This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Sophos Firewall: v20.0 EAP1: Feedback and experiences

Top Replies

  • Will FQDN support for SD-WAN probes be available in this EAP?

    Also, thanks for the Early Access!


    If a post solves your question use the 'Verify Answer' button.

    Ryzen 5600U + I226-V (KVM) v20 MR1 @ Home

    XG 115w Rev.3 8GB RAM v19.5 MR3 @ Travel Firewall

  • Have upgraded 3 in my LAB environment, all with RED Server tunnels, not wokring anymore, even try to recreate, but just sees error:

    Tue Sep 26 10:32:33 2023Z REDD ERROR: server: Can not do SSL handshake on Socket accept from x.x.x.x': SSL accept attempt failed error:1417A0C1:SSL routines:tls_post_process_client_hello:no shared cipher
    Tue Sep 26 10:32:35 2023Z REDD ERROR: server: Can not do SSL handshake on Socket accept from 'x.x.x.x': SSL accept attempt failed error:1417A0C1:SSL routines:tls_post_process_client_hello:no shared cipher

    -----

    Best regards
    Martin

    Sophos XGS 2100 @ Home | Sophos v20 Architect

  • Anonymous
    0 Anonymous in reply to twister5800

    I'm also experiencing RED issues after upgrading. I use Firewall to Firewall RED tunnels.

  • Hi Can you please share the SFOS version where client is configured?

  • No - HTTPS and FQDN Support for probing is not included but considered for an upcoming release. 

    __________________________________________________________________________________________________________________

  • Eliminate False Missing Heartbeats – Devices that are in sleep or hibernate mode will no longer generate a
    missing heartbeat reducing false alerts and notifications

    Sounds good. Is it just disabled or max. delayed or ist it really "fixed" it think this would have been an endpoint issue?

    also great, that really made it into v20:  Firewall v20 introduces a new hardened and highly secure, containerized self-service VPN portal.

    I'm strongly interested to see a screenshot of that feature:
    Object Reference Lookup – You can now see the usage count of all host and service objects as well as a full
    list of all locations where that object is referenced such as in rules, policies, routing, etc. You can also directly
    edit or remove objects for many entities without switching context from the hosts and services list.

  • __________________________________________________________________________________________________________________

  • Thank you!

    nice. and also with a link to the reference! I think it is the same for rule references?

  • __________________________________________________________________________________________________________________

  • Hi Martin,

    Thank you for participating in EAP program and providing feedback.

    We acknowledge the issue and we are tracking this issue internally via NC-125221. The fix will be available in future release.

    Meanwhile we have a workaround to mitigate the issue.

    Please disable Force TLS 1.2 from Web admin console on RED Server side as shown in attached image.

    Please provide feedback after applying the work around.

    Apology for inconvenience caused.