Related
Recommended
talex

Hi XG Community!

We've finished SFOS v17.0.3 MR3. This release is available from within your device for all SFOS v17.0 installations as of now.

Besides that, the release is available to all SFOS version via MySophos portal.

Issues Resolved

  • NC-25584 [IPsec] IPsec tunnel frequently gets disconnected after migration to v17
  • NC-25597 [IPsec] Disabling DPD has no effect
  • NC-25641 [IPsec] Improve IPsec failover behavior
  • NC-26024 [IPsec] Change default "Policy Keying Tries" to unlimited
  • NC-26032 [IPsec] Too many email notifications on connection retry
  • NC-25986 [Logging] Fixed CVE-2017-18014
  • NC-23214 [Wireless] XG105w failed to update channel width 80 MHz for 5Ghz band

Downloads

You can find the firmware for your appliance from in MySophos portal.

Parents

  • Hello, SFOS-User: Some additional experiences?

    Actually our customer has a "to-SFOS-migrated" CR100-cluster, 3 cr-35 actually with SFOS 17.3mr3. The two additional Cyberoam CR25-boxes are working smooth like a swiss-knife. :) One HO- 5 BO. HubSpoke.

    We have very frustrating issues last year during the firmware-versions between v16.5 to v16mr8 with the CR100-Cluster-Boxes an v17.0 to v17.3mr3 with ALL SFOS boxes. But they won't stop... :(

    At v16.5mr5/mr8: we had to stop the CR-100-cluster - instability and internet-connection-drops or ughly slow... :(

    Shut down ATP and restart ATP kills the v16.5.mr5 - CPU hangs at 80%. Appliance-restart nessesary.

    IPsec V16/v17 Sophos cut the Phase2 algos: sha2 256 are different in v16 and v17. RSIG-tunnels: you must delete and reconfig them after v16>v17. They won't work anymore. :(

    Now:

    The vpn-engine works instable (static2dyndns, static2static): some tunnels can not re-established some can, webgui connection is dropping (message: could not connect to appliance). In some cases we had to restart the appliance, then vpn-restart is not enough. These errors appear sometimes at ALL v17.3MR3-boxes. Active: Webprotection, SophosCentral, some VPN-Rules, no Rowadwarrior.  - VPNs are established, bust crashing about 2-4 times/month.

    I'm so happy, tha I decided to route the mx-smtp-mails over an utm9.

    Actually "Next Generation Frustration FireWall" ...

Comment

  • Hello, SFOS-User: Some additional experiences?

    Actually our customer has a "to-SFOS-migrated" CR100-cluster, 3 cr-35 actually with SFOS 17.3mr3. The two additional Cyberoam CR25-boxes are working smooth like a swiss-knife. :) One HO- 5 BO. HubSpoke.

    We have very frustrating issues last year during the firmware-versions between v16.5 to v16mr8 with the CR100-Cluster-Boxes an v17.0 to v17.3mr3 with ALL SFOS boxes. But they won't stop... :(

    At v16.5mr5/mr8: we had to stop the CR-100-cluster - instability and internet-connection-drops or ughly slow... :(

    Shut down ATP and restart ATP kills the v16.5.mr5 - CPU hangs at 80%. Appliance-restart nessesary.

    IPsec V16/v17 Sophos cut the Phase2 algos: sha2 256 are different in v16 and v17. RSIG-tunnels: you must delete and reconfig them after v16>v17. They won't work anymore. :(

    Now:

    The vpn-engine works instable (static2dyndns, static2static): some tunnels can not re-established some can, webgui connection is dropping (message: could not connect to appliance). In some cases we had to restart the appliance, then vpn-restart is not enough. These errors appear sometimes at ALL v17.3MR3-boxes. Active: Webprotection, SophosCentral, some VPN-Rules, no Rowadwarrior.  - VPNs are established, bust crashing about 2-4 times/month.

    I'm so happy, tha I decided to route the mx-smtp-mails over an utm9.

    Actually "Next Generation Frustration FireWall" ...

Children
No Data
Unfiltered HTML