This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Sophos UTM 9.407-3 released


Up2Date 9.407003 package description:

Remarks:
System will be rebooted
Configuration will be upgraded
Connected REDs will perform firmware upgrade
Connected Wifi APs will perform firmware upgrade

News:
Maintenance Release

Bugfixes:
Fix [NUTM-4079]: [AWS] DNS Resolver too slow for ELBs
Fix [NUTM-3885]: [Access & Identity] [RED] RED50 reconnecting every 30 minutes
Fix [NUTM-4502]: [Access & Identity] [RED] reactivating RED management causes problem with provisioning server
Fix [NUTM-4749]: [Access & Identity] [RED] interface default routes are not written
Fix [NUTM-4832]: [Access & Identity] 9.404 SSL site-to-site VPN client is not compatibal with older UTM versions
Fix [NUTM-4870]: [Access & Identity] STAS: Packetfilter rule is written too late when enabling the feature
Fix [NUTM-4875]: [Access & Identity] 9.404 SSL site-to-site VPN doesn't work with static IP setting
Fix [NUTM-4881]: [Access & Identity] IPsec remote access xauth fails with "could not find cache entry"
Fix [NUTM-4918]: [Access & Identity] HTML5 VPN: Portuguese (Brazil) keyboard doesn't appear to support special characters
Fix [NUTM-4974]: [Access & Identity] UTM unable to connect to support tunnel
Fix [NUTM-4981]: [Access & Identity] [RED] RED management can't be reactivated after a Backup / Restore
Fix [NUTM-4987]: [Access & Identity] 9.404 SSL site-to-site VPN client compatibility to older openvpn versions
Fix [NUTM-5004]: [Access & Identity] [RED] misleading peer status send
Fix [NUTM-4941]: [Basesystem] NTP Vulnerability
Fix [NUTM-5132]: [Basesystem] Disable weak ciphers for webadmin
Fix [NUTM-3180]: [Confd] IP Address change was not applied properly to the interface
Fix [NUTM-4346]: [Documentation] Enhance documentation regarding unencrypted SSO AD password in printable configuration
Fix [NUTM-3225]: [Email] JSON error when accessing Data Loss Prevention Tab and SMTP Profiles
Fix [NUTM-3483]: [Email] Missing/incomplete logging for sandstorm in SMTP proxy
Fix [NUTM-3505]: [Email] MIME type blacklist can be bypassed if an another file is whitelisted
Fix [NUTM-3666]: [Email] Mail log in user portal is case-sensitive
Fix [NUTM-3667]: [Email] RAR and XLSX files causing Scanner timeout or deadlock - moving to error queue
Fix [NUTM-4331]: [Email] Implement more error handling in QMGR for error cases
Fix [NUTM-4874]: [Email] SMTP proxy can't be disabled when upgrading from 9.31x
Fix [NUTM-5228]: [Email] change LogLevel in httpd-spx-reply.conf to warn
Fix [NUTM-5355]: [Email] Increase AV Scanner timeout to 60 seconds
Fix [NUTM-2768]: [HA/Cluster] 36307: Postgres can't be started on Slave / rsync error: error in socket IO (code 10) at clientserver.c(122) [receiver=3.0.4]
Fix [NUTM-4894]: [Logging] Fallback log on slave node is filling up the partition
Fix [NUTM-1954]: [Network] 35457: Amazon vpc gets imported but quagga doesnt start
Fix [NUTM-3092]: [Network] snmp does not work: because 10G modules query of link status timeout if no GBIC is plugged
Fix [NUTM-3115]: [Network] AFC misclassifying HTTPS connections as 'OpenVPN'
Fix [NUTM-3157]: [Network] [INFO-152] Network Monitor not running - restarted
Fix [NUTM-3229]: [Network] IPv6 over transparent proxy
Fix [NUTM-3247]: [Network] Spam Filter cannot query database servers from Slave if a block all AFC rule exists
Fix [NUTM-4037]: [Network] Update kernel to 3.12.58
Fix [NUTM-4992]: [Network] Unitymedia / KabelBW customer getting always the MTU 576
Fix [NUTM-4885]: [Reporting] SSL VPN reporting shows no user with a "#" sign in the username
Fix [NUTM-4593]: [Sandboxd] Constant error when inserting record into sandstorm transactionlog table
Fix [NUTM-5128]: [Virtualization] Incorrect interface order on HyperV
Fix [NUTM-4868]: [WAF] WAF service restart issue (segmentation fault in mod_avscan)
Fix [NUTM-5266]: [WAF] Form auth default template login not possible with chrome and FF
Fix [NUTM-4916]: [WebAdmin] User portal: add Windows 10 to list of supported OSs for SSL VPN
Fix [NUTM-2447]: [Web] 36231: HTTP proxy policy matching with backend groups is sometimes not working
Fix [NUTM-4525]: [Web] Handle ha zeroconf for sandbox_reportd
Fix [NUTM-4806]: [Web] postgres[xxxxx]: [x-x] STATEMENT: INSERT INTO TransactionLog
Fix [NUTM-4877]: [Web] segfault after installing ep-httpproxy-9.40-319.g32fa996.i686.rpm
Fix [NUTM-4127]: [WiFi] MAC filter whitelist does not work after editing the MAC Address List
Fix [NUTM-4451]: [WiFi] Mesh AP doesn't connect after deleting the AP from webadmin
Fix [NUTM-4913]: [WiFi] Hotspot voucher QR code pointing to IP address instead of configured host name
Fix [NUTM-5032]: [WiFi] 'STA WPA Failure' messages not appearing in wireless log

