Sophos UTM 9.510-4 released - let's share experiences!

Sorry, yes, 9.510-5 indeed..... Still no problems so looks good so far. Next weekend most likely going to also upgrade the largest site which also heavily uses mail protection.

Still no problems may be a little exaggerated.

 For one of our customers (2500 mailboxes, 1500 mobile devices), we have to move the Sophos cluster 2-3 times a day. We have Exchange behind the WAF and we suspect that the Apache web server cannot process the amount of access. The message 'Scoreboard is full' will appear in the WAF log, and shortly afterwards no Active Sync or Outlook Anywhere access will work. After rebooting the active node, everything works again until the next scoreboard error. This is actually not a very large environment there, but it seems that Sophos is only designed for home use or SMBs.

We also noticed that UTM does not support load balancing with Exchange 2016, here the Exchange servers have to be flagged as 'hot standby', which works fine with Exchange 2016.

With Exchange 2013 Load Balancing was no Problem.

That's why we opened a support ticket about 6 weeks ago, which has escalated to the development department, but so far we haven't received an answer.

For this reason, we have now routed HTTPS traffic around Sophos directly to Exchange servers and use the UTM only for SMTP spam filtering.

 Hopefully this problem will finally be solved in a future version and load balancing with Exchange 2016 will also work.

Raven, you're not the first person to report this here - that started three years ago.  Are you saying that these problems only began after Up2Dating to 9.510-5?

Have you tried the following?

cc set reverse_proxy max_threads_per_process 75

I don't know when that gets reset, but I'd guess that it would possibly be during an Up2Date.  You can check the value with:

cc get reverse_proxy max_threads_per_process

I'm surprised that Support didn't try that.

There's another thread here somewhere where the load-balancing solution for Exchange 2016 is, apparently, a different load-balancing tool.

Cheers - Bob

If you clear cache in IE it works fines. Assume the same for edge.

I refreshed the website several times (F5) and then it worked without resetting the web browser.

My SG125 appears to have decided to brick itself on the upgrade to 9.510. Don't think it was the upgrade as it won't post and is a Rev 1 SG125 with the Intel Atom SOC S2000 series that is known to puke it's clock then brick itself. :) RMA requested.

Hello,

I can confirm the "resolver priming query complete" flood in DNS-Proxy-Log. Fills up quite fast. Is there a way to switch the parameters back from the now "verbose" configuration?

BR,

TP

@HanspeterHolzer

Thanks for the update.  I won't even think about upgrading til sometime in october.  This issue indeed sounds like excessive logging was enabled for some reason but never turned back off.  Maybe fixed in the next update¿?

I asked Sophos Support about all these problems with UTM websites acting broken until the browser cache is cleared.   Level 1 support says they don't know anything about the problem because there have been no cases opened.   I am less concerned about the admin websites than I am about User Portal -- I don't want to explain how to clear cache in every browser with every user.   Has nobody made an issue about this with Support?

If you have, it would be great if you could PM your case number so that I can tell Support where to look.

Hi Community,

Regarding the "Invalid request" issue while trying to access the mail manager:

• We are aware of some customers experiencing this minor intermittent issue.
• Workarounds to this include refreshing the page or clearing out the browser's cache.

If you are experiencing different symptoms or unable to resolve this issue via the workarounds above, please raise a support case and PM me with your support case number for followup.

Regards,