Important note about SSL VPN compatibility for 20.0 MR1 with EoL SFOS versions and UTM9 OS. Learn more in the release notes.

This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Sophos Firewall: v19.5 GA: Feedback and experiences

Release Post:  Sophos Firewall v19.5 is Now Available 

Old v19.0 MR1 thread:  Sophos Firewall: v19.0 MR1: Feedback and experiences 

EAP Sub thread:  SFOS v19.5 Early Access Program (Read Only) 

EAP 19.5 Thread:  Sophos Firewall: v19.5 EAP1: Feedback and experiences 



This thread was automatically locked due to age.
Parents
  • i installed SFOS 19.5.0 GA-Build197 on an XG310 today and since the upgrade the client computers loose internet access every few minutes and only browser activity seems to get it back working.
    Before the upgrade there was no issue with this.

    STAS "enable user inactivity" is off. according to Authentication log most users are authenticated trough AD SSO or CTA.
    all clients have Sophos Endpoint installed.

  • Hi Moritz, 

    When the clients lose internet access, do you see any entries (e.g. blocks) in firewall log? 

  •   
    i see some Invalid Traffic Denied entries. the one in the bottom is to the XG Firewall and the other ones are Microsoft IP's. 

  • I mean when the clients lose internet access, do you see entries from those client IPs in the Firewall log? 

    I wonder if somehow those clients are losing their authentication, and is then matching another FW rule which denies/blocks access? 

  • above is the firewall Log from one single client. otherwise i could not see anything in the firewall log.
    for the time when internet access is lost i also dont see anything in the authentication log.

    But on the authentication log for other times (not during internet block) i see that Heartbeat logon always fails which is probably because heartbeat is using a username with domain in the end. any idea how to fix this?
    Actually, the above invalid traffic and below failes heartbeat i also have on 19.0 but the internet dont drop because of this. 
    I just rolled back to 19.0 as users could not work like this and no drop out now, but i can test 19.5 in the weekend again.

Reply
  • above is the firewall Log from one single client. otherwise i could not see anything in the firewall log.
    for the time when internet access is lost i also dont see anything in the authentication log.

    But on the authentication log for other times (not during internet block) i see that Heartbeat logon always fails which is probably because heartbeat is using a username with domain in the end. any idea how to fix this?
    Actually, the above invalid traffic and below failes heartbeat i also have on 19.0 but the internet dont drop because of this. 
    I just rolled back to 19.0 as users could not work like this and no drop out now, but i can test 19.5 in the weekend again.

Children