RPM packages contained:
firmwares-bamboo-9400-0.239798409.gadeedea.rb1.i586.rpm
freerdp-1.0.2-5.g9ab7846.rb6.i686.rpm
modavscan-9.40-88.g4be0a1f.rb3.i686.rpm
perf-tools-3.12.58-0.238097715.g942ca6f.rb5.i686.rpm
red-firmware2-5033-0.237486050.g1d6fa2f.rb1.noarch.rpm
red15-firmware-5033-0.237486204.g88604a9.rb4.noarch.rpm
uma-9.40-9.g4114428.rb3.i686.rpm
ep-reporting-9.40-28.g366bbbd.rb8.i686.rpm
ep-reporting-c-9.40-29.gdbdd0e5.rb7.i686.rpm
ep-reporting-resources-9.40-28.g366bbbd.rb8.i686.rpm
ep-aua-9.40-29.g044c154.rb4.i686.rpm
ep-branding-ASG-afg-9.40-45.ga7a71f4.rb4.noarch.rpm
ep-branding-ASG-ang-9.40-45.ga7a71f4.rb4.noarch.rpm
ep-branding-ASG-asg-9.40-45.ga7a71f4.rb4.noarch.rpm
ep-branding-ASG-atg-9.40-45.ga7a71f4.rb4.noarch.rpm
ep-branding-ASG-aug-9.40-45.ga7a71f4.rb4.noarch.rpm
ep-confd-9.40-758.g4ba8297.i686.rpm
ep-confd-tools-9.40-699.g3e73a8d.rb11.i686.rpm
ep-endpoint-0.5-0.238842559.g74c0041.rb3.i686.rpm
ep-ha-aws-9.40-193.gbbbdb1f.rb1.noarch.rpm
ep-libs-9.40-18.g98311c6.rb4.i686.rpm
ep-mdw-9.40-473.gbb2acca.rb1.i686.rpm
ep-migration-agent-9.40-0.238246977.g97d8100.rb2.i686.rpm
ep-repctl-0.1-0.236091535.g244907c.rb4.i686.rpm
ep-screenmgr-9.40-1.g05ac056.rb11.i686.rpm
ep-utm-watchdog-9.40-9.gb87dc68.rb5.i686.rpm
ep-webadmin-9.40-649.gcf9df68.rb15.i686.rpm
ep-webadmin-contentmanager-9.40-48.g2579cc5.rb7.i686.rpm
ep-chroot-dhcpc-9.40-7.g5875cb6.rb4.noarch.rpm
ep-chroot-httpd-9.40-13.g05599fc.rb4.noarch.rpm
ep-chroot-smtp-9.40-108.g7e71836.rb1.i686.rpm
chroot-ntp-4.2.8p8-0.g2398560.rb7.i686.rpm
chroot-openvpn-9.40-26.g733afa5.rb6.i686.rpm
chroot-reverseproxy-2.4.10-242.g832ffb5.rb3.i686.rpm
ep-httpproxy-9.40-351.gd42c00a.rb8.i686.rpm
kernel-smp-3.12.58-0.238097715.g942ca6f.rb6.i686.rpm
kernel-smp64-3.12.58-0.238097715.g942ca6f.rb6.x86_64.rpm
ep-release-9.407-3.noarch.rpm



