Good morning all,
Kindly help me check the update message below. It was an update message on my shopos X135 firewall device asking me to update the software. Please what is the implication of this in case I go ahead with the update.
A quick response is highly appreciated.
[0:28 pm, 08/01/2022] Pastor_1960bet: UPDATE ON SOPHOS[0:28 pm, 08/01/2022] Pastor_1960bet: A new firmware SFOS 18.5.2 MR2-Build380 is available. We strongly recommend that you upgrade the device.VersionSFOS 18.5.2 MR2-Build380NewsMaintenance Release.FIPS 140-2 certified. Crypto Module on SFOS v18.5 MR2 (and future MRs of v18.5) is now FIPS 140-2 Level 1 certified for XGS series hardware as well as SFOS running on virtual machines.Added support for GCM and suite-B ciphers for IPSec VPN. AES-GCM for IPSec significantly improves IPsec VPN performance.Increased ideal timeout for IPsec remote access connections up to 6 hours.MASQ rule for Route Based IPSec (RBVPN) will now use XFRM IP instead of WAN IP in the source NAT.Improved MFA (TOTP) Authentication Added MFA support for the admin account. Added alert notification of admin account without MFA. Streamlined MFA admin experience with easier to discover and enable MFA configuration.Active Directory enhancements for multiple group membership. Web UI will show all the groups that the user belongs to.Certificate enhancements. More useful information about different certificate authorities. Easily find out locally added certificates, a certificate that has private keys. Easily download a copy of the public part of any certificate so that you can check/confirm.Troubleshooting report (CTR) enhancement. Capture full troubleshooting logs including log file rotation in the CTR. Ability to generate CTR from the backend. Eliminate UI timeout and freezing issues during CTR generation.Introduces Sophos Assistant - a new interactive help that also makes configuration setup easier by enabling "guide me" flows.Enabled credential free registration for Sophos Central.Added new domains for TLS exclusion list (gotowebinar, ava.expertcity.com, cdn-apple, mzstatic, zoom.us, deivce.login.miscorsoftonline.com).Visual indication of ISO re-image completion status through port LEDs or on device LCM screen for XGS series hardware.Added support for Cloudflare DDNS provider.Global IPS Switch � A new global switch has been added to the Intrusion Prevention > IPS policies tab to enable or disable IPS. If you were previously using IPS, This switch will be set to ON automatically when migrating to v18.5 MR2.Installation wizard now provides default option for a 2 port bridge rather than all ports in a single bridge default config earlier.Xstream Flow Processor driver update related to performance optimizations, mandatory for XGS 4300/4500/5500/6500.Upgraded JQuery version to 3.5.x.Enables hardware reset on XGS 87 and 107. A long press of the hardware reset button perform a factory reset to help recover from a bad configuration.Fixed 110+ Field reported issues.Resolved issuesNC-61909 [API Framework] i18n config and actual config name(in tbldefaultconfigini18n) mapping issueNC-72851 [AppFilter Policy] Importing Application filter policy (Using Import/Export option) changes the rules and list of applications within rules when any of the rule contains characteristics as cloud application.NC-62245 [Authentication] OTP settings can't add Groups as OUNC-66087 [Authentication] XG v18: AD Group import failingNC-67997 [Authentication] csd service is in stopped stateNC-69111 [Authentication] Cannot export remote Users from XGNC-70877 [Authentication] guest_user_purging opcode getting failed due to large payload sizeNC-72492 [Authentication] Unable to get the password via SMS for the Guest User who already got password once.NC-72664 [Authentication] XG not initiating request to AD server on Port 6677 after appliance rebootNC-75783 [Authentication] LDAP authentication with anonymous login is not workingNC-75269 [Backup-Restore] Upgrade error unique index "tbllocalservicedetails_pkey"NC-65200 [Clientless Access] No key recognition after pressing the Windows key in Clientless AccessNC-70067 [CM (Join to Cloud)] Central Registration alert does