Sophos XG Firewall - License activation unavailable (error XG-00151). See KB-000043485 for the latest updates.
Since updating to 220.127.116.116, I've noticed my firewall is Kernel Panicking at least 5 or 6 times a day. The best uptime I've been able to achieve is 4 hours. I originally suspected hardware, but have since moved the XG to new hardware. Has anyone else seen this issue?
Thank you for contacting the Sophos Community.
Adding to what rfcat mentioned, please check the syslog.log csc.log applog.log and /var/cores.
Nothing in the logs i could see that was relevant. I ended up switching back to 18.0 firmware and firewall was stable. Re-applied the 18.5.1 update and so far it's been stable. (18 hours).
Spoke too soon. Just kernel panicked again. 14 hours. Only did it on 18.5. Switched back to 18.0 again to see if its better uptime...System: Dell Optiplex 780 SFFCPU: Intel E8400RAM: 4GBHDD: SATA SSD 120GBNIC: Intel PCI Dual EthernetNote the system had been completely stable since about April; the issue appears to have only started happenign since the 18.5.1 update. I switched back to 18.0.5 MR-5 build 586 and so far it's been stable again. Also I noticed the certificate error I had where my imported certs weren't being trusted even with the appropriate CA certs being loaded has now resolved itself since switching back. Still not seeing anything relevant in the logs. I've set up a recorder to capture the screen output next time it panicks. Its only on the screen for 1 or 2 seconds,
There must be an issue with the 18.5 build.
Thank you for the update and feedback.
Did you get the change for any core dump under /var/cores? what about the logs?
So far I haven't risked going back to 18.5 yet as its almost certain to crash again. I will try upgrading to 18.5 again tonight and see how it goes. Currently I am on SFOS 18.0.6 MR-6-Build655 and it's completely stable.I will report back tonight after upgrading as to how it's going, and if it crashes I will try and capture the core dump.
The Firewall just Kernel Panicked again. Just checked the /var/cores folder and there are no files present.
Thank you for the update.
So in that case you would need to capture the console logging
Using PuTTY, go to 'Session' - 'Logging.'
Here, select "All session output', and set the file name to a folder and name for later retrieval.
Configure the Serial connection to use the proper COM port on your PC and a Speed of 38400.
Start the session, and log in to ensure it’s all proper.
Once logged in, you can leave it there or log out and leave the session at the password prompt. Either way, leave the session active and allow it to capture the output from the next reboot.
Once that reboot occurs, you can end the Serial connection and provide the logs to support further investigation.
Have you open a case already for this, if not please open one and share the Case ID with me.