Hello Sophos and Community,
this topic seems to be an problem for a long time and i have tried to figure out how but i just seems, that there is no way.
We are using the Sophos XG Web API which is for at least some part documented ( https://docs…
Hey folks,
I have 2 XG 310 in an active-active HA. When failover occurs (Primary goes down), the RED tunnel goes down and there is no failover for the RED tunnel. I need to disable and re-enable the RED tunnel...
Is it the correct behavior in…
Hi all,
i'm going to configure HA Active-passive, i'm reading many topics, but are not more detailed
i need to know these: ( On auxiliary device)
1- What is the ip address to set on Port 1 (lan) on auxiliary device.Is't the same one on the primary…
Hi,
I've recently setup a HA active/passive pair of virtual XG firewalls running in VMware, with a branch office setup with a RED tunnel to the HA pair.
Every time we trigger failover between the HA firewalls (ie rebooting or when I upgraded the firmware…
Hi,
we have 3 HA Active/Passive Clusters with XGS136.
They all have Port10 as dedicated HA Port and are linked with 1m patch cables of good quality.
All 6 nodes show dropped packets and some also show port errors on Port10 for RX only.
Some of…
I have a client who has purchased 4 XGS devices and wishes to have a pair located at main site and a pair located at backup site. Can I configure all 4 devices in one cluster and have a 1Gb heartbeat link across to the other site and still have high availability…
good, we have in our infrastructure 2 FW xg 550 I HA active-passive, and we want to connect them to 2 cisco cores, with the maximum number of 10 Gb fiber optic ports to the two switches.
In the old documentation LAG indicated that a maximum of 4 ports…
Today we were alerted by CheckMK about some port errors on one of our 18.5 MR3 HA Clusters.
The issue happened on the dedicated HA Port Port10 on which both machines are connected with 1m CAT6 cable.
Of course, we could change the cable.
But I'd…
Howdy!
My company is moving our XG firewalls from one data center to another. The move requires configuration changes of various sorts (e.g., WAN port IP address). The firewalls are currently running in HA Active-Passive mode. I'll call the active device…
Hi..
After changing from XG to XGS, portmgmt seems to have changed from its predecessor. When the HA configuration is synchronized, is the mgmt port setting synchronized?
I would like to know if it is possible to use mgmtport to enable access to secondary…
Hello! As i mentioned in the title i unplugged the optical modem from our XG HA (Port1 is monitored in HA) and then the 2 XG's are rebooted simultaneously, why? Why does it need to reboot when a link fails? Is this normal behavior? Thank you
Hello,
this morning the still active node of one of our XG 210 cluster (latest firmware) crashed. It was not possible to administrate this firewall via https, ssh and panel. We needed to remove the power plug in order to get it running again. After…
3 XGS136 18.5 MR2 HA Clusters updated to MR3
2 OK
1 failed
The failed cluster sent us mails that the upgrade failed but the primary node did upgrade to MR3.
Then we received mails that HA has been disabled
You are receiving this auto-generated…
SFOS 18.5.2
We've noticed that the peer mgmt IP is not reachable from certain subnets, if the traffic is routed via l3 switch.
investigation showed, that the auxiliary appliance did not sync all routes from the primary, thus it's not reachable from…
What am I doing wrong here?
1st. on the AUX node I went to HA and initiated HA as aux there, selected HA peer IP 10.1.178.5
2nd I went to the PRIMARY node and configured it as primary, selected HA peer IP 10.1.178.6
found this old post, so…
fyi
In an A/S HA Setup. if the Auxiliary is active and you check the box " Fail back to primary device after it recovers ", it will always failback to the auxiliary and not to the primary. basically makes the auxiliary the preferred appliance.
to…
our customer replaced the Auxilary device in a XG A/S Cluster.
The primary XG runs 18.5.1 and has no other software in the second boot partition
the aux appliance was flashed with 18.5.1 but during the initial setup it automatically installed 18…
I see this has happened to a few people before where you are setting up HA or have setup HA and for some reason when you click on the System services menu it gets stuck on the HA page and won't let you get past it. I have 2 x brand new XGS2300's to configure…
our customer has a HA Cluster containing 2x SG330 Rev 1 running SFOS 18.5.1 MR-1-Build326. within the same week the primary devices failed and did not failover to the auxiliary. It was necessary to manual power off the primary to trigger a failover to…
Hello,
First of all, i wish you a Happy new year !
I'm writing to you because our customer has a Sophos UTM firewall in version 9.7 for almost 2 years.
Our customer claims to have tested the Slave firewall in the meantime and it was working fine…
We have 2x XGS2100 (SFOS 18.5.2 MR-2-Build380) in High availablity in (Active-Passive)
They have a Dedicated HA link
Dedicated peer HA link IPv4 address 192.168.10.2
Dedicated peer HA link IPv4 address 192.168.10.1
When I look in Log viewer…
Hello Community,
I have an active-passive setup with two XGS 2300 (SFOS 18.5.2). HA is working. Both boxes are connected to the internet and LAN, also the HA-Link is established. The Firewall have 3 WAN Uplinks, but now only one is connected.
Now…
Hey there,
I´ve set up a Sophos XG cluster with 2 Sophos VMs. After the init the peer VM restarted but never came up. At a look at the console I saw this:
A simple restart of the VM doesn´t change anything. How can I fix that? A memory and disk…