Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 12 replies
  • Subscribers 39 subscribers
  • Views 3378 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

SFM - Push template to XG broken?

VikenNajarian

Hello,

 

I use the template function to deploy new firewalls for my custommers with a default configuration I created as a template since many years now...

But I'm trying to deploy a new firewall today and I'm trying to push my template and it does not push the whole configuration to it. It pushes randomly just a few objects (between 0 and 50), and it says in the Management System Events that it's successful, with the number written in green, but it's not successful because it should push ~570 objects and not 50 or less...

 

I don't know if the problem is due to the 17.1.2 MR-2 firmware of SFM, but the last firewall sucessfully deployed before this ont which is not working, was when my SFM was still in 17.1.1 MR-1 firmware version.

 

The firewall which has to be deployed with the template is an XG115W 17.5.10 MR-10 (tried with the 17.5.3 MR-3 firmware which was installed by default and the result is the same).

 

Any ideas ?

 

Thanks.

 

Regards



This thread was automatically locked due to age.
  • 0

    I just created a new VM with SFOS 17.5.9 MR-9 on it, and tried to push templates to it, the issue is the same...

    So the problem is really on the SFM side.

    I would like to try to downgrade firmware of SFM to 17.1.1 MR-1 but I don't have the choice to do it on the GUI as we can see on the screenshot:

     

    Anyone have an idea of the ability to downgrade the firmware of SFM ?

     

    Thank you

     

    Regards

    Viken

    XG Certified Architect

    Sophos Gold Partner - Reseller from Lyon, France

  • 0 in reply to VikenNajarian

    I found the way to downgrade the firmware by CLI.

    So now my SMF is back on 17.1.1 MR-1, and I launched a template push and it works well...

    So the problem is that 17.1.2 MR-2 broke the template push to devices...

    I opened a support case with all the details, and I hope they will correct the issue on 17.1.2 or maybe launch a 17.1.3 because in 17.1.1 the issues corrected on 17.1.2 are back :) 

    Viken

    XG Certified Architect

    Sophos Gold Partner - Reseller from Lyon, France

  • 0

    Hi VikenNajarian,

    I'm also having a problem with pushing configuration from SFM to XG devices, I just wondering if what is your XG Central Management configuration and in SFM configuration? I really do appreciate your kind response. 

     

    Thank You

    Jay

  • 0 in reply to RTG

    Hi Jay,

     

    It depends of the firewall that I'm managing. I'm using templates to push a preconfigured template to new out of the box XG firewalls before customizing them to the customer and installing them on their site.

     

    In SFM 17.1.2 and 17.1.3 the XG Central Management is not configured before trying to push template and the issue is still the same right now.

     

    Only 17.1.1 works for template pushing to new devices.

    Viken

    XG Certified Architect

    Sophos Gold Partner - Reseller from Lyon, France

  • 0 in reply to VikenNajarian

    Hi folks.

    please raise a support case.

    Ian

    XG115W - v20 GA - Home

    XG on VM 8 - v20 GA

    If a post solves your question please use the 'Verify Answer' button.

  • 0 in reply to VikenNajarian

    Hi VikenNajarian,

     

    Understood, do you have guidelines on how to downgrade the firmware in CLI?

     

    Thank You

    Jay

  • 0 in reply to rfcat_vk

    Hello

    The support case is already opened since few weeks, here is the number: #9760767 

     

    The last update I received was Wednesday, and they said that they will have a feedback from the development team on 01-Oct.

     

    Viken

    XG Certified Architect

    Sophos Gold Partner - Reseller from Lyon, France

  • 0 in reply to RTG

    Hi Jay,

     

    There is no way to downgrade permanently on SFM. So the trick is to type "Enter" when the SFM is booting, and then you will have the choice to choose the firmware to load, and you will load the firmware that you want to boot.

    Then after the next reboot it will automaticaly boot on the newest firmware, so you will have to do the trick at every boot.

    Viken

    XG Certified Architect

    Sophos Gold Partner - Reseller from Lyon, France

  • 0 in reply to VikenNajarian

    Hi VikenNajarian,

     

    Thank you for your help

  • 0 in reply to VikenNajarian

    Hi.

    do you really mean 1st October or 1st June?

    Ian

    XG115W - v20 GA - Home

    XG on VM 8 - v20 GA

    If a post solves your question please use the 'Verify Answer' button.

Unfiltered HTML