We'd love to hear about it! Click here to go to the product suggestion community
Hi XG Community!
We've finished SFOS v16.05.0 RC1 and want to hand it to you as a soft-release.
Those of you who already used Sophos UTM might remember that we do soft-releases from time to time. For all others, let me quickly explain what it is:
We finish the release and think it's worth getting some feedback before shipping the release to all.
So we provide the links to the update packages to you via this forum and you can download the update package and upload it to your SFOS device.
We will monitor the feedback in this forum for some time and then ship the release to everyone.
For detailed list of features and changes , Please refer the attached Release Note : Sophos XG Firewall v16_5 RN_v3.3.pdf
NC-12759 [Authentication] Segmentation Fault of access server NC-13930 [Authentication] Access_server segmentation fault NC-14100 [Authentication] Appliance IP doesn't appear on general tab of STAS suite NC-14160 [Authentication] Netbios packages sent out via WAN port NC-13972 [Base System] Webadmin certificate is not updated when changing common name in ca certificate NC-14123 [Base System] No reconnect of ipsec tunnel when using IPv6 NC-14140 [Base System] If VPN profile name is matching an existing log file then the profile will log to this log file NC-14227 [Certificates] Improve error message for Certificate Revocation List NC-3820 [Certificates] The validation period To/From is not taken into account for CRL uploads NC-13394 [Clientless Access(HTTP/HTTPS)] Japanese character issue in HTTP bookmark of clientless access NC-13014 [FirewallDatapath] Not able to ping local machine located in DMZ zone from LAN zone with IPsec S2S tunnel setup NC-13665 [Firewall] Skipping load balancing for missing heartbeat drop traffic NC-13702 [Firewall] Block Page with captive portal link shown for users when webfilter + user based rules are used NC-13987 [Firewall] Wizard failed after configure DOS rule using src-zone NC-14137 [Firewall] 'Internet Scheme' page loading failed NC-11810 [Framework(UI)] Application List headings are removed after applying filter NC-13043 [Framework(UI)] Control Center - system graph initially renders without title NC-13858 [Framework(UI)] Improve XG Firewall dashboard diagrams NC-14649 [Framework(UI)] Possible SQL injection in EventViewerHelper NC-14671 [Framework(UI)] XSS in LiveConnectionDetail.jsp in SFOS NC-15101 [Framework(UI)] Apache service stop in case of certificate names contain space characters NC-8116 [Framework(UI)] Disable TLS1.0 and TLS1.1 support for Webadmin and Userportal NC-14995 [Galileo Heartbeat] Heartbeat - Service restarting automatically NC-14244 [Hotspot] Hotspot type POTD send extra mail while updating password creation time NC-13610 [IDS + AppControl] Psiphon Proxy application is not blocked NC-13496 [IPS] Wrong ip address shown in web filter logviewer when device configured in TAP-Mode NC-14231 [IPS] Internet traffic dropped by IPS if network subscription is missing NC-12228 [Mail Proxy] MIME whitelist box is not large enough to display the entire text NC-14093 [Mail Proxy] Proxy stops processing mails if IP reputation is enabled with action "Reject" NC-14098 [Mail Proxy] Delivery failure notification not sent if sender or recipient email address contains space character NC-14178 [Mail Proxy] SMTP proxy dies to due to specific characters in return path of delivery failure notification NC-14213 [Mail Proxy] Read only profile should be set in Email protection in HA mode NC-13448 [Network Services] DHCP service dies while binding custom option to DHCP Server NC-12214 [Networking] New warning message for unbinding interfaces trivialize effects NC-12966 [Networking] WWAN connectivity issue with Huawei E3372 NC-13449 [Networking] DHCP Option is deleted without removing it's binding. NC-13599 [RED] Transparent Split and 3G Failover should not be possible to configure NC-14164 [RED] [RED] implement "TLS 1.2 only" mode NC-11769 [Reporting] Event Type 'Not Available' seen in Reports of Admin Events NC-12472 [Reporting] PDF Report Export/On Demand: When records continue on 2nd page server time change NC-13257 [Reporting] Pagination is not working for "Interface" widget in executive report. NC-14337 [Reporting] Reports is not loading when language is spanish NC-6345 [Reporting] Custom Reports: Sometimes application/protocoll filter is not working properly NC-12969 [SSLVPN] SSLVPN Remote-Access to Apple iPhone: traffic cannot pass through tunnel NC-13945 [UI] Log Viewer link from widget window is not working NC-13995 [VPN] VPN failover group stops retrying after couple of minutes NC-6589 [VPN] DHCP_V6A_IPSec connection not re-connected when changing IPv4 address of the same WAN interface NC-14118 [WAF] SFM MR-2 can not push web server configuration to SFv16 device NC-11111 [Web] Captive Portal settings: unauthenticated users redirection does not work NC-10629 [Wireless] Wifiauth service dies NC-13207 [Wireless] hostapd dies state after updating radius server in wireless global settings NC-13326 [Wireless] High CPU usage of DHCPd NC-13340 [Wireless] Update organizationally unique identifier (OUI) library NC-13940 [Wireless] Red15w wireless is not detected NC-14000 [Wireless] DHCP option 234 code missing in "editreddevice" opcode NC-9469 [Wireless] WLAN interfaces are not shown in network configuration wizard if wireless network name contains 'WLAN'
There is an issue with the Sandstorm licensing if you try to initiate the 30 day evaluation via ControlCenter. After you clicked the 30 days trial button, you will be redirected to the MySophos portal where you finish the subscription process. At the end you will see a HTTP 404 error page, because the redirect URL is not correct. As a workaround, please redo the steps until you get to the license overview of your device. The license should be synced to your device at that time. This issue does not appear if you initiate the process via MySophos instead via ControlCenter
You can find the firmware for your appliance from in MySophos portal.
In reply to Adriano Almeida:
Hi Adriano, please don't take lferrara's post personally. Some of us old timers on the board have a bad habbit of derailing every thread into sophos bashing. Most of the times the users that are having problems are the most vocal and they definitely have the right to express their dissatisfaction. But keep in mind that this is sophos community board and your interaction is mostly with other members like yourself. Even lferrara is not a sophos employee. His post was intended more as a reminder to keep to the topic and not as you shouldn't say what problems you are having.
While we sympathize with you and other users that have problems with XG, keep in mind that sophos is the one letting you openly criticize them in an open forum. I am not saying that you shouldn't express the problems you are having or if I was right when I wrote the whole speech earlier on (I have since marked that OFF TOPIC). All I am saying is that when we start criticizing sophos and particularly XG in every release thread, the intended purpose of the thread which is to deliver high quality software to users that want to test it before others to find bugs completely gets side tracked and we start finding the commonalities like
You don't like logging ... me too, STAS is a problem in your deployment... mine too, Heartbeat not working the way you thought... me too And nobody is talking about sandstorm which the whole beta was about
Trust me, sophos is more than aware of the problems that we are facing and working as fast as possible to fix them. Just look at the v16 releases... we have had a few since the original GA. Is every problem fixed? Ofcourse not but they are trying and we should give them the benefit of doubt once in a while.
Sorry again for your troubles with XG, keep aggravating your local support and by all means express your frustrations by opening a new thread on the forum... we will all join you in your efforts. A few sophos employees check that regularly and even if they don't answer, trust me they are relaying the message.RegardsBill
In reply to Billybob:
I see a GA version of 16.05 available now, I'll give it a go today and see what happens
I have to reboot all my 16.5 test devices several times for the following:
Do like the new "Firewall is starting"
In reply to MatthewKing:
none of the downloadlinks are working
In reply to Michael Kopp:
you are right, we removed the old data from the server, because we already have a maintenance release for SF16.05 (see: https://community.sophos.com/products/xg-firewall/b/xg-blog/posts/sfos-16-05-1-mr1-released). Therefore there is no need for a release candidate anymore. I will remove the links from the text above. Thank for for the hint.
The new files can be found in MySophos.
In reply to talex:
its supoort drivers?