This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

XG85 Webadmin Internal Server Error

Hi,

I've actually problems to connect to the Webadmin and Userportal of two of our customer XG85. I always get this message in the browser:

Internal Server Error

The services worked till a few days. On one machine there is Firmware 7.5.8 on the other 7.5.11, auto hot fix is enabled. The SQL-hot fix was applied and all passwords changed on 04/25. ssh to both machines is possible.

Maybe some bad side effect with the new Sophos hot fix (captchas)?



This thread was automatically locked due to age.
  • Hello Josef,

    Thank you for contacting our Community.

    At the moment this is the first report we heard about this.

    1) Are you able to SSH into the devices? If you can, please run the following commands from the Advanced Shell of the XG and let me know if you can access

    • service tomcat:restart -ds nosync
    • service apache:restart -ds nosync

    2) If you are still unable to access please Restart the GUI certificate from the Advanced Shell of the XG

    • Go to putty >> 2 >> 4 (Reset Default Web Admin Certificate)

    3) Please verify the Port user for the GUI

    • # psql -U nobody -d corporate -c "select * from tblclientservices where servicekey='httpsport';"

    The ouput of the command should say look like this

    servicekey | servicevalue
    ------------+--------------
    httpsport | 4444
    (1 row)

    If you are still unable to access the GUI, please send us the output of apache.log and  tomcat.log as well as csc.log


     
    Emmanuel (EmmoSophos)
    Community Support Engineer | Sophos Technical Support
    Sophos Support VideosProduct Documentation  |  @SophosSupport  | Sign up for SMS Alerts
    If a post solves your question use the 'Verify Answer' link.
  • Hi,

     

    I have same problem on my XG85.

     

    First I try to restart tomcat and apache it won't work. And i don't change https port.

    I can login web console when i reset the GUI certificate.

    But it won't help because i own valid certificate for my domain.

    If i use my certificate it will show "Internal Server Error" message again.

     

    Best regards,

    Todd

  • Hello, I started facing the same problem today.

    it currently has 30 Sophos between XG85, XG105, XG330.

    To date, 5 XG85 devices have experienced this problem.

    I have already performed the procedure mentioned above, but the problem continues.

    Is there anything else we can do?

  • Same issue with xg85 (ten devices)  

    Also, I have xg125 and xg135 and both works good only XG 85

     

    any thoughts?

  • We are also having the same problem, definitely something going on with hotfix update from sophos ? As this happens globally, all our XG85 are inacessible right now as we've disabled wan SSH as per recommendation from sophos. 

  • Hi All,

    Sophos is actively investigating this issue under the ID NC-59728. More information to come.

    Apologies for the inconvenience caused.

    Regards,

    Jasmin
    Community Support Engineer | Sophos Support

    Sophos Support VideosKnowledge Base  |  @SophosSupport | Sign up for SMS Alerts |
    If a post solves your question use the 'This helped me' link

  • Hi Emmo,

    Thanks for reply.

    Yes I'm able to ssh into the boxes and I applied all your points, but no changes.

    Here are some log excerps:

    apache.log

    [Tue May 05 23:29:10.710415 2020] [core:warn] [pid 3548:tid 1995573568] AH00111: Config variable ${MYBASE} is not defined
    [Wed May 06 08:11:45.996052 2020] [core:warn] [pid 25428:tid 1995618624] AH00111: Config variable ${NEWURLMAP} is not defined
    [Wed May 06 08:11:45.996245 2020] [core:warn] [pid 25428:tid 1995618624] AH00111: Config variable ${MYBASE} is not defined
    [Wed May 06 08:11:45.996283 2020] [core:warn] [pid 25428:tid 1995618624] AH00111: Config variable ${MYBASE} is not defined
    [Wed May 06 08:11:45.996318 2020] [core:warn] [pid 25428:tid 1995618624] AH00111: Config variable ${NEWURLMAP} is not defined
    [Wed May 06 08:11:45.996353 2020] [core:warn] [pid 25428:tid 1995618624] AH00111: Config variable ${MYBASE} is not defined
    [Wed May 06 08:11:45.996388 2020] [core:warn] [pid 25428:tid 1995618624] AH00111: Config variable ${NEWURLMAP} is not defined
    [Wed May 06 08:11:45.996421 2020] [core:warn] [pid 25428:tid 1995618624] AH00111: Config variable ${NEWURLMAP} is not defined
    [Wed May 06 08:11:45.996455 2020] [core:warn] [pid 25428:tid 1995618624] AH00111: Config variable ${NEWURLMAP} is not defined
    [Wed May 06 08:11:45.996467 2020] [core:warn] [pid 25428:tid 1995618624] AH00111: Config variable ${MYBASE} is not defined

    tomcat.log

    2020-5-6 7:12:2,473 - INFO - HFHelper - isCaptchaRequired() client is in Zone:2
    2020-05-06 07:12:02.678:WARN:oejs.HttpChannel:qtp5592464-8: /webconsole/webpages/login.jsp
    javax.servlet.ServletException: javax.servlet.ServletException: java.lang.UnsatisfiedLinkError: /lib/jvm/java-8-openjdk/jre/lib/i386/libfontmanager.so: libfreetype.so.6: cannot open shared object file: No such file or directory
    java.lang.UnsatisfiedLinkError: /lib/jvm/java-8-openjdk/jre/lib/i386/libfontmanager.so: libfreetype.so.6: cannot open shared object file: No such file or directory
    2020-5-6 7:12:2,990 - INFO - HFHelper - isCaptchaRequired() client is in Zone:2
    2020-05-06 07:12:02.998:WARN:oejs.HttpChannel:qtp5592464-10: /webconsole/webpages/login.jsp
    javax.servlet.ServletException: javax.servlet.ServletException: java.lang.NoClassDefFoundError: Could not initialize class sun.font.SunFont

     

     

    bye Josef

    Firewall consultant since 1995
    Astaro consultant since 2001
    Sophos partner since 2012
    BERGMANN engineering & consulting GmbH, Wien/Austria

  • I solved the problem as follows.

    I downloaded the latest firmware from https://id.sophos.com xg85 devices can access from LAN network I installed the latest firmware from the firmware section HW-17.5.12_MR-12.SF110-664.gpg manually fixed the problem of access from wan fixed .

    Best regards

  • the problem continues. Although I installed new firmware, it exploded again after hotfix. :)

  • We have the same problem on all xg85 and xg85w ....