Important note about SSL VPN compatibility for 20.0 MR1 with EoL SFOS versions and UTM9 OS. Learn more in the release notes.

This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Being knocked out of Firewall management

We are managing our firewalls from Sophos Central. We will login to Sophos Central, go into firewall management and choose the firewall and start managing it. The timing is random, but in the midst of managing the firewall we will be kicked out of the firewall and have to go back in to it. This occurs in a little as two minutes, and the timing is random from there. Some days, like today it can occur 5-6 times an hour.

It is super frustrating and time consuming. Anyone have any ideas why?



This thread was automatically locked due to age.
  • Yes , I know you said so, but did you check if your WAN uplinks are both "active"?

    Mit freundlichem Gruß, best regards from Germany,

    Philipp Rusch

    New Vision GmbH, Germany
    Sophos Silver-Partner

    If a post solves your question please use the 'Verify Answer' button.

  • I mean like this:

    Mit freundlichem Gruß, best regards from Germany,

    Philipp Rusch

    New Vision GmbH, Germany
    Sophos Silver-Partner

    If a post solves your question please use the 'Verify Answer' button.

  • We do not use load balancing and both of the WAN links are not active.

  • If you get kicked out, check the local firewall logs.

    centralmanagement.log --> 

    2024-04-26 13:00:12Z INFO central-connect[28463]:276 main:: - got response of poll for SSO. Status: requested backupExpected:
    2024-04-26 13:00:43Z INFO central-connect[29233]:221 main:: - Polling for SSO to PIC-URI [https://utm-cloudstation-eu-central-1.prod.hydra.sophos.com]/sophos/api/v1/firewalls/xxxxxxxxxxxxxxxx/sshTu
    nnel Timezone: Europe/Berlin
    2024-04-26 13:00:44Z INFO central-connect[29233]:276 main:: - got response of poll for SSO. Status: connected backupExpected:

    If you get kicked out, generated the firewall an logs here?

    __________________________________________________________________________________________________________________

  • We tested accessing the FW management with two completely separate networks and the issue still occurred, but what we noticed while doing this is that the moment I get into the FW using Sophos central, it kicks the other person out of that firewall. The moment they get back in to manage that FW it kicks me out. This goes back and forth and is reproducible. If one person goes into the FW management directly and not using Sophos central both can be in. What happens is the person who was originally in gets either a spinning circle or just gets kicked back to the FW selection screen

    This isn't the only time this occurs though as it happened this morning and I was the only person managing FWs.

    Sophos Central Audit logs show the events

    Reverse Proxy

    Generate token

    I will have to log a ticket with Sophos, but I already have another more important ticket logged.

  • Central SSO does not support multi user logins. There are improvements to get this working. 

    __________________________________________________________________________________________________________________

  • OK, I see, so I misinterpreted this!

    Did see this message after writing the other.

    Mit freundlichem Gruß, best regards from Germany,

    Philipp Rusch

    New Vision GmbH, Germany
    Sophos Silver-Partner

    If a post solves your question please use the 'Verify Answer' button.

  • We today one of my staff was knocked out of the firewall management 4 times and he was the only one in that firewall. So its back to the drawing board and going to log a ticket.