I had to change vpn policy from AES256 to AES128 to get ipsec vpn Site to site  to connect between XG firewall both upgraded from MR2 to MR3

me 2, just upgrade my 3 firewalls with site-to-site from 17mr2 to 17mr3

big NASTY  bug

every 10 seconds I got an email message about IPSec connection being "UP"

This is a bug or a feature?

"NC-26032 [IPsec] Too many email notifications on connection retry"

Maybe a newbe question but where can i find more info about NC-25986 or NC-26032

There is NO info of  NC-????? on "Glosserary of Technical terms" community.sophos.com/.../118500 or Google

And it is also difficult to find any info on CVE-2017-XXXX     NC-25986 [Logging] Fixed CVE-2017-XXXX (TBD)

At this moment I will revert back to 17MR2 and advise everybody else to do not upgrade for the experience I just had with MR3

Just upgraded from MR-2 with no issues. I've had no issues with Apple updates since V17. I haven't added any additional web exceptions, just running the ones that come with the default install called 'Apple Update'.

When will there be a fix for the blocking of apple updates, microsoft updates and everything else broken in v17 with web protection enabled?

Yes. Unfortunately there were some changes after the communication went out via Twitter.

17.0 MR3 contains the above fixes.

New hardware support will be in MR4 and the original planned fixes for MR3 will be in MR5.