Sophos Firewall

Release Notes & News SFOS 17.0.3 MR3 Released

Sophos Firewall requires membership for participation - click to join

talex

20 Dec 2017

Hi XG Community!

We've finished SFOS v17.0.3 MR3. This release is available from within your device for all SFOS v17.0 installations as of now.

Besides that, the release is available to all SFOS version via MySophos portal.

Issues Resolved

NC-25584 [IPsec] IPsec tunnel frequently gets disconnected after migration to v17
NC-25597 [IPsec] Disabling DPD has no effect
NC-25641 [IPsec] Improve IPsec failover behavior
NC-26024 [IPsec] Change default "Policy Keying Tries" to unlimited
NC-26032 [IPsec] Too many email notifications on connection retry
NC-25986 [Logging] Fixed CVE-2017-18014
NC-23214 [Wireless] XG105w failed to update channel width 80 MHz for 5Ghz band

Downloads

You can find the firmware for your appliance from in MySophos portal.

Parents

roelniesen over 6 years ago

I was so stupid to upgrade to SFOS17 and so I upgraded to SFOS 17.0.3.

My mailbox is fulling up with email notifications of ipsec site to site tunnels that are down and up and down and ..

I found out that changing to aes256/sha256 with dh5 was more stable.

The reflex should be to create a support ticket, but when does guys tried to gave support, it's only irritated me the slowness and lake of knowledge of the product.

I already contact my account person with Sophos, will see if I get a response.

Also other issues like sandstorm test isn't working (www.sophos.com/.../sandstorm-test.aspx) and that when sandstorm is processing, the end user is getting an insecure https://ip-fw screen that still not can been replaced by https://fqdn + valid cert.

I think the quarantine has the same problem.

Isn't it time to act for a security company to make the security products stable and secure?
- Cancel
- Vote Up 0 Vote Down
- More
- Cancel

Comment

roelniesen over 6 years ago

I was so stupid to upgrade to SFOS17 and so I upgraded to SFOS 17.0.3.

My mailbox is fulling up with email notifications of ipsec site to site tunnels that are down and up and down and ..

I found out that changing to aes256/sha256 with dh5 was more stable.

The reflex should be to create a support ticket, but when does guys tried to gave support, it's only irritated me the slowness and lake of knowledge of the product.

I already contact my account person with Sophos, will see if I get a response.

Also other issues like sandstorm test isn't working (www.sophos.com/.../sandstorm-test.aspx) and that when sandstorm is processing, the end user is getting an insecure https://ip-fw screen that still not can been replaced by https://fqdn + valid cert.

I think the quarantine has the same problem.

Isn't it time to act for a security company to make the security products stable and secure?
- Cancel
- Vote Up 0 Vote Down
- More
- Cancel

Children

No Data