Important note about SSL VPN compatibility for 20.0 MR1 with EoL SFOS versions and UTM9 OS. Learn more in the release notes.

Thread Info
  • State Verified Answer
  • Locked Locked
  • Replies 101 replies
  • Subscribers 53 subscribers
  • Views 30574 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Sophos Firewall: v18.5 MR1: Feedback and experiences

LuCar Toni

V18.5 MR2: https://community.sophos.com/sophos-xg-firewall/b/blog/posts/sophos-firewall-v18-5-mr2-is-now-available

https://community.sophos.com/sophos-xg-firewall/f/discussions/131468/sophos-firewall-v18-5-mr2-feedback-and-experiences

Release V18.5 MR1 Post (326): https://community.sophos.com/sophos-xg-firewall/b/blog/posts/sophos-firewall-v18-5-mr1-is-now-available 

https://docs.sophos.com/releasenotes/index.html?productGroupID=nsg&productID=xg&versionID=18.5

EAP(318) Blog Post: https://community.sophos.com/sophos-xg-firewall/b/blog/posts/sophos-firewall-v185-mr1-eap

"Old" MR3 Thread: https://community.sophos.com/xg-firewall/f/discussions/123403/xg-firewall-v18-mr-3-feedback-and-experiences

"Old" MR4 Thread: https://community.sophos.com/sophos-xg-firewall/f/discussions/124771/xg-firewall-v18-mr-4-feedback-and-experiences

"Old" MR5 Thread: https://community.sophos.com/sophos-xg-firewall/f/discussions/127053/xg-firewall-v18-mr-5-feedback-and-experiences



MR2
[bearbeitet von: LuCar Toni um 7:43 AM (GMT -8) am 30 Nov 2021]
Parents
  • 0

    IPS/DOS is still broken. Something during v18.0.4 b broke IPS/DOS and has not been required in later releases.

    I have tried multiple ideas on settings and the only setting that works is disabling IPS/DOS. One security camera will load without triggering IPS/DOS but when I try to load all 4, only one loads and the others either timeout or disconnect.

    I have tried with the web proxy, DPI and neither no change to the ability to connect when IPS/DOS is enabled. The logviewer shows nothing in the IPS view but lots of either DOS on port 53 or broadcasts.

    ian

    XG115W - v20.0.3 MR-3 - on holiday

    XGS118 - v21 GA

    If a post solves your question please use the 'Verify Answer' button.

  • 0 in reply to rfcat_vk

    Try a DOS exception for such devices, if you do not want to increase the numbers of the particular device. 

    support.sophos.com/.../KB-000035751

    __________________________________________________________________________________________________________________

  • 0 in reply to LuCar Toni

    Thank you.

    I would expect the DOS bypass process to be a temporary fix until the DOS process is fixed.

    i tried that in v18.0.5 586 and came to the conclusion that the bypass process does not work. You end up with a log of hundreds of valid connections to external DNS devices. The connections never actually complete to the security cameras.

    I tried individual rules and network rules with the same result, no stable connections if the connection established. Also there are a large number of failed DHCP requests.

    I do not see the same number of entries when I disable the DOS settings.

    Also the DOS bypass process is a bit ancient, eg no dropdown lists to select networks or devices or even protocols (service).

    Ian

    XG115W - v20.0.3 MR-3 - on holiday

    XGS118 - v21 GA

    If a post solves your question please use the 'Verify Answer' button.

Reply
  • 0 in reply to LuCar Toni

    Thank you.

    I would expect the DOS bypass process to be a temporary fix until the DOS process is fixed.

    i tried that in v18.0.5 586 and came to the conclusion that the bypass process does not work. You end up with a log of hundreds of valid connections to external DNS devices. The connections never actually complete to the security cameras.

    I tried individual rules and network rules with the same result, no stable connections if the connection established. Also there are a large number of failed DHCP requests.

    I do not see the same number of entries when I disable the DOS settings.

    Also the DOS bypass process is a bit ancient, eg no dropdown lists to select networks or devices or even protocols (service).

    Ian

    XG115W - v20.0.3 MR-3 - on holiday

    XGS118 - v21 GA

    If a post solves your question please use the 'Verify Answer' button.

Children
No Data
Unfiltered HTML