not disappear after registrationNC-68228 [Config Migration Framework] "/conf" partition is at 99%NC-64973 [CSC] Split networks not reachable in case the definition name contains special charactersNC-67761 [CSC] System startup fails when a large number of users are included in a single firewall ruleNC-68187 [DDNS] Unknown error while generating DynDNS IPNC-54308 [Email] HSTS not offered on port 8094NC-54523 [Email] Yahoo email account configured in email client not working with IMAPS scanningNC-63872 [Email] DKIM verification being applied to outbound emails and emails are getting quarantined .NC-65198 [Email] False positive for CCL with words "credit card" in bodyNC-65533 [Email] Misleading message in notification settings for external email server.NC-65831 [Email] Same Email Displayed for different "reason" filter in mail logNC-66068 [Email] DKIM signing not happening for Out Of Office or NDR or Bounced messagesNC-66194 [Email] High CPU utilization by mailscannerNC-67606 [Email] Unable to update certificate in TLS smtp using APINC-68176 [Email] Not possible to use special characters in password for external E-Mail notification serverNC-68979 [Email] Korean Language is broken in the email body which is encrypted with SPXNC-70863 [Email] Unable to delete quarantine emailNC-71555 [Email] Getting certificate related error while accessing Outlook client with POP3 scanning rule enabled on XG.NC-74101 [Email] Email delivery issue due to Brazilian characterNC-74791 [Email] Quarantine Digest is sending email 6 minutes earlier before the configured timeNC-69456 [Firewall] Device goes into Failsafe Mode after Backup restore (Unable to apply Firewall Framework)NC-71595 [Firewall] DNAT rule not working when migrated from CROS > 17.5MR15NC-74603 [Firewall] WebAdmin Denied Appliance Access Attempt log shows dst port as a custom port : 65003 instead of external port: 4444NC-76521 [Firewall] Firewall ID doesn't display in ID columnNC-76742 [Firewall] XG goes into the failsafe after the back-up is uploadedNC-79110 [Firewall] Failed to Restore backup from 17.5MR16 to v.18.0MR6NC-70568 [Firmware Management] AUX executive report over email not coming on proper timeNC-67675 [HA] Systems goes into failsafe mode if an interface is added in discover mode when HA is enabledNC-73926 [HA] Unable to access Web : HA Active-Active Load balancingNC-74735 [HA] AUX reboots during an HA switchoverNC-75844 [HA] Traffic issues on HA Active-Active ModeNC-75870 [HA] QuickHA page stuck and unable to stop itNC-62120 [Interface Management] Backup restore not possibleNC-70251 [IPS Engine] IPS service dead after enabling the HA A-PNC-79029 [IPS Engine] IPS restarting with Coredump.NC-79943 [IPS Engine] IPS Service is deadNC-79335 [IPS Ruleset Management] IPS enable toggle switch - loading iconNC-79386 [IPS Ruleset Management] Wrong sig date on IPS Policy screen in Migration scenarioNC-72949 [IPS-DAQ] Print Jobs won't work with DPI engineNC-63177 [IPS-DAQ-NSE] DPI causing trouble with SSL 2.0 client hello'sNC-69314 [IPS-DAQ-NSE] Dropped due to TLS engine error: CORRUPT_RECORDNC-67952 [IPsec] ESP sequence number mismatchNC-68461 [IPsec] Kernel Panic skb_copy_and_csum_bits after update to MR4NC-68531 [IPsec] Getting error when creating remote access IPsec VPNNC-69303 [IPsec] IPsec connection configured with Certificate fails to connectNC-69335 [IPsec] Unable to delete IPSec Connection which is on second UI pageNC-69993 [IPsec] All IPsec Down , DGD service Stopped, Gateway Missing After 30 minutesNC-70320 [IPsec] Unable to make changes with OUs presentNC-72920 [IPsec] XFRM packet loss on route based ipsec vpnNC-72934 [IPsec] ChildSA disconnection issue with Idle setting enabled in Sophos ConnectNC-73703 [IPsec] Unable to connect to Sophos Connect due to incorrect PSK in KVM HA setup.NC-74864 [IPsec] Unable to Download VPN IOS profile from User portal when Authentication mechanism is certificate for Sophos Conect.NC-74891 [IPsec] Query and behavior about Email notification Discrepancy � V18 MR-5 HANC-75030 [IPsec] Charon crash in adopt_children_job.c executeNC-75159 [IPsec] IPSec failover not working and customer has to toggle Failover Group to make tunnel