New Thread to cover changes / feedback / experiences.
"Old" MR3 Thread: https://community.sophos.com/xg-firewall/f/discussions/123403/xg-firewall-v18-mr-3-feedback-and-experiences
Release Notes: https://community.sophos.com/xg-firewall/b/blog/posts/xg-firewall-v18-mr4-is-now-available
For XG Appliances, running in Active-Passive, we can accelerate more performance with the new fastpath technology. You should see more performance throughput on XGs running in Active-Passive.
The HA Setup…
I have just tried to update my Active-passive setup and it denied it what ever I did.
I then de-activated the HA Pair, and defaulted the original setup.
I have now been waiting for the HA setup to continue which is taking soo long.
I will then refresh the page, and go to system and it just sits there refreshing the page.
it was all working fine from 17.5 up to 18 mr3, but now nada, any ideas, I will have a look at the logs when I can
XG & UTM Architect (Systems: XG v18 & UTM 9.7 - Virtual, HW & SW)Curious enough to take it apart, skilled enough to put it back together, Clever enough to hide the extra parts when I'm Done!
What do you mean by "it denied it"? How did you build up the HA?
__________________________________________________________________________________________________________________
the deny it that I could not update the HA pair while it was active, and would not update the firmware.
Did you upload & boot the new firmware and did you doublecheck the correct firmware used? Also did you verify in the logs, if the was a alert about this deny? Because i upgraded by now, multiple HAs and never had this issue.
Do you have a screenshot of this?
Haven't checked the logs yetbut this is what I am left with
now going to system services, it just sit there, waiting for it to refresh the page .... it's been there for over 20mins even though there is not passive unit attached, and it was doing this as well for well over an hour when it was attached.
I did a reboot (on both units) before I started, and then tried to just upload the new firmware and that is where I was not allowed to upload the firmware.
this is when I de-activated the HA Pair, and updated the firmware ...tried to re-create the pair, and that is the last full action.
I am now trying to find a way to de-activate HA from CLI
Try this: console> system ha disable
This should be improved in MR4, but you are not on MR3. Seems like something broken in the process of stopping the HA.
thanks fort that, now here's a conundrum, I ran the command and it states that 'HA is already disabled' even though I have the screen shot above!
There is a Bug ID resolved in MR4, which explains this. The disable HA option sometimes did not clear all the configuration of both units. Hence it stock in this undefined status. If you upgrade to MR4 both, it should be resolved.
they are both upgraded to MR4, I am going through a rebuild.
luckily my setup is quite simple
Can you create a own Thread about this issue in MR4? Otherwise this will overload this thread. Please link the new thread here.
I have created this thread for continuation of my issue
community.sophos.com/.../unable-to-update-to-v18-mr4
Thanks LuCar Toni