Sophos Firewall: v19.5 MR1: Feedback and experiences

Generally speaking Central will be supported as soon as the Firmware is available for all firewalls. It is not related to what the firewall is seeing. 

So... 19.5.0 is still not generally available?

Just upgraded two nodes from 19.5 GA (XG330) and 19.0-MR1 (XG230) to SFOS 19.5-MR1.

The XG230 sites just worked fine, but the XG330 site got DPI-Engine FLOW_TIMEOUT_ERRORS for the internal Exchange ActiveSync connection so we need to roll back to SFOS 19.5 GA.

As troubleshooting we just disabled DPI-Engine and turned firewall accleration off but without any positive effects.

The Outlook client just shows connected for 1-2 minutes, after that the Client is going to get disconnected and you cannot reconnect, after rollback everything worked fine again on the XG330 site.

The XG230 is connecting to the exact same Exchange server with the exact same security policies and its working fine.

Hello Mayuresh,

Would you be able to provide access ID of the appliance over PM?

Few questions:

- From which SFOS version you have upgraded?

- How did you observe about link switching is too aggressive? By looking at events in log-viewer or any other means?

- Reg. loss of session, does it happen during link switching only or observed without that as well?

- Please share network topology diagram with client and server traffic to understand deployment better.

Central will offer only one Upgrade to choose from (right now). It is controlled by Sophos to show, which Firmware is visible. 

Hi Alexander Brinck2 

I'd like to know more about this and see if I can help.  Please PM me in here or email me at michael.dunn at sophos.com

Could you please provide a KB or something that provides that information? Sophos Support want me to keep a window of 3-4 hours clear so they can call me and work with me to investigate this issue. It seems like the support team is not aware of this information and it will save a huge amount of time if I can provide it to them.

Hello Mayuresh,

Could you please share access ID so we can look at the issue you are facing?

Also, please help answering the questions to narrow down the problematic area to look at.

Hello!

I have noticed an increase in load time for web pages, DNS_Probe issues, and internet connectivity issues since upgrading to 19.5 from 18.5. I have an SG210 (SFOS 19.5.1 MR-1-Build278) and an XGS3100 (SFOS 19.5.0 GA-Build197). I have connected through both and have experienced same issues. 

Firewall logs do not show issues with DNS, however, there are more Invalid Traffic - Could not associate packet to any connection showing up since update. 

Thanks!

This issue should be investigated. I am open to provide access ID. Internet surfing is 20% slower now