This thread was automatically locked due to age.
Parents
  • After Update to 9.407-3 (ha-system) I see that on the shell:

     

    <M> gateway:/ # nl80211 not found.
    nl80211 not found.
    nl80211 not found.
    nl80211 not found.
    nl80211 not found.
    nl80211 not found.
    nl80211 not found.
    nl80211 not found.
    nl80211 not found.
    nl80211 not found.
    nl80211 not found.
    nl80211 not found.
    nl80211 not found.
    nl80211 not found.
    nl80211 not found.
    nl80211 not found.
    nl80211 not found.
    nl80211 not found.
    nl80211 not found.
    nl80211 not found.
    nl80211 not found.
    nl80211 not found.
    nl80211 not found.
    nl80211 not found.
    nl80211 not found.
    ....
    ....

     

    ??????

     

    What's wrong there?

  • Alphatec said:

    After Update to 9.407-3 (ha-system) I see that on the shell:

     

    <M> gateway:/ # nl80211 not found.
    nl80211 not found.

     

    What's wrong there?

     

     

    can you post the wireless live log?

     

    UPDATE:

    Also try this thread - do you have AP30s?:

     

    https://community.sophos.com/products/unified-threat-management/f/wireless-security/77476/ap30-unstable-since-9-401

    -----

    Best regards
    Martin

    Sophos XGS 2100 @ Home | Sophos v20 Technician

  • We have two AP30 , one AP50 and two AP55

     

    part of the wirless.log:

     

