A few days ago I got into a difficult situation where an XG 135 was unreachable through VPN after updating to SFOS 19.0.0 GA-Build317.
This wasn't the first time I was having issues with SFOS v19.0.0 GA-317 update, but it was the first time while working remotely.
I was not on site, and since I couldn't establish a VPN connection with the device after the fw update, for whatever reason, I tried to find a workaround to regain remote access.Luckily, I had terminal access from a device on that LAN (Synology NAS, Docker ssh client); my first thought was to try to revert the firmware back, and I tried using the methods discussed here: community.sophos.com/.../how-do-i-boot-to-previous-firmware-with-puttyUnfortunately, the methods on the previous link didn't work for me. I'm unsure why (maybe FW version?), rebootfw command didn't return any errors but it also didn't return anything, after a reboot it clearly wasn't working as intended or suggested.I eventually used another command which apparently is issued by the system during firmware updates: loadfwThis worked for me:1. SSH into the firewall2. Choose option 5 (Device Management)3. Choose option 3 (Advanced Shell)4. Execute: showfwThe command above returns a list of existing firmwares on the device:FW0=SFLoaderFW1=19_0_0_317FW2=18_5_3_408We already know which version is in use from the terminal prompt alone, for example:XG135_XN03_SFOS 19.0.0 GA-Build317#If Firmware 1 (FW1) is in use, we probably want to switch to Firmware 2 (FW2) - and vice-versa.5. To switch to FW2, execute: loadfw -d -f 2Summary:-d: Sets the firmware # passed by -f as the default FW to use-f #: Tells which firmware to use for this command6. Reboot the device now by issuing: rebootIt took around 5-10 min. for me to regain access to the device, hope this helps someone else.