This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Sophos Firewall: v19.5 MR1: Feedback and experiences

Release Post:   Sophos Firewall OS v19.5 MR1 is Now Available 

The old V19.5 GA Thread:  Sophos Firewall: v19.5 GA: Feedback and experiences 

Removed Prio.
[gesperrt von: LuCar Toni um 11:37 AM (GMT -7) am 9 May 2023]
  • There are plans to implement this in the future. No ETA right now. 


  • Hi Evandro,

    Thank you for reaching out to Sophos Community.

    Would it be possible to share the Case ID. Thank you

    Erick Jan
    Community Support Engineer | Sophos Technical Support
    Sophos Support Videos Product Documentation  |  @SophosSupport  | Sign up for SMS Alerts
    If a post solves your question use the 'Verify Answer' link.

  • Hi Erick.
    We decided to redo the high availability configuration.
    The sync process took 8 hours to finish and it is working now.

  • Hi,

    We've got some rbvpn issues since the MR1 update. We've updated the headoffice firewall (XGS3300) to 19.5.1 and we see some problems with icmp/ping traffic from the headoffice to the branchoffice.

    We are using HP Device manager to manage Thin Clients in the remote office and the program can't find the ThinClients anymore since the update. On 19.5 there where no problems. HPDM doe show al local ThinClients.

    Firewall rules are basically Any-Any Allow in both directions. We see no problems from the branchoffice to headoffice, but that is only RDP traffic. 

    Also known clients in the branchoffice do not reply on pings from the headoffice.

    This does not go for all traffic, some devices are available for pings, mostly static devices such as printers.

    Bart van der Horst

    Sophos XG v18(.5) / v19 Certified Architect

  • We think we have solved the problem, customer has windows firewall enabled on major part of the clients and updated the images last week, they are all in private mode now and don't accept ping or any other things from the (trusted) network now. Disabled wfw on one Thin client made them accessible in HPDM.

    Sorry customer didn't inform us on this. And blamed it on the new update we performed.

    Don't know for sure this is the answer, but my money is on it.

    Kind regards,

    Bart van der Horst

    Bart van der Horst

    Sophos XG v18(.5) / v19 Certified Architect

  • Unfortunately, there is still no way to display a specific time period in logs, sometimes you have to scroll for minutes. Thumbsdown

  • Hello,

    very bad experience for me.
    I upgraded from 19.0.1 to 19.5.1
    After the update, user authentication works poorly, and they have to restart their PC.
    I lost all "ClientLess User" access
    Even when recreating by hand, the firewall does not allow flows to pass.

    I had to revert to 19.0.1, then update to 19.0.2.
    And there, everything works perfectly.

    I can only advise against version 19.5.1 :(

  • Hello  ,
    Have you notice any specific error during clientless user recreation?
    If possible, then please PM me appliance access detail so I can debug further.


  • Hello Bhavik24,

    Sorry, but everything was erased due to firmware rollback.
    I had opened a case with SOPHOS, but it was closed following my switch to 19.0.2

    FYI, when I booted to firmware 19.5.1, absolutely no clientless users appeared in the list of active users (under current activities -> live users).

    After returning to 19.0.1, everything appears again.
    After migration to 19.0.2, everything also appears correctly.

  • There can be (unrelated to the firmware version) issues with the services, providing the clientless users.

    Most likely, if this is the case, it is a one time issue: 

    Restarting the Authentication daemon fixes this and it should not come up again.