Sophos Firewall v22 EAP is now available! Click here to learn more.

Thread Info
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Firewall in failsafe mode

David Babiano Rodriguez

Hi to all,

I have two devices in HA... Yesterday, doing some tests, I did be able to see that the passive device is in failsafe mode. If I do a "show failure-reason" command, the device tells me "Unable to apply Firewall Framework"...

How could I recover this device??? This device is new (I bought them about two weeks ago), is it normal???

Thanks to all!!

Regards,

David.



This thread was automatically locked due to age.
  • 0

    David,

    are you using Sophos appliances or intel x86 hw?

    The best way is to remove the HA, format the secondary unit and join it again inside the cluster.

    Regards,

    • 0 in reply to lferrara

      Hi Luk,

      I'm using sophos appliances... How can I remove the HA format???

      I have reset the device to the default configuration and the device initialize in failsafe mode too. Have I to do something more???

      Thanks in advance!!

      Regards,

      David.

      • 0 in reply to David Babiano Rodriguez

        Hi David,

        Select option 2. Reset to factory defaults >3. Reset configuration, report and signatures. This will reset the appliance to factory default settings.

        Refer the below link to disable HA.

        https://www.sophos.com/en-us/medialibrary/PDFs/documentation/SophosFirewall/Pocket%20Guides/DisableHighAvailabilityHA.pdf?la=en

        Thanks

        Sachin Gurung
        Team Lead | Sophos Technical Support
        Knowledge Base  |  @SophosSupport  |  Video tutorials
        Remember to like a post.  If a post (on a question thread) solves your question use the 'This helped me' link.

        • 0 in reply to sachingurung

          Hi Saching,

          I can't follow this guide beacuse the device doesn't show me the menu... It only shows me the failsafe mode menu:

          Sophos Firmware Version SFOS 16.01.2

          Failsafe Mode

          1. Device Console
          2. Reset to Factory Defaults
          3. Flush Device Reports
          4. Remove Firewall Rules
          5. Advanced Shell
          6. Shutdown/Reboot Device
          0. Exit

          Select Menu Number [0-6]:

          Can I do something from this menu??? The device doesn't let me access it via admin console neither....

          Thanks in advance!!

          Regards,

          David.

          • 0 in reply to David Babiano Rodriguez

            Hi David,

            Go to Device console and type : system ha disable.

            This will disable HA and the appliance in Auxiliary mode shall restart to factory default. Restart the primary device to boot up in normal mode.

            Thanks

            Sachin Gurung
            Team Lead | Sophos Technical Support
            Knowledge Base  |  @SophosSupport  |  Video tutorials
            Remember to like a post.  If a post (on a question thread) solves your question use the 'This helped me' link.

            • 0 in reply to sachingurung

              Hi Saching,

              as I said to you, this menu is not the normal menu, is the failsafe mode menu... If I select the option 1, the console doesn't let me run this command. I only can run this:

              Sophos Firmware Version SFOS 16.01.2

              failsafe> system
              system System Configuration
              Press <TAB> for see more options
              failsafe> system
              diagnostics Diagnose the Appliance
              failsafe> system

              If I run the system command and I press TAB, it only let me do this:

              failsafe> system diagnostics
              utilities Utilities to Diagnose the Appliance
              failsafe> system diagnostics utilities
              ping Send ICMP ECHO_REQUEST packets to network hosts
              ping6 Send ICMPv6 ECHO_REQUEST packets to network hosts
              ip IP utility from iproute2 package.
              traceroute Print the route packets take to network host
              dnslookup Query internet domain name servers for hostname resolving
              bandwidth-monitor Monitors Bandwidth
              traceroute6 Print the route packets take to network host
              dnslookup6 Query internet domain name servers for hostname resolving
              ip6 IPv6 utility from iproute2 package.
              failsafe> system diagnostics utilities

              Any idea more???

              Thanks in advance.

              Regards,

              David.

               

               

               

              • 0 in reply to David Babiano Rodriguez

                HI David, 

                As per my observation, you device went in Failsafe mode. 

                You would need to reset the device to default and configure the address on your interface which different from your primary appliance. Once the Address is pingable from both end you may enable HA on your Primary appliance . At this stage, your Secondary would reboot and would be configured. 

                To check the system is in HA , you may check  on your primary appliance by the command provided by Sachin . 

                To reset the Device you would need to Select Option 2. 

                Note If the device again went to failsafe mode then you may need to contact support to check the device .

                Regards,

                Aditya Patel
                Global Escalation Support Engineer | Sophos Technical Support
                Knowledge Base  |  @SophosSupport | Sign up for SMS Alerts
                If a post solves your question use the 'This helped me' link.

                • 0 in reply to David Babiano Rodriguez

                  Hi David,

                  Select option 2. Reset to factory defaults >3. Reset configuration, report and signatures.

                  If the device still boots up in the fail-safe mode then, you need to manually load a firmware from SF loader. Let me know what happens after the reset.

                  Thanks

                  Sachin Gurung
                  Team Lead | Sophos Technical Support
                  Knowledge Base  |  @SophosSupport  |  Video tutorials
                  Remember to like a post.  If a post (on a question thread) solves your question use the 'This helped me' link.

                  • 0 in reply to Aditya Patel

                    Hi Aditya,

                    I have reset the appliance more than one times but the appliance boots ,every time, in failsafe mode... I can't configure any port. I'm able to see that the port 0 is configured with the IP address 172.16.16.16, but I can't ping it....

                    I'm going to contact to the support team but is very strange....

                    Thanks to all for your help and Merry Christmas to all!!

                    Kind Regards,

                    David.

                    • 0 in reply to David Babiano Rodriguez

                      Hi All,

                      I've the same issue, very unstable, the only way to solve is reimage the unit.

                      I've had open  a case, and the only way is reimage the unit.

                      Any other idea related to the issue.

                       

                      Regards,

                      Wisnu

                      • 0 in reply to Wisnu Nursahid

                        Hi Wisnu,

                         There are various reasons for failing into Failsafe mode, This would include database corruption, fail to load configuration etc and would suggest  to keep a backup file to re-image and load the backup . 

                        Regards,

                        Aditya Patel
                        Global Escalation Support Engineer | Sophos Technical Support
                        Knowledge Base  |  @SophosSupport | Sign up for SMS Alerts
                        If a post solves your question use the 'This helped me' link.

                        • 0 in reply to Wisnu Nursahid

                          how do you reimage one of the hardware appliances?

                           

                          i have one unit that's in failsafe and reset to default is not fixing it