Advisory: Sophos Endpoint - "Your connection isn't private." We're aware of a certificate issue and are actively working to resolve it. Please see: KB-000045954 for the latest updates.

Alerts about deregistration and stopped Central Services

Hey guys,

I have a question about connecting to Sophos Central.

I have connected my XG Firewall to Sophos Central to try the Central Firewall Manager. After finishing my tests I unregistered it. But now I get a Fresh Alert every day that there is no communication with Sophos Central and also a message that several services have been stopped (I guess these are services were started before to communicate with Central). Is there a way to clear the warning message and "reset" the services?

Thank you in advance!

  • This is related to the XG Control Center handling of services.

     

    XG Control center monitors all services and indicates, if a service is in status stopped. 

    Thats a useful indication for general issues. 

    Some processes will not switch into "unregistered" after deleting the module, instead they will stop. 

    So XG will indicate, your firewall has stopped services, in the meantime, those services should switch to unregistered. 

     

    As far as i know, this is on the road map for a Maintenance release after GA. (More or less only cosmetic issue) 

     

    There are two workarounds:

    Reinstall XG and restore a backup without registration.

    Reconnect the XG to Central.

     

    Central Management does not need any license. So to speak, you could keep the connection of XG to Central. 

    (There are only advantages?) 

     

     correct me, if i am wrong. 

    __________________________________________________________________________________________________________________

  • LuCar Toni said:
    Reinstall XG and restore a backup without registration.

    Haha I think reconnecting it to Central is the much smoother workaround here.

    Thanks again for your help, Lucar [Y]

    Intrusus
    Sophos Certified Engineer | Sophos Certified Technician

    private lab:
    XG firewall with SFOS 18.0.3 MR-3
    Intercept X Advanced (for Server) with EDR EAP latest
    If a post solves your question use the 'Verify Answer' link

  • Hey Sophos-Team,
    Hey Community,

    so I tried to deregister again after the Update to SFOS v18 GA just to see if there were made some bugfixes.

    The shown stopped Central Services after deregistration were fixed. Thank you. Possibly it was also due to a reboot. At least I can't find anything about it in the "Fixed Issue" section.

    But: The warning message that the XG is no longer connected to Central unfortunately still exists. In general, some kind of acknowledgement should be implemented (with options permanent or temporary) to hide this and other messages. If I make the WebAdmin interface of my customers' XGs available over the WAN, for example, it will also show me a warning message all the time. But for us as an IT service provider this is a fast and efficient method if we need to access the systems from outside without connecting via VPN first.



    Just see it as a feature request / feedback. ;)

    Cheers,

    Intrusus
    Sophos Certified Engineer | Sophos Certified Technician

    private lab:
    XG firewall with SFOS 18.0.3 MR-3
    Intercept X Advanced (for Server) with EDR EAP latest
    If a post solves your question use the 'Verify Answer' link