    2016:10:05-08:21:08 A4002D1C8EF0621 hostapd: wlan8: STA 00:61:71:ab:a9:5e IEEE 802.11: associated (aid 1)
    2016:10:05-08:21:08 A4002D1C8EF0621 hostapd: wlan8: STA 00:61:71:ab:a9:5e WPA: pairwise key handshake completed (RSN)
    2016:10:05-08:21:08 A4002D1C8EF0621 awelogger[3165]: id="4104" severity="info" sys="System" sub="WiFi" name="STA association" ssid="KoelleGuest" ssid_id="WLAN0.1" bssid="00:1a:8c:9d:a6:d5" sta="00:61:71:ab:a
    9:5e" status_code="0"
    2016:10:05-08:21:08 A4002D1C8EF0621 awelogger[3165]: id="4101" severity="info" sys="System" sub="WiFi" name="STA connected" ssid="KoelleGuest" ssid_id="WLAN0.1" bssid="00:1a:8c:9d:a6:d5" sta="00:61:71:ab:a9:
    5e"
    2016:10:05-08:25:03 192.168.132.2 hostapd: wlan0: STA 4c:66:41:6b:21:de WPA: group key handshake completed (RSN)
    2016:10:05-08:25:03 192.168.132.2 hostapd: wlan0: STA 10:41:7f:07:d2:4f WPA: group key handshake completed (RSN)
    2016:10:05-08:25:03 192.168.132.2 hostapd: wlan0: STA ac:5f:3e:b4:55:04 WPA: group key handshake completed (RSN)
    2016:10:05-08:25:04 192.168.132.2 hostapd: wlan0: STA 38:71:de:5f:6f:db WPA: group key handshake completed (RSN)
    2016:10:05-08:25:04 192.168.132.2 hostapd: wlan0: STA 50:7a:55:1b:5b:c7 WPA: group key handshake completed (RSN)
    2016:10:05-08:25:04 192.168.132.2 hostapd: wlan0: STA 90:60:f1:38:b7:44 WPA: group key handshake completed (RSN)
    2016:10:05-08:25:04 192.168.132.2 hostapd: wlan0: STA ac:5f:3e:4c:ec:12 WPA: group key handshake completed (RSN)
    2016:10:05-08:25:07 192.168.132.2 awelogger[1289]: id="4105" severity="info" sys="System" sub="WiFi" name="STA WPA failure" ssid="KoelleGuest" ssid_id="WLAN0.0" bssid="00:1a:8c:2e:60:70" sta="00:61:71:ab:a9:
    5e" reason_code="2"
    2016:10:05-08:25:07 192.168.132.2 awelogger[1289]: id="4102" severity="info" sys="System" sub="WiFi" name="STA disconnected" ssid="KoelleGuest" ssid_id="WLAN0.0" bssid="00:1a:8c:2e:60:70" sta="00:61:71:ab:a9
    :5e"
    2016:10:05-08:25:12 192.168.132.2 hostapd: wlan0: STA 00:61:71:ab:a9:5e IEEE 802.11: deauthenticated due to local deauth request
    2016:10:05-08:25:18 192.168.132.5 hostapd: wlan1: STA 00:17:23:a7:13:0d WPA: group key handshake completed (RSN)
    2016:10:05-08:25:18 192.168.132.5 hostapd: wlan1: STA 00:17:23:a7:0d:e0 WPA: group key handshake completed (RSN)
    2016:10:05-08:28:12 A4002D1C8EF0621 hostapd: wlan8: STA 00:61:71:ab:a9:5e WPA: group key handshake completed (RSN)
    2016:10:05-08:30:08 A4002D1C8EF0621 awelogger[3165]: id="4103" severity="info" sys="System" sub="WiFi" name="STA authentication" ssid="KoelleGuest" ssid_id="WLAN0.1" bssid="00:1a:8c:9d:a6:d5" sta="48:74:6e:9
    8:3e:0c" status_code="0"
    2016:10:05-08:30:08 A4002D1C8EF0621 hostapd: wlan8: STA 48:74:6e:98:3e:0c IEEE 802.11: authenticated
    2016:10:05-08:30:08 A4002D1C8EF0621 hostapd: wlan8: STA 48:74:6e:98:3e:0c IEEE 802.11: associated (aid 2)
    2016:10:05-08:30:08 A4002D1C8EF0621 awelogger[3165]: id="4104" severity="info" sys="System" sub="WiFi" name="STA association" ssid="KoelleGuest" ssid_id="WLAN0.1" bssid="00:1a:8c:9d:a6:d5" sta="48:74:6e:98:3
    e:0c" status_code="0"
    2016:10:05-08:30:12 A4002D1C8EF0621 awelogger[3165]: id="4105" severity="info" sys="System" sub="WiFi" name="STA WPA failure" ssid="KoelleGuest" ssid_id="WLAN0.1" bssid="00:1a:8c:9d:a6:d5" sta="48:74:6e:98:3
    e:0c" reason_code="2"
    2016:10:05-08:30:16 A4002D1C8EF0621 hostapd: wlan8: STA 48:74:6e:98:3e:0c IEEE 802.11: authenticated
    2016:10:05-08:30:16 A4002D1C8EF0621 hostapd: wlan8: STA 48:74:6e:98:3e:0c IEEE 802.11: associated (aid 2)
    2016:10:05-08:30:16 A4002D1C8EF0621 awelogger[3165]: id="4103" severity="info" sys="System" sub="WiFi" name="STA authentication" ssid="KoelleGuest" ssid_id="WLAN0.1" bssid="00:1a:8c:9d:a6:d5" sta="48:74:6e:9
