Sophos XG Firewall - License activation unavailable (error XG-00151). See KB-000043485 for the latest updates.

Getting updates on older hardware?

Hey,, i am using the UTM9 and have been doing that in many years on kvm and custom hardware with a home license. The product is perfect and very stable both receive updates as long as the home license is valid and can be renewed

In my understanding the hardware provided by Sophos utm/sg/ng is in fact much similar / identical to regular x86 hardware and support running pfsense vyos or other similar open source firewalls until the device fails mechanically.

The EOL on the Sophos site says that software updates will stop on these older devices. That confuses me a lot, i understand phone support and repair on the devices stops when they reach EOL. But what about receiving software updates on working devices, why would the software updates stop when it will continue on our own custom build hardware with almost the same or similar hardware when it is just plain x86 hardware ?

Top Replies

  • Hello rMI,

    Thank you for contacting the Sophos Community.

    Where did you read that?

    The retirement calendar  doesn't mention the UTM going end of Life for v9, so as long as you keep a valid License for Sophos UTM, you shouldn't have any issue. 

    Regards,


     
    Emmanuel (EmmoSophos)
    Community Support Engineer | Sophos Technical Support
    Sophos Support VideosProduct Documentation  |  @SophosSupport  | Sign up for SMS Alerts
    If a post solves your question use the 'Verify Answer' link.
  • Hey EmmoSophos, it was under the UTM and XG devices that are EOL now or have EOL dates set, The glosary says:

    • The affected model will no longer receive any software updates or bug fixes of any kind.

    What i am interested in understanding are if these devices will stop receiving software updates, as the older UTM did. and why?

    the older utms was rebranded nexcoms, (regular x86 hw) and they will receive updates but not the Sophos ones. . 

  • And this raises the question what will happen with NG (when eol is reached) and SG (when EOL is set and reached) ?  - Because just running virtual in kvm or building own system would not get obsolete. 

  • If you have an old Sophos Appliance and it stops automatically downloading Up2Dates, use the trick in  ASG 425 Display with home license to make the appliance appear to be just a regular PC.  The again, f you're already running a home license on a Sophos appliance, you must already have done something to make it appear to be a regular non-Sophos device to the Up2Date servers.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • i have never used the dedicated sophos hardware in the fear of the hardware getting unsupported for no reason, but have been tempted many times, it's kinda nice hardware :) 

    i have always just made a custom powerfull box or deployed it virtual on proxmox/kvm this has no EOL and performs extremely well.

    i understand that the UTM line can't update without a hack, what about the newer XG line, some get EOL 2021 some in 2022 and the last in 2024, will these turn into paperweight to ? 

  • Your approach to using non-Sophos hardware is what I recommend for the free home-use license.  Sometimes, I recommend your approach with the paid UTM software licenses.

    The EOL issue has to do only with paid Sophos Support.  After a device is EOL, Support may not connect to your Sophos appliance.

    No hack is needed to update UTM or XG.  After EOL, they can be used with the free home-use licenses via the trick explained above.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA