Guten Abend ,
bei mir in der Firma wollen / müssen wir auf Netzsegmentierung umbauen . Viele Jahre ging alles gut aber nun muss es getrennt werden. Geplant sind aktuell 20 VLAN für unterschiedliche Dinge und Geräte.
Dazu hätte ich mal ein paar fragen…
We have a SFV4C6 firewall loaded on our own Intel Hardware, it has the Base perpetual license along with a subscription for Enhanced Support, Network Protection and Web server protection. I want to setup a passive HA pair and I have the matching hardware…
Dear Forum, I created a new active-passive HA setup which is working flawlessly in terms of basically everything, except one thing which is the auxiliary device management. For some reason i not able to reach it via the aux management ip address, when…
HI
I have Xgs450 V20 that is running under HA. I posted long time about the ability to transfer Trunkvlans from one physical port to a lag physical port. But since i was on an older version I had to do it manually. However the project has been delayed…
Hello,
we performed a firewall migration from an XG450 model to the XGS4500 model last weekend. The firewalls are in a HA configuration. The migration process worked seamlessly. The primary firewall is working with no issue, all services started. To…
Hi,
below diagram right now we have one firewall and one core connectivity we need to change to active passive mode
i have some query regarding configuration.
switch to firewall A1,A2 port will connect what i need to configure in firewall ports…
What's "best practice" regarding HA link network? - at the moment my HA link network (physical port / peer2peer) is zone DMZ -> not cool because SSH access for DMZ zone must be activated or HA will not work anymore -> SSH access from DMZ zone on all HA…
Hi,
we are using standalone firewall, recently we purchase one more firewall XGS3300 we want to put both firewall in HA
i read some KB article what they suggest
1.existing firewall connect DMZ Zone port to new firewall
2.model version ports…
Hallo zusammen,
gibt es in einem degraded Sophs XG HA in dem der Master, die Lizenz hält eine Art Karenzzeit, nach der der Slave die Lizenz "verliert", wenn der Master nicht online ist?
Grüße!
Hi,
we are using xgs3300 that is connected with Sophos central existing device is fully configured and in production we are planning to add one more device for ha.
1.if i will add one more device in ha the existing configuration backup i need to…
I have a HA cluster where it happens now second time that the Aux node was not able to join the cluster or went into fault state after a time of Primary node being down.
First it happened while HA initial setup.
LuCar Toni fixed it via remote access…
There's a thread from two years ago about provisioning HA-Cluster using Sophos Central ( Lite-Touch provisioning HA-Cluster )
The text is still (or again) showing in central and in documentation ( https://docs.sophos.com/nsg/sophos-firewall/21.0/help…
Documentation says for HA active-passive you should select a preferred primary device, because " only the initial primary device holds the licenses and supports services, such as FastPath offloading. ".
Does this mean if auxiliary appliance is currently…
Hi,
We have configured a HA in the site and it was working fine from last one year, HA degraded yesterday, Primary device is showing faulty
All the cable connections are working fine,
How to resolve this issue ?
What would be the reason for…
I have a current setup with a pair of XG210 in HA Active-Passive mode and am preparing to upgrade them to XGS2100 in the same HA configuration. I have a configuration backup from the active XG210 and have attempted to restore it to the new XGS2100 but…
Ok everyone, I am trying to get back to our HA setup and have a few questions.
We have 2 X XGS3100's, the Primary unit is active and currently registered and subscribed. I fired up the second 3100 today, now it is only connected back to the switch thru…
Greetings,
I want to set my Auxiliary device as Primary because I cannot access the web interface of my Primary device. Is there a CLI code for the button I marked in the picture below?
Thank you in advance for your help.
Now the XGS2100 HA Cluster (SFOS 20 GA) also suffers from the same problem as the XG125 Rev.3 (SFOS20 MR2) and the XG115w Rev.3 SFOS20 MR2).
The firewalls start blocking UDP traffic on port 500/4500 for no apparent reason.
It seems to me that faulty…
Good morning!
I have the task of migrating 02 Sophos XG 450 firewalls in HA to 02 Sophos XGS 4500, I would like to have your wise advice, recommendations in these activities. Would it be enough to export the complete backup only from the main xg450…
Good day. I have to upgrade an HA configured XGS3300 that has SFOS version 19.5.2 MR-2-Build624. The question I have is that the firewall tells me to update to versions 20.0.1 MR1-Build342 and 20.0.2 MR2-Build378. Can I directly upgrade to SFOS 20.0.2…
Hello all,
I'm in the process of replacing infrastructure hardware and I'm working on additional redundancies. I'm currently replacing my core switches with an active-active HA pair. I plan to route all traffic through the firewalls for scanning (North…
Hallo liebe Community,
ich würde sehr gerne einmal meinen Einsatz beim Kunden Vorort beschreiben, von Samstag den 10.08.2024.
Der Kunde hat wie oben im Titel zu sehen zwei Sophos 136 im HA, der besagte Kunde hat neue Gebäude gekauft in der nähe seiner…
hi,
i have 2 XG430 in HA firmware version 20.x, now i want to move to new hardware XGS4300 in HA. please advise how can i migrate configuration from old to new hardware???
what steps should i follow???