    8:3e:0c" status_code="0"
    2016:10:05-08:30:16 A4002D1C8EF0621 awelogger[3165]: id="4104" severity="info" sys="System" sub="WiFi" name="STA association" ssid="KoelleGuest" ssid_id="WLAN0.1" bssid="00:1a:8c:9d:a6:d5" sta="48:74:6e:98:3
    e:0c" status_code="0"
    2016:10:05-08:30:20 A4002D1C8EF0621 awelogger[3165]: id="4105" severity="info" sys="System" sub="WiFi" name="STA WPA failure" ssid="KoelleGuest" ssid_id="WLAN0.1" bssid="00:1a:8c:9d:a6:d5" sta="48:74:6e:98:3
    e:0c" reason_code="2"
    2016:10:05-08:30:21 A4002D1C8EF0621 hostapd: wlan8: STA 48:74:6e:98:3e:0c IEEE 802.11: authenticated
    2016:10:05-08:30:21 A4002D1C8EF0621 hostapd: wlan8: STA 48:74:6e:98:3e:0c IEEE 802.11: associated (aid 2)
    2016:10:05-08:30:21 A4002D1C8EF0621 awelogger[3165]: id="4103" severity="info" sys="System" sub="WiFi" name="STA authentication" ssid="KoelleGuest" ssid_id="WLAN0.1" bssid="00:1a:8c:9d:a6:d5" sta="48:74:6e:9
    8:3e:0c" status_code="0"
    2016:10:05-08:30:21 A4002D1C8EF0621 awelogger[3165]: id="4104" severity="info" sys="System" sub="WiFi" name="STA association" ssid="KoelleGuest" ssid_id="WLAN0.1" bssid="00:1a:8c:9d:a6:d5" sta="48:74:6e:98:3
    e:0c" status_code="0"
    2016:10:05-08:30:25 A4002D1C8EF0621 awelogger[3165]: id="4105" severity="info" sys="System" sub="WiFi" name="STA WPA failure" ssid="KoelleGuest" ssid_id="WLAN0.1" bssid="00:1a:8c:9d:a6:d5" sta="48:74:6e:98:3
    e:0c" reason_code="2"
    2016:10:05-08:30:30 A4002D1C8EF0621 hostapd: wlan8: STA 48:74:6e:98:3e:0c IEEE 802.11: deauthenticated due to local deauth request
    2016:10:05-08:30:51 192.168.132.2 hostapd: wlan0: STA 48:74:6e:98:3e:0c IEEE 802.11: authenticated
    2016:10:05-08:30:51 192.168.132.2 hostapd: wlan0: STA 48:74:6e:98:3e:0c IEEE 802.11: associated (aid 6)
    2016:10:05-08:30:51 192.168.132.2 awelogger[1289]: id="4103" severity="info" sys="System" sub="WiFi" name="STA authentication" ssid="KoelleGuest" ssid_id="WLAN0.0" bssid="00:1a:8c:2e:60:70" sta="48:74:6e:98:
    3e:0c" status_code="0"
    2016:10:05-08:30:51 192.168.132.2 awelogger[1289]: id="4104" severity="info" sys="System" sub="WiFi" name="STA association" ssid="KoelleGuest" ssid_id="WLAN0.0" bssid="00:1a:8c:2e:60:70" sta="48:74:6e:98:3e:
    0c" status_code="0"
    2016:10:05-08:30:55 192.168.132.2 awelogger[1289]: id="4105" severity="info" sys="System" sub="WiFi" name="STA WPA failure" ssid="KoelleGuest" ssid_id="WLAN0.0" bssid="00:1a:8c:2e:60:70" sta="48:74:6e:98:3e:
    0c" reason_code="2"
    2016:10:05-08:30:56 A4002D1C8EF0621 hostapd: wlan0: STA 48:74:6e:98:3e:0c IEEE 802.11: authenticated
    2016:10:05-08:30:56 A4002D1C8EF0621 hostapd: wlan0: STA 48:74:6e:98:3e:0c IEEE 802.11: associated (aid 1)
    2016:10:05-08:30:56 A4002D1C8EF0621 awelogger[2931]: id="4103" severity="info" sys="System" sub="WiFi" name="STA authentication" ssid="KoelleGuest" ssid_id="WLAN0.0" bssid="00:1a:8c:9d:a6:dd" sta="48:74:6e:9
    8:3e:0c" status_code="0"
    2016:10:05-08:30:56 A4002D1C8EF0621 awelogger[2931]: id="4104" severity="info" sys="System" sub="WiFi" name="STA association" ssid="KoelleGuest" ssid_id="WLAN0.0" bssid="00:1a:8c:9d:a6:dd" sta="48:74:6e:98:3
    e:0c" status_code="0"
    /var/log/wireless.log lines 4676817-4676860/4676860 (END) nl80211 not found.

  • It looks like the bug they described in the thread I wrote earlier, try to restart awed services and power cycle AP30's, if that's not helping refer to case "NUTM-3128"

    -----

    Best regards
    Martin

    Sophos XGS 2100 @ Home | Sophos v20 Technician

  • Now all AP's are active but the "nl80211 not found" message still comes.

    This night on of the AP55 had a lot of reboots, it's really strange.

    With the 9.405 we hat no problems, all worked fine and now that ... :(

     

    /André

Reply Children
No Data