XG Firewall v18 MR-5: Feedback and experiences

Top Replies

  • The classification process is still broken - ntp, Imaps.

    Is there any reason at all on why the Firewall can't detect NTP traffic as Its own application?

    Creating a application signature…

  • The classification process is still broken - ntp, Imaps.

    Is there any reason at all on why the Firewall can't detect NTP traffic as Its own application?

    Creating a application signature for NTP shouldn't be that hard.


    If a post solves your question use the 'Verify Answer' link.

  • This morning I decided to try out the DPI engine in MR-5. All went fine for about 30 minutes when working items broke. I performed a restore from yesterday, all good except the update screen hung at 100% and I had to close the web browser and start the access to the XG again.

    ian

     
    V18.0.x - e3-1225v5 6gb ram with 4 ports - 20w. 
    3 AP55s and 2 APX120s having a holiday until software update is released.
    If a post solves your question use the 'This helped me' link.
  • You mean the DPI Engine started to decrypt websites, which it should not do? Because i am running full DPI Engine for several clients without any issues. But this should be looked at by the time you can invest and not in this mega thread. 

    __________________________________________________________________________________________________________________

  • Hi,

    I will take  a more logical step to testing tomorrow.

    Ian

     
    V18.0.x - e3-1225v5 6gb ram with 4 ports - 20w. 
    3 AP55s and 2 APX120s having a holiday until software update is released.
    If a post solves your question use the 'This helped me' link.
  • First Test on my home Firewall looks good. If there are no issues I will install the MR5 next week on our productive Firewalls. 

  • I updated a MR4 Firewall with running OSPF Routing to MR5 and it is working. 

  • Reporting is broken. I get two daily reports every hour starting at approx 0100 this morning.

    I will start a new thread on reporting.

    Ian

     
    V18.0.x - e3-1225v5 6gb ram with 4 ports - 20w. 
    3 AP55s and 2 APX120s having a holiday until software update is released.
    If a post solves your question use the 'This helped me' link.
  • LDAP Auth is broken on 18 MR-5

    all auth requests on the firewall are producing "LDAP Server not found with authserver id" errors, tried to recreate the LDAP server, tried setting the LDAPserver to use an known dn instead of anonymous ... auth failed.

    ldap server is configured like the kb states https://support.sophos.com/support/s/article/KB-000035738

    had to rollback to -MR 4

  • Can you show us a screenshot of this issue? You are using LDAP server to anything specific? 

    __________________________________________________________________________________________________________________

  • we have an pretty standard OpenLDAP setup

    i don't have any screenshots but i have some logs:

    ERROR     Apr 12 06:39:47.620137 [LDAP_AUTH]: (ldapauth_handle_authrequest): LDAP_AUTH: LDAP Server not found with authserver id 4
    ERROR     Apr 12 06:39:47.620155 [LDAP_AUTH]: (ldapauth_handle_authrequest): LDAP_AUTH: LDAP Server not found with authserver id 3
    ERROR     Apr 12 06:39:47.620266 [access_server]: check_auth_result: VPN/SSLVPN/MYACC Authentication Failed
    MESSAGE   Apr 12 06:39:47.620301 [access_server]: (update_admin_access_table): ### Admin user authentication failed from IP xx.xx.xx.xx
    MESSAGE   Apr 12 06:40:02.521909 [access_server]: tlvserver_process_request: GOT ALERT.EXECUTE_HEARTBEAT
    ERROR     Apr 12 06:40:15.155300 [access_server]: ldapauth_bind: bind failed: Invalid credentials
    ERROR     Apr 12 06:40:15.155311 [access_server]: ldapauth_test_auth:'ldap.xxx.xx:389': bind failed for user: 'uid=xxxxxx'
    ERROR     Apr 12 06:40:20.247596 [LDAP_AUTH]: (nsg_decryption): failed to find needed_length for :

    ERROR     Apr 12 06:40:20.247613 [LDAP_AUTH]: (pg_db_handle_get_ldap_server_config): LDAP server password decryption failed
    ERROR     Apr 12 06:40:20.247620 [LDAP_AUTH]: (pg_db_handle_get_ldap_server_config): LDAP server: password not found, will not add server
    ERROR     Apr 12 06:40:20.247624 [LDAP_AUTH]: (pg_db_handle_get_ldap_server_config): couldn't added LDAP server 'ldap.xxx.xx:389'