Important note about SSL VPN compatibility for 20.0 MR1 with EoL SFOS versions and UTM9 OS. Learn more in the release notes.

This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

XG Firewall v18 MR-4: Feedback and experiences

New Thread to cover changes / feedback / experiences. 

"Old" MR3 Thread: https://community.sophos.com/xg-firewall/f/discussions/123403/xg-firewall-v18-mr-3-feedback-and-experiences

Release Notes: https://community.sophos.com/xg-firewall/b/blog/posts/xg-firewall-v18-mr4-is-now-available



This thread was automatically locked due to age.
Parents
  • I have just tried to update my Active-passive setup and it denied it what ever I did.

    I then de-activated the HA Pair, and defaulted the original setup.

    I have now been waiting for the HA setup to continue which is taking soo long.

    I will then refresh the page, and go to system and it just sits there refreshing the page.

    it was all working fine from 17.5 up to 18 mr3, but now nada, any ideas, I will have a look at the logs when I can

    XG & UTM Architect (Systems: XG v18 & UTM 9.7 - Virtual, HW & SW)
    Curious enough to take it apart, skilled enough to put it back together, Clever enough to hide the extra parts when I'm Done!

  • What do you mean by "it denied it"? How did you build up the HA? 

    __________________________________________________________________________________________________________________

  • the deny it that I could not update the HA pair while it was active, and would not update the firmware.

    XG & UTM Architect (Systems: XG v18 & UTM 9.7 - Virtual, HW & SW)
    Curious enough to take it apart, skilled enough to put it back together, Clever enough to hide the extra parts when I'm Done!

  • Did you upload & boot the new firmware and did you doublecheck the correct firmware used? Also did you verify in the logs, if the was a alert about this deny? Because i upgraded by now, multiple HAs and never had this issue.

    Do you have a screenshot of this? 

    __________________________________________________________________________________________________________________

  • Haven't checked the logs yet
    but this is what I am left with

    now going to system services, it just sit there, waiting for it to refresh the page .... it's been there for over 20mins even though there is not passive unit attached, and it was doing this as well for well over an hour when it was attached.

    I did a reboot (on both units) before I started, and then tried to just upload the new firmware and that is where I was not allowed to upload the firmware.

    this is when I de-activated the HA Pair, and updated the firmware ...tried to re-create the pair, and that is the last full action.

    I am now trying to find a way to de-activate HA from CLI

    XG & UTM Architect (Systems: XG v18 & UTM 9.7 - Virtual, HW & SW)
    Curious enough to take it apart, skilled enough to put it back together, Clever enough to hide the extra parts when I'm Done!

  • Try this: console> system ha disable

    This should be improved in MR4, but you are not on MR3. Seems like something broken in the process of stopping the HA. 

    __________________________________________________________________________________________________________________

  • thanks fort that, now here's a conundrum, I ran the command and it states that 'HA is already disabled' even though I have the screen shot above!

    XG & UTM Architect (Systems: XG v18 & UTM 9.7 - Virtual, HW & SW)
    Curious enough to take it apart, skilled enough to put it back together, Clever enough to hide the extra parts when I'm Done!

  • There is a Bug ID resolved in MR4, which explains this. The disable HA option sometimes did not clear all the configuration of both units. Hence it stock in this undefined status. If you upgrade to MR4 both, it should be resolved. 

    __________________________________________________________________________________________________________________

Reply
  • There is a Bug ID resolved in MR4, which explains this. The disable HA option sometimes did not clear all the configuration of both units. Hence it stock in this undefined status. If you upgrade to MR4 both, it should be resolved. 

    __________________________________________________________________________________________________________________

Children