Sophos UTM: Decommissioning of obsolete URL categorization services CFFS. Click here for important info.

Getting Sophos XG to boot UEFI with CSM disabled

I found this workaround for getting UEFI boot to work and was wondering is anyone has got this to work. I am not great with Linux so I don't totally understand this but I used the steps and it still doesn't boot UEFI. I am wondering if anybody has gotten this to work recently. Thanks.


The problem you are having is that even though the Sophos XG install program is UEFI bootable, Sophos XG itself is not.

That's why you are are to install Sophos XG from a UEFI bootable USB stick, but later when the install successfully completes, your computer can't start Sophos XG from the HHD

The solution? You have to manually make the Sophos XG in your HHD UEFI bootable..

How? Follow these simple steps..

  1. Create a USB install of Ubuntu Live 18.04 (Must use only Ubuntu 18.04, since newer versions have a different (newer) GRUB version and won't work)

  2. Boot Ubuntu 18.04 from your USB stick (DO NOT INSTALL, just select TRY Ubuntu)

  3. Once in Ubuntu, open a terminal/command prompt window and enter the following:

   sudo apt install grub-efi-amd64-bin
   sudo mount /dev/sda1 /boot
   sudo mkdir /boot/efi
   sudo mount /dev/sda2 /boot/efi
   sudo grub-install --target=x86_64-efi --efi-directory=/boot/efi/

4. Once done, take out the Ubuntu USB stick and reboot.

What this does is that it installs GRUB to your Sophos XG install and makes it UEFI bootable..

You can now disable CSM, since it's now UEFI bootable.

So.. How do I know all this? I've been through this too, when I upgraded my Sophos XG Firewall to v18 MR-1

You can find more info here:

Thank Martin Gross for this solution... I'm just passing it along :)

Added TAGs
[edited by: emmosophos at 5:50 PM (GMT -7) on 4 Jul 2023]
Parents Reply Children
No Data