This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Sophos Firewall: v18.5 MR2: Feedback and experiences

https://community.sophos.com/sophos-xg-firewall/b/blog/posts/sophos-firewall-v18-5-mr2-is-now-available

Release Notes: https://docs.sophos.com/releasenotes/output/en-us/nsg/sf_185_rn.html

"Old" V18.5 MR1 Thread: https://community.sophos.com/sophos-xg-firewall/f/discussions/128960/sophos-firewall-v18-5-mr1-feedback-and-experiences/

"Old" V18.0 MR5 Thread: https://community.sophos.com/sophos-xg-firewall/f/discussions/127053/xg-firewall-v18-mr-5-feedback-and-experiences

Please review: https://support.sophos.com/support/s/article/KB-000043489?language=en_US

Prio
[gesperrt von: LuCar Toni um 8:07 AM (GMT -7) am 26 Mar 2022]

Top Replies

RichBaldry over 1 year ago in reply to StevenSultana +6

The specific change you mention was a result of a security review we carried out on the OTP functionality. It is not good practice to provide methods to recover existing secrets because this makes it much…

0 Anto te Lintelo over 1 year ago

I just tried to manage a Sophos XGS116 with the OTP token. But it wont give me the expected popup in the Sophos Central portal according to the article Use OTP to turn on Central management - Sophos (XG) Firewall

If i enter the serial number it gives me the following tekst: If your firewall is already deployed and configured, you can join it to Sophos Central for management from your Firewall WebAdmin. Please note that a firewall can be managed at any point of time either via Sophos Central or Sophos Firewall Manager (SFM).

So i'm not able to create a OTP token for the firewall.

Is there something i'm doing wrong?
Cancel
Vote Up 0 Vote Down

Cancel
0 LuCar Toni over 1 year ago in reply to Anto te Lintelo

This should the process. Could be currently still disabled in Central itself, i would recommend to try this tomorrow, if the process will be shown.

Here you can see the process: https://www.youtube.com/watch?v=Gkxg9nRy1dQ

__________________________________________________________________________________________________________________
Cancel
Vote Up +1 Vote Down

Cancel
0 Anto te Lintelo over 1 year ago in reply to LuCar Toni

Yeah the video shows a different screen to. I'll wait till tomorrow.

Thanks
Cancel
Vote Up 0 Vote Down

Cancel
0 David Clark1 over 1 year ago

Higher CPU usage after upgrade. Last week was 4.9%, after upgrade running steady at 22%.
Cancel
Vote Up +1 Vote Down

Cancel
0 JasP over 1 year ago in reply to EgonSommer

If it is indeed a certificate issue, your endpoints need access to the internet and a DNS server to be able to update their certificate. This is the problem for us, because without a heartbeat, our endpoints are blocked on our network, so they can't update the certificate. I have to change our firewall rules so they can get the certificate and then they got there Heartbeats and I could change the firewall rules back.

Not sure if you have the same sort of setup so I don't know if this will help you resolve your issue.
Cancel
Vote Up +1 Vote Down

Cancel
0 JasP over 1 year ago in reply to LuCar Toni

I have passed on an Access ID via emmosophos so that devs can have a look at the logs.
Cancel
Vote Up 0 Vote Down

Cancel
0 JasP over 1 year ago in reply to David Clark1

I'm also seeing higher but nowhere near as dramatic as you. Previously averaging 4-5%, today it has been averaging at 7%. This is on my home XG which is totally over-specced. Will have to watch this when we start updating customer sites as they currently average between 20 and 40%.
Cancel
Vote Up +1 Vote Down

Cancel
0 SOPORTE ROVELLA CARRANZA over 1 year ago

Gente ... lo aplique y tal como se menciona aca... el cpu se muere y se pierde el hearbeat ... volviendo al 18.5.1 MR1
Cancel
Vote Up 0 Vote Down

Cancel
0 rfcat_vk over 1 year ago in reply to David Clark1

Mine has increased significantly, prior to upgrade around 5%, after upgrade 7-18%,currently shows 12%. A well spec'ed home system.

Ian

Edit:- added pretty picture of the issue.

XG115W - v19.5.3 mr-3 - Home

If a post solves your question please use the 'Verify Answer' button.
Cancel
Vote Up 0 Vote Down

Cancel
0 LuCar Toni over 1 year ago in reply to rfcat_vk

Checked my appliances and none have a significant upgrade of performance. But i am using only hardware.

__________________________________________________________________________________________________________________
Cancel
Vote Up 0 Vote Down

Cancel