all-new Xstream Architecture delivering extreme new levels of visibility, protection and performance. Also, check out our XG Firewall v18 playlist on YouTube to find out what's new in XG Firewall v18!
As usual, this firmware update is no charge for all licensed XG Firewall customers. The firmware will be rolled-out automatically to all systems over the coming weeks but you can access the firmware anytime to do a manual update through Licensing Portal. You can refer this article for more information on How to upgrade the firmware.
For fresh installations, please find the following files:
Free Online Training
Customer Resources and How-To Videos
Take advantage of Partner and Sophos Professional Services
Here are some direct links to helpful resources:
New to XG Firewall?
If you’re new to XG Firewall, see how it provides the world’s best network visibility, protection and response on the new XG Firewall website.
Hi Big_Buck ,
Thanks for the feedback. We would like to investigate this feedback and for that i have given message in PM.
Thanks for all your hard work, I was so excited to see Wireguard after long waiting but maybe in the next update.
Thanks for the update!, It's been four hours since I've updated it, and It's been working flawless on my Home XG.
i can't install it on an XG125 (SFOS 18.0.0 GA-Build379.HF052220.1)
Firmware installation failed. Firmware is invalid for this appliance model.
Any known ?
Hi Philipp Bochtler ,
Thanks for your quick and supportive response over PM chat and finally we got to know the failure reason and same updating here
You have hardware device - XG125 and trying to upload Software firmware update so that is the reason of failure
Reference link has been given to download hardware firmware update
Bug in DNAT Rules:
When creating a DNAT - rule to map incoming IP-Ports to a destination behind an outgoing NAT-device (like Mail- or WEB-servers in a DMZ zone), I like to define even the incoming- and outgoing-interfaces of the XG in the form to dedicate the traffic to these interfaces only.
Defining incoming interface works, but when even defining outgoing (internal) interface, the connection stops working.
From my point of view this is a bug in the firmware.
Is anybody running this and can report if it is save for production?
My XG86 was alerting me to performing this update for a few days and now it's not available. I take it something is not right with this release and we should be holding off?
Also curious where the upgrade notification went. Still on 17.5 MR12 and am not willing to manually upgrade all our customer firewalls with something that has a concern for instability. Please let us know.
Hi Sophos Community,
yesterday I installed this firmware on our XG210. Today we had problems with external connections. Our phone system (3CX) was not running correctly, FQDN was not reachable from outside and external SFTP connections were not working. DNS Resolution problem. So I did a rollback to the Version 17.5.12 MR12 and everything is working fine again.
What is the fix for this problem?
Hello, release notes says "Quarantined emails can only be released from the User Portal only Refer to KBA135515 for details" this means now admin will not able to release quarantine email??
Lars Hartmann - updating non-HA xg's from sfos 17.5 mr12 to this version has been fine in our environment so far but attempting to update a couple HA pairs also on sfos 17.5 mr12 resulted in HA breaking on both. The standalone xg is then found to be stuck on 17 and not taking the update even after disabling HA and reboots. The problem is still being looked into.
So I upgraded to 18.0.1 build 396 but all my VPN users could not connect with OTP so I revert back to 17.5.12 but had to delete OTP to get them in on user portal and had them download the configuration to get it working again.
following up on my previous post - HA breaking in our environment is concluded to have been caused by disks failing rather than a problem with the sfos update itself so the hardware issue is being addressed through rma.