Help us enhance your Sophos Community experience. Share your thoughts in our Sophos Community survey.

SFOS v19 Early Access Program (Read Only)

Discussions Sophos Firewall: v19.0 EAP2: Feedback and experiences

Thread Info

State Suggested Answer
+1 person also asked this people also asked this
Replies 68 replies
Answers 1 answer
Subscribers 20 subscribers
Views 13397 views
Users 0 members are here

Options

Suggested

Sophos Firewall: v19.0 EAP2: Feedback and experiences

LuCar Toni over 2 years ago

Release Post: https://community.sophos.com/sophos-xg-firewall/sfos-v19-early-access-program/b/announcements/posts/sophos-firewall-os-v19-eap-2-now-available

Old EAP1 post: https://community.sophos.com/sophos-xg-firewall/sfos-v19-early-access-program/f/discussions/131583/sophos-firewall-v19-0-eap1-feedback-and-experiences

Release Notes: https://community.sophos.com/sophos-xg-firewall/sfos-v19-early-access-program/b/announcements/posts/sophos-firewall-v19-xstream-sd-wan

If you occur an potential Bug: Please raise a ticket with the "Feedback" Option in the V19.0 Webadmin!

Paste error.
[bearbeitet von: LuCar Toni um 9:09 PM (GMT -8) am 5 Feb 2022]

Top Replies

David Tschan - Dreikom AG over 2 years ago +1

I updated my SG/XG210 from v19 EAP1 to EAP2 right now...worked flawlessly. But I'm still not able to reconnect my SG/XG210 to Sophos Central like it was with v19 EAP1 already - Error: "temporary error…

Parents

0 MarkusMeister over 2 years ago

Hi LuCar Toni,

I just installed the update from EAP1 to EAP2 and since EAP2 I cannot block any accesses through the firewall.

I have already deleted all rules except "Drop all" but I can still access any resources, e.g. on the Internet (no proxy is used).
Also Tcpdump shows me that the "Drop all" policy is used.
Even if I disable the default SNAT rule, the ping or tracert still works.

Can anyone here understand this?

Regards,

Markus
Cancel
Vote Up 0 Vote Down

Sign in to reply

Verify Answer

Cancel

Reply

0 MarkusMeister over 2 years ago

Hi LuCar Toni,

I just installed the update from EAP1 to EAP2 and since EAP2 I cannot block any accesses through the firewall.

I have already deleted all rules except "Drop all" but I can still access any resources, e.g. on the Internet (no proxy is used).
Also Tcpdump shows me that the "Drop all" policy is used.
Even if I disable the default SNAT rule, the ping or tracert still works.

Can anyone here understand this?

Regards,

Markus
Cancel
Vote Up 0 Vote Down

Sign in to reply

Verify Answer

Cancel

Children

0 LuCar Toni over 2 years ago in reply to MarkusMeister

Do you have a valid Base License?

__________________________________________________________________________________________________________________
Cancel
Vote Up 0 Vote Down

Sign in to reply

Verify Answer

Cancel
0 MarkusMeister over 2 years ago in reply to LuCar Toni

No, thanks for pointing that out, I didn't think of that.
Cancel
Vote Up 0 Vote Down

Sign in to reply

Verify Answer

Cancel
0 LuCar Toni over 2 years ago in reply to MarkusMeister

See: https://community.sophos.com/sophos-xg-firewall/f/recommended-reads/127946/sophos-firewall-v18-impact-of-expired-license

__________________________________________________________________________________________________________________
Cancel
Vote Up 0 Vote Down

Sign in to reply

Verify Answer

Cancel