SUM: v4.309-9
Sophos UTM: v9.705003
------------------------
Hello everyone,
for a while now, I'm having a problem with Sophos SUM deployment.
I've got a multiple UTM's managed by SUM and they all work fine.
All UTM's are running on bare-metal servers, and SUM is in the VM.
They're all on the same version, and like I said, they all work fine but one UTM.
Here is what I was able to trace on the confd-debug.log on the affected UTM.
2021:02:16-14:38:31 firewall-2 confd[16569]: W Message::err_set:1107() => id="3100" severity="warn" sys="System" sub="confd" name="OBJECT_OBJECT_BADREF (The ruleset object needs firewall objects for the rule switch table attribute.)" class="packetfilter" type="ruleset" ref="REF_ACC_GBL_8dc15613df4b47a88352a0050376cce2cce2" attr="rules_status" user="system" srcip="127.0.0.1" facility="acc-agent" client="acc-agent.plx" call="set_object" check="input" badref="REF_ACC_GBL_deb26033592043cf99d33f239e777e727e72" goodclass="packetfilter"
So, what it looks like there is an messed up / missing rule object with the reference: deb26033592043cf99d33f239e777e727e72
I was trying to trace the the object with "CC", but without any luck. I wasn't able to find it.
firewall-2:/home/login # /usr/local/bin/confd-client.plx get_object REF_ACC_GBL_deb26033592043cf99d33f239e777e727e72
0
I tried to search on the both SUM and UTM, and again, no luck.
Anyone having an idea?
Thanks!
Dorian
This thread was automatically locked due to age.
