DO NOT INSTALL 9.703-2!!!

Hallo Wilfried and welcome to the UTM Community!

I can't believe that no one at Sophos knows where those keys are stored.  Have you tried opening a case with Sophos Support?

Cheers - Bob

Sorry, Bob,

that has been our experience. Our sorry experience has cost us € 1.700 so far.

Here's the timeline:

2019-12-18 we order our second SG230
2020-01-08 we run into the SPX PWD problem and contact our supplier
2020-01-19 they cannot help & refer us to Sophos directly
2020-01-25 we order 1 yr. Sophos "Premium Support", the above mentioned ticket is started
2020-02-14 they tell us that "currently SPX registered recipients cannot be saved or included in the backup" (I call that a bug, not a feature request)
2020-02-25 the ticket is basically closed by Sophos Premium Support with the following statement & suggesting more paid help by their Professional Service Team:

I can neither confirm nor negate whether a partial port of the corresponding database table is possible (and whether support for any problems resulting from this is still guaranteed).

Our management was not inclined to "chase good money after bad", so we left it at that. Case closed.

Until Sophos nuked us all with 9.703-2 ... So, is there anybody out there who can help?

Best regards,
Wilfried

Hi Wilfried,

maybe (but really maybe) a short look in the REST API can help to get your SPX recipients back.. but only if you have a machine with the old database running and useful to get REST calls running on it. as far as i read if you run into this bad firmware bug the machine becomes usesless after short uptime :-(

hope others has suggestions to help you fix this out.

When will a fix probatly released?

I have some medical instution as customers, who already patched to 9.703 and now we have some major issues. Like massive ping drops via RED UTM to UTM tunnel.

As we can not simply take them down and reinstall, as this would affect to much services..

Now they have a problem with voice as this transits via the RED tunnel.

Any news on the fix yet?

The database file with the spx data should be: /var/storage/chroot-smtp/spx/auth/spx-auth-v2.ks

Regards,

Marco

Apparently, there's a patch for 9.703 that fixes a conflict that 9.703 had with IPsec.  I will test that in about 3 hours.

Cheers - Bob

Hi All,

A new v9.703 update is currently being tested, and is targeted for release during the week of Apr 20. Both customers running on v9.702 and the previous version of v9.703 will be able to upgrade to this new version. 

The Advisory KBA has been updated to provide more information regarding this incident:

• Advisory: Sophos UTM - Traffic not passing after upgrading to v9.703

Regards,

Hello Flo_Support,

this is the first time I feel like being informed about this matter in a timely manner and directly from a Sophos source. I appreciate that very much.

I agree it is novel that we are actually told something constructive from Sophos.

but is this premature? are we looking at another RED issue that was not fixed for six months (even though they 'said' they had fixed it twice)? - apologies the cynic in me came out ... 

I do understand that they do a lot of work in the back-ground, the UTM has had little or no information about updates, new builds, EAP or Road Maps. Will this change now?

Although this should not have happened in the first place!

will I get some sort of recompense for having to go into work (on Bank Holiday Monday) to fix the issue (by rebuilding the firewall from scratch)?

I always try to look on the positive side, the issues with the UTM and associated equipment has been un-helpful.

Hi All,

UTM v9.7 MR3 was re-released on, 23 April 2020.

More info available in the UTM release notes post.

Regards,