Hi XG Community!
We've released a new build of XG Firewall v18 MR-3.
VPN Remote Access enhancements:
Cloud - AWS/ Azure/ Nutanix enhancements:
Optimize cloud costs and improve security across multi-cloud environments with Cloud Optix. Automatic identification and risk-profiling of security and compliance risks across AWS, Azure and Google Cloud enables teams to fix security gaps and insecure deployments before they are compromised. Learn more.
(# available after a few days of release on community, once v18 MR-3 is available in the AWS marketplace)
Central management enhancements:
Central Firewall Reporting enhancements:
Check out our recent blog and video series on how to make the most of the many great new capabilities in XG Firewall v18 such as the Xstream Architecture, TLS Inspection, FastPath acceleration, Zero-day threat protection, NAT, and much more.
We also have a new Sophos Techvids site for XG Firewall v18.
As usual, this firmware update is no charge for all licensed XG Firewall customers. The firmware will be rolled-out automatically to all systems over the coming weeks but you can access the firmware anytime to do a manual update through Licensing Portal. You can refer this article for more information on How to upgrade the firmware.
For fresh installations (Installers & ISOs), please find the following files:
Free Online Training
Customer Resources and How-To Videos
Take advantage of Partner and Sophos Professional Services
Here are some direct links to helpful resources:
New to XG Firewall?
If you’re new to XG Firewall, see how it provides the world’s best network visibility, protection and response on the new XG Firewall website.
Christian Huber3 - Hi Christian, re: your question on how to disable the Captcha from CLI. Please take a look here:
Could you please provide me with the Case ID.
After upgrading an Active-Passive pair of XG135 devices from SFOS 18.0.1 MR-1-Build396 to MR3, SophosConnect and IPSec VPN stopped accepting connections. However, IPSec connections that the firewall initiated worked.
I noticed that Strongswan wasn't running. A non-HA XG135 that I upgraded to the same version had Strongswan running after the upgrade and reboot.
The following console command resolved the issue:
service strongswan:restart -ds nosync
Unfortunately, after rebooting the HA firewalls, the same problem came back. Does anyone else have the same issue? Any permanent fixes?
Last weekend I upgraded our 210 from 17.5.14 MR-14-1 to 18.0.3 MR-3 and lost SSL VPN (Remote Access), I spend 1.5h trying to get it work but ended up calling Sophos however my call ended up to the overflow queue, and new URGENT case was created and still waiting call back from Sophos support. I was forced to boot back to previous firmware 17.5.14 MR-14-1. Perhaps I should migrate users to Sophos Connect Client...
After the update to MR3, the WLAN access points could not connect.
Downgrading to MR1 everything worked again. Will create a ticket.