Important note about SSL VPN compatibility for 20.0 MR1 with EoL SFOS versions and UTM9 OS. Learn more in the release notes.

Thread Info
  • State Verified Answer
  • Replies 2 replies
  • Subscribers 40 subscribers
  • Views 533 views
  • Users 0 members are here
Options
Suggested

Sophos XGS v20.0.2 - Heartbeat service dead - Decryption of passphrase is failed

Jens Frankiewicz

Hello,

we performed a firewall migration from an XG450 model to the XGS4500 model last weekend. The firewalls are in a HA configuration. The migration process worked seamlessly. The primary firewall is working with no issue, all services started. To make sure that the HA failover and everything is connected correctly we performed a switch to the auxiliary device. This also worked without issues except for the heartbeat service not starting.

Steps taken to resolve the issue.

1. Tried to restart it via UI by turning the heartbeat function off an on. (System->Sophos Central->Security Heartbeat)

2. Tried to restart it via cli.

XGS4500_AM02_SFOS 20.0.2 MR-2-Build378 HA-Primary# service heartbeat:status -ds nosync
200 DEAD
XGS4500_AM02_SFOS 20.0.2 MR-2-Build378 HA-Primary# service heartbeat:start -ds nosync
503 Service Failed
XGS4500_AM02_SFOS 20.0.2 MR-2-Build378 HA-Primary# service heartbeat:status -ds nosync
200 STOPPED

What we found in the heartbeatd.log is that it is having issues with the decryption of a passphrase.

[2024-11-18 13:02:43.295Z] INFO HbdModuleBuilder.cpp[23674]:202 initLogger - Word size of architecture: 64
[2024-11-18 13:02:43.295Z] INFO HbdModuleBuilder.cpp[23674]:203 initLogger - Heartbeat daemon build time: 15:19:37 Jul  5 2024
[2024-11-18 13:02:43.295Z] INFO HbdModuleBuilder.cpp[23674]:97 intializeAndRunHbd - Heartbeat daemon starting
[2024-11-18 13:02:44.030Z] INFO EndpointStorage.cpp[23674]:37 EndpointStorage - Working with persistent endpoint storage
[2024-11-18 13:02:44.030Z] INFO EndpointStorage.cpp[23674]:39 EndpointStorage - Calling EndpointStorageBackend::get_all_endpoints
[2024-11-18 13:02:44.042Z] ERROR HBSessionHandler.cpp[23674]:261 dbCallbackEncryptedPassphrase - Decryption of passphrase is failed
[2024-11-18 13:02:44.042Z] FATAL HbdModuleBuilder.cpp[23674]:143 intializeAndRunHbd - Password missing to decrypt the key
[2024-11-18 13:02:44.042Z] INFO HbdModuleBuilder.cpp[23674]:148 intializeAndRunHbd - Heartbeat daemon halted

Steps taken during the migration:

1. Backup of the XG450. (v20.0.1)(System->Backup&firmware->Backup now -> Download)
2. Starting the XGS4500. (Update to latest firmware v20.0.2, connect to Sophos Central, apply licenses)
3. Shutdown of the XG450.
4. Import of the Backup from the XG450.
5. Reconnect to Sophos Central. (Import removes that configuration)
6. Setup of HA.
7. Add firewall to a group in Sophos Central. (Sync all settings from Sophos Central)

Does anyone have had this issue before and has an idea on how to fix this?



Added TAGs
[edited by: Raphael Alganes at 1:48 PM (GMT -8) on 18 Nov 2024]
Parents Reply Children
No Data
Unfiltered HTML