Important note about SSL VPN compatibility for 20.0 MR1 with EoL SFOS versions and UTM9 OS. Learn more in the release notes.

Sophos Firewall: v20.0 MR2: Feedback and experiences

Release Post:  Sophos Firewall OS v20 MR2 is Now Available    

The old V20.0 MR1 Post:  Sophos Firewall: v20.0 MR1: Feedback and experiences  

To make the tracking of issues / feedback easier: Please post a potential Sophos Support Case ID within your initial post, so we can track your feedback/issue. 

Release Notes:  https://docs.sophos.com/releasenotes/output/en-us/nsg/sf_200_rn.html 

Important Note on EOL Sophos RED Support:

The legacy EOL RED 15, RED 15w, and RED 50 are not supported in v20 MR1. Customers using these devices should upgrade to SD-RED or a smaller XGS appliance before upgrading to MR1 to maintain connectivity. See the following article for details: Sophos RED: End-of-life of RED 15/15(w) and RED 50



Edited TAGs
[edited by: Erick Jan at 8:29 AM (GMT -7) on 23 Jul 2024]

Top Replies

Parents
  • We’ve identified a bug in XGS 20 MR2 where PPPOE connections randomly disconnect and fail to reconnect until the firewall is restarted. I’ve downgraded to 20 MR1, which has resolved the issue . I’m reporting this bug so that it can be addressed and fixed. while PPPOE is attempting to initiate a session, it’s not successful, and the ISP does not detect any session requests during this period. Restarting the firewall resolves the problem. I have opened a case with Sophos Support.

  • Sophos support has responded today after reviewing all the logs and confirmed that this is a known issue in MR2. However, it is unclear who was aware of this, as Sophos support itself did not know about it and it is not listed in the known issues.

    We are concerned about how this critical bug, affecting WAN connectivity—a vital component of any firewall—was able to bypass testing. We have encountered similar issues with both PPPoE and DHCP WAN connectivity in the past, and these problems seem to resurface intermittently.

    It appears that Sophos cannot guarantee that such critical aspects are thoroughly tested before a release. Additionally, the MR2 release notes do not indicate any changes related to PPPoE, leaving us uncertain about how this issue arose and why the release notes were incomplete.

    Please do not update to MR2 unless you are prepared for potential issues with your firewall disconnecting PPPoE and needing frequent restarts.

    Thanks

    Dev Singh

Reply
  • Sophos support has responded today after reviewing all the logs and confirmed that this is a known issue in MR2. However, it is unclear who was aware of this, as Sophos support itself did not know about it and it is not listed in the known issues.

    We are concerned about how this critical bug, affecting WAN connectivity—a vital component of any firewall—was able to bypass testing. We have encountered similar issues with both PPPoE and DHCP WAN connectivity in the past, and these problems seem to resurface intermittently.

    It appears that Sophos cannot guarantee that such critical aspects are thoroughly tested before a release. Additionally, the MR2 release notes do not indicate any changes related to PPPoE, leaving us uncertain about how this issue arose and why the release notes were incomplete.

    Please do not update to MR2 unless you are prepared for potential issues with your firewall disconnecting PPPoE and needing frequent restarts.

    Thanks

    Dev Singh

Children