This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

XG85 Webadmin Internal Server Error

Hi,

I've actually problems to connect to the Webadmin and Userportal of two of our customer XG85. I always get this message in the browser:

Internal Server Error

The services worked till a few days. On one machine there is Firmware 7.5.8 on the other 7.5.11, auto hot fix is enabled. The SQL-hot fix was applied and all passwords changed on 04/25. ssh to both machines is possible.

Maybe some bad side effect with the new Sophos hot fix (captchas)?



This thread was automatically locked due to age.
Parents
  • Hello Josef,

    Thank you for contacting our Community.

    At the moment this is the first report we heard about this.

    1) Are you able to SSH into the devices? If you can, please run the following commands from the Advanced Shell of the XG and let me know if you can access

    • service tomcat:restart -ds nosync
    • service apache:restart -ds nosync

    2) If you are still unable to access please Restart the GUI certificate from the Advanced Shell of the XG

    • Go to putty >> 2 >> 4 (Reset Default Web Admin Certificate)

    3) Please verify the Port user for the GUI

    • # psql -U nobody -d corporate -c "select * from tblclientservices where servicekey='httpsport';"

    The ouput of the command should say look like this

    servicekey | servicevalue
    ------------+--------------
    httpsport | 4444
    (1 row)

    If you are still unable to access the GUI, please send us the output of apache.log and  tomcat.log as well as csc.log


     
    Emmanuel (EmmoSophos)
    Technical Team Lead, Global Community Support
    Sophos Support VideosProduct Documentation  |  @SophosSupport  | Sign up for SMS Alerts
    If a post solves your question use the 'Verify Answer' link.
Reply
  • Hello Josef,

    Thank you for contacting our Community.

    At the moment this is the first report we heard about this.

    1) Are you able to SSH into the devices? If you can, please run the following commands from the Advanced Shell of the XG and let me know if you can access

    • service tomcat:restart -ds nosync
    • service apache:restart -ds nosync

    2) If you are still unable to access please Restart the GUI certificate from the Advanced Shell of the XG

    • Go to putty >> 2 >> 4 (Reset Default Web Admin Certificate)

    3) Please verify the Port user for the GUI

    • # psql -U nobody -d corporate -c "select * from tblclientservices where servicekey='httpsport';"

    The ouput of the command should say look like this

    servicekey | servicevalue
    ------------+--------------
    httpsport | 4444
    (1 row)

    If you are still unable to access the GUI, please send us the output of apache.log and  tomcat.log as well as csc.log


     
    Emmanuel (EmmoSophos)
    Technical Team Lead, Global Community Support
    Sophos Support VideosProduct Documentation  |  @SophosSupport  | Sign up for SMS Alerts
    If a post solves your question use the 'Verify Answer' link.
Children
  • Hi,

     

    I have same problem on my XG85.

     

    First I try to restart tomcat and apache it won't work. And i don't change https port.

    I can login web console when i reset the GUI certificate.

    But it won't help because i own valid certificate for my domain.

    If i use my certificate it will show "Internal Server Error" message again.

     

    Best regards,

    Todd

  • Hello, I started facing the same problem today.

    it currently has 30 Sophos between XG85, XG105, XG330.

    To date, 5 XG85 devices have experienced this problem.

    I have already performed the procedure mentioned above, but the problem continues.

    Is there anything else we can do?