Thread Info
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Default SSL/TLS inspection rule missing

kerobra

Hi there,

I recently configured a new XGS3100 active/passive cluster with SFOS 19.5. Everything seemed to be fine, but as I wanted to configure the SSL/TLS inspection (I normally do this as one of the final steps) I realized, that there is missing something.

Here is how it looks:

and here how it SHOULD look:

Both firewalls are on 19.5 and I did not see this on any other 19.5 firewall before.
Any ideas what could be the issue here?

Regards,

Kevin



This thread was automatically locked due to age.
  • 0

    Hi Kevin,

    Thank you for reaching out to Sophos Community.

    Kindly share the Case ID.

    If there’s no case ID,  we strongly advise you to kindly create one.

    Erick Jan

    Global Community Engineer, Support & Services
    Are you a Sophos Partner? | Product Documentation | @SophosSupport | Sign up for SMS Alerts
    If a post solves your question, please use the 'Verify Answer' button.

    The award-winning home for Sophos Support videos! - Visit Sophos Techvids

      • +1

        To add an answer to this one.

        Support checked the firewall and couldn't find an entry for the rule in the database. Reimage and backup-restore was suggested.

        Since I was working from home I decided to go factory-defaults first. The rule was present after finishing the first-time setup.
        I then imported the previously taken backup which ended in the same result as before the factory-reset, the default ssl/tls rule was missing again.

        I then did the factory-reset one more time and imported a full configuration export file I took before the whole troubleshooting.
        This way the default rule was present at the end and this is completely fine for me.

        I could repeat the process with the same results on the second appliance (same results after backup-restore as after config-import).

        So I cannot say why or how it happened, but it seems to be fixed now.

        Regards,

        Kevin

        Regards,

        Kevin

        Sophos CE/CA (XG, UTM, Central Endpoint)
        Gold Partner