Important note about SSL VPN compatibility for 20.0 MR1 with EoL SFOS versions and UTM9 OS. Learn more in the release notes.

This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Unable to update to V18 MR4

this is a continuation from this thread ;

https://community.sophos.com/xg-firewall/f/discussions/124771/xg-firewall-v18-mr-4-feedback-and-experiences

My Hardware is as follows;

I have a VMware 6.7 virtual system that is host to current 2 VMs

  • Sophos XG v18 MR3 HA in Active-Passive setup.
  • They VM have 2 x CPU, 6Gb RAM, 60Gb HDD & 3 x NIC (the NIC are VMXnet3 Cards within VMware).

I had installed and setup v18 MR3 in an active-passive ha setup without any issues, and it was configured in less than 10 minutes.

Upgrading to v18 MR4 was another matter.

  1. I tried to upgrade the firmware via the usual place, but was denied stating it was in HA configuration.
  2. disabled HA, and then upgraded both the units.
  3. tried to configure HA, and this is where it just wouldn't identify the other (Passive) unit.

it even got stuck with HA being in an inconsistent state.

on the Active unit the GUI would free on refresh with the following screen

    

when I ran the command 'system HA disable' it stated that it was already disabled.

this is on MR4, and both units were on MR4 before trying to re-connect.

I have the systems still there but have had to rebuild from scratch.

any help or guidance on this would be helpful and may well be for others who come across this.

you said in the previous thread that this is a known bug, I could only see four bugs for HA, and neither seemed to represent the one I am experiencing;

  • NC-62868 [HA] HA - Certificate Sync fails in Aux
  • NC-64269 [HA] IPv6 MAC based rule not working when traffic is load balanced to Auxiliary
  • NC-64907 [HA] The auxiliary appliance crashes when broadcast packet is generated from it
  • NC-61282 [Firewall, HA] Failed to enable HA when a New XG is replaced in place of another XG


This thread was automatically locked due to age.
Parents
  • I had this exact same issue.

    Was on the phone to support for hours and they couldn't fix it.

    QuickHA seems to break in MR4.

    I updated both my appliances to MR4 and then did a vanilla quickHA, then I get exactly as you did, the UI froze on the HA screen, with hastatustext.

    The passive side seems to do nothing, but it doesn't freeze.

    Restoring a config from backup has the same issue, in fact you can see the ha isn't setup in the restore but the UI is stuck on "stop HA discovery" or what ever it says if you click it nothing happens.

    Setting up via interactive mode was my work around (after reconfiguring my whole device).

    I have a support ticket open for this.

  • FWIW, same issue at a customer. My Case is 03502772

  • Support has confirmed a bug in MR4.

    Hello Patrick,

    Thanks for the reply!

    I have confirmed this internally and this bug has already been reported to our DEV team with bug ID  NC-66978.

    The current target fix for this issue is on the next release MR5.

    Let us know if you have any additional inquiries regarding this or this case can be closed for now.

    Regards,

    Niño Rowel Olid
    Sophos Technical Support

  • Hi Patrick,

    I have the same problem with MR4, but I don't have available MR5. Do you know when is it going to be available?

Reply Children
No Data