up againNC-75543 [IPsec] Tunnel is not coming up as traffic is passing via wrong interface.NC-75990 [IPsec] IPsec tunnel not coming up until service is restartedNC-76400 [IPsec] Apple iOS IPsec VPN Client ConfigurationNC-77729 [IPsec] IPsec tunnel not getting reconnected after PPPOE reconnectedNC-77938 [IPsec] Unable to deactivate failover groupNC-62880 [Logging Framework] Sentry reported coredump in crformatter_free_dataNC-67803 [Logging Framework] Live connection page not loadingNC-72955 [Logging Framework] active.db corruption: Enhance recovery logic for tbllog_config tbllog_docsizeNC-70057 [Network Utils] Intermittent WAN connectivity issue for firewall running on AzureNC-65567 [RED] Split networks aren't reachable anymore in case you change settings in the transparent/split modeNC-67340 [RED] All the Red50's got disconnectedNC-68277 [RED] RED site-to-site tunnel failover doesn't always workNC-70783 [RED] The GUI access of the Primary appliance is lost when we save RED interface.NC-75175 [RED] Corrupt entry in tblreddevice causing red service to fail startingNC-78401 [RED] RED keep-alive logic improvementsNC-78512 [RED] Split networks aren't reachable from RED network for one RED deviceNC-70243 [Reporting] Reports stop generating after 1-Jan-21NC-79404 [Reporting] Log Viewer is not returning results from /var/eventlogs/NC-68324 [SDWAN Routing] FTP data connection issue with SD-WAN Policy routeNC-77289 [Security, Web] The db testpass is not always encrypted correctlyNC-68839 [SSLVPN] All users not able to download Sophos connect client from user portalNC-70041 [SSLVPN] Incorrect Count for Remote users/connected userNC-73617 [Static Routing] Mandatory configuration while deleting the static route through APINC-72545 [SupportAccess] Duplicate support access id due to backup / restoreNC-68263 [UI Framework] Unable to access the GUI randomlyNC-66980 [VFP-Firewall] Kernel Panic RIP: 0xffffffffa0859718NC-69286 [VFP-Firewall] ICMP times out when Firewall Acceleration is enabledNC-73089 [VFP-Firewall] Ports not added to LAGNC-77771 [VFP-Firewall] Kernal panic: unable to handle kernel paging request at ffff88036e000000NC-60855 [Web] Unable to restore backup from CR100iNG v10.6.6 MR-5 to XG210 MR-12NC-66966 [Web] Not able to login cpanel server with direct proxyNC-68194 [Web] Unable to Reset Web QuotaNC-69945 [Web] Awarrenhttp is DEADNC-72694 [Web] SSL/TLS Inspection does not work for SMTPNC-76041 [Web] XGS6500: AVD Thread Count anomaly observed.NC-80658 [Web] Tomcat Internal server error because "Maximum number of DB connections exceeded"NC-68226 [WebInSnort] Google website not opening with dpi and app controlNC-70030 [WebInSnort] Unable to show the Username using the Custom Block Page using the DPI methodNC-71216 [WebInSnort] Unable to access MS TFS hosted on LAN network through SSL VPNNC-73800 [WebInSnort] Websites being blocked with custom Application Control policy being appliedNC-50232 [Wireless] LocalWiFi : Inbuilt Wireless Stops broadcastingNC-62169 [Wireless] Wireless APs are not able to lease IPs in separate zoneNC-70733 [WWAN] USB Dongle Huawei E8372 not reconnecting after a Power CycleNC-79452 [XGS BSP] Slow upload speed XGS2100 over 1G interfaces set 100Mbps speed
I would recommend a backup before any other steps. Do you have any fancy firewall rules or policies?if not then an install should work correctly.
what is the current version on your XG?ian
Xeon 1225v5 6gb ram, SSID, 4 NICs 20w - v19 EAP
XG115W - v18.5.2
If a post solves your question please use the 'Verify Answer' button.
Sophos XG 135
Sorry, that is the hardware, what is the software/firmware version?
SFOS 18.5.1 MR-1-Build326
SFOS 18.0.5 MR-5-Build586
I would be interested to know if you have attempted the update and encountered any issues? We have the same model and proposed update to SFOS 18.5.2 MR2-Build380 (current firmware SFOS 18.5.1 MR-1-Build326) and the following items concern me:
I understand that these issues are fixed by the update but if there are any issues caused by the new update does the above mean that we'll have a problem restoring to a backup?
Would be interested to hear what Sophos say about this and your experiences.