Important note about SSL VPN compatibility for 20.0 MR1 with EoL SFOS versions and UTM9 OS. Learn more in the release notes.

This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

SFOS 20.0.0 GA-Build222 DHCP ISSUES

Hello evryone.

after updating Sophos firewall to  SFOS 20.0.0 GA-Build222 the DHCP stop relaing ip adress in all network devisies, i try to desabel./enabled DHCP, reload firewall no result.

i was oblige to downgrade to SFOS 19.5.3 MR-3-Build652 and every thing goes On.

someone had this probleme ?



This thread was automatically locked due to age.
Parents
  • SFOS 20.0.0 GA-Build222 DHCP completely broke my network too. Wasted half a day already to figure out what's happening and it's a complete no-go so far.

    My settings are completely fine and working under SFOS 19.5.3 MR-3. All this s**t show started after upgrading to 20.0.0. Port is assigned properly so no "Fine Tuning" of the DHCP is needed. Manually checked the dhcpd.conf line by line and it looks ok. 

    Does someone have some explanation that makes sense and not sounding like this one:

     

    "Fine-tuned the DHCP settings with specific interface as it was configured as "all""

    The firewall just kills the DHCP requests from certain clients without any reason and it's completely chaotic. No IDS or other rules are triggered. It's the LAN side after all....

    So, anyone with some reasonable answer before i roll back to 19.x.x? (Or maybe i should "roll-back" to Pfsense and cut that overpriced thing out of my rack...)

  • Hi ,  Can you please share your DHCP congratulations manage page screenshot to review the details? ( i.e. Configure > Network > DHCP snapshot). 

    Regards,

    Vishal Ranpariya
    Technical Account Manager | Sophos Technical Support

    Sophos Support Videos | Knowledge Base  |  @SophosSupport | Sign up for SMS Alerts |
    If a post solves your question use the 'Verify Answer' link.

Reply Children
  • Hi   Thank you for sharing this snapshot that has given me more clarity on your reported situation.

    In your existing V19.5.X firmware version I can see more than 1 DHCP server defined/configured over the same (physical/logical) interface. In such a scenario it has been observed DHCP stopped leasing IP after the Upgrade to V20 for the subsequent DHCP servers (shared network in the DHCP conf file) over that interface.

    This has been marked as in BUG and the fixed version is marked V20.1. MR-1. 

    NC-129171 - DHCP stopped working after the upgrade from v19.5.3 to v20 GA

    I would suggest logging a support case to review your logs and details with the above ID and to confirm the workaround.

    Regards,

    Vishal Ranpariya
    Technical Account Manager | Sophos Technical Support

    Sophos Support Videos | Knowledge Base  |  @SophosSupport | Sign up for SMS Alerts |
    If a post solves your question use the 'Verify Answer' link.

  • Hi,

    You are seeing multiple DHCP servers because this is the only way of declaring a single host static IP assignment which is needed if one wants to define specific rules for specific hosts out of the scope of the dynamic pool. Anyways. I run out of time to deal with the ticketing and waiting for the support to observe my logs. Rolling back to 19.x.x My clients are getting nasty already...

    Thanks!

  • Hi   Yes I do agree with your feedback and that is the reason the issue has been accepted as in product BUG. As of now, you may wait till the V20.1 MR-1 release if it is fine else you may roll back for the time being and log a support case for the next plan and workaround if due to any specific feature needs, it was decided to move to V20 GA. I will keep you posted here if there is any change in the fixed version communication.

    Regards,

    Vishal Ranpariya
    Technical Account Manager | Sophos Technical Support

    Sophos Support Videos | Knowledge Base  |  @SophosSupport | Sign up for SMS Alerts |
    If a post solves your question use the 'Verify Answer' link.

  • I've rolled back already. Will keep an eye on the updates and will test them in the scheduled maintenance window this weekend. That's the best i can do right now.

    C ya!