3CX DLL-Sideloading attack: What you need to know
Sophos Firewall OS v17.5 and v18.0 has been end of life.
It is recommended to upgrade to the latest firmware version of v19.0, or v18.5.
Note:
The following steps need to be performed in scheduled time window.
To identity which firewall is initial primary node in active-passive HA:a.) Log on Sophos Firewall SSH terminal using admin account. Once authenticated, you will be presented with the Sophos Firewall console menu.b.) Go to 5. Device Management > 3. Advanced Shell, and run the following commandsnvram get "#li.serial"nvram get "#li.master"
If output of nvram get "#li.master" is YES, as below, then the Sophos Firewall is initial HA primary node.XG210_WP03_SFOS 18.0.5 MR-5# nvram get "#li.master"YES
If output of nvram get "#li.master" is NO, as below, then the Sophos Firewall is initial HA auxiliary node.XG210_WP03_SFOS 18.0.5 MR-5# nvram get "#li.master"No
Details in Sophos Firewall OS v19 is now available
"Known issues" is listed in Sophos Firewall v19.0 release note
If remote access SSL VPN stops working after upgrading from v17.x/v18.x to v19.x, it is most likely to be caused by SSL VPN IPv4 lease range changes in SFOS 19.0
"Known issues" is listed in Sophos Firewall v18.5 release note
2022-12-09, removed content of v18.0, as it has been end of life.
2022-09-07,
2022-04-22, updated with Sophos Firewall OS v19.0
2022-03-22, updated with requirement on firmware filename
2022-02-02, updated URLs
2022-01-17, updated the article to match latest product lifecycle.
2021-10-08, added "Upgrade information", to prevent factory reset after upgrading to non-supported version.
2021-09-20, updated the article to match latest MR version of v18.0
2021-09-02, removed content of v17.5 MR16, as it will be end of life on 30 Nov 2021.
2021-08-04, minor change
2021-07-30, first version
Peers rebooted simultaneously during firmware upgradation | Normally they shouldn't | downtime experienced
Old firmware was 18.0.4 MR-4.
Current firmware is 18.5.3 MR-3
Cluster managed in Sophos central as well.
What can be next POA ??
Did you do the Firmware Upgrade via Central? There is/was an issue about firmware upgrade via Central in HA.
__________________________________________________________________________________________________________________
can you please share the link about the same?
Hi Abid Ahanger : The required information has been shared with you via DM.
Regards,Vishal RanpariyaTechnical Account Manager | Sophos Technical SupportSophos Support Videos | Knowledge Base | @SophosSupport | Sign up for SMS Alerts | If a post solves your question use the 'This helped me' link.
Unfortunatly the link to the Sophos XG disk test isn't working anymore, can you provide the new link?I couldn't find it via the search function.
Grüße
Olaf Pelzer
Hello OlafPelzer, the previous method of disk test is not recommended any more, and has been removed from all knowledge base articles.
Will this article be updated from v19.5?
Hi Andrew,
Thank you for reaching out to Sophos Community.
Also, were grateful for your feedback. I'll report this internally. in the mean time. you can see the latest release note on the following link
https://docs.sophos.com/releasenotes/index.html?productGroupID=nsg&productID=xg&versionID=19.0
You can select v19.5
Erick JanCommunity Support Engineer | Sophos Technical SupportSophos Support Videos | Product Documentation | @SophosSupport | Sign up for SMS AlertsIf a post solves your question use the 'Verify Answer' link.
Hey Eric
This is not only about the release notes, but also about the update process. 19.5 changed update behavior for Central managed firmware upgrades with HA (NC-94863). So my question would be: Will central managed updates now become the "official best practice"?
Hey TheMonzel The mentioned KIL ID is resolved now.
Thanks & Regards,_______________________________________________________________
Vivek Jagad | Team Lead, Global Support & Services
Sophos Community | Product Documentation | Sophos Techvids | SMSIf a post solves your question please use the 'Verify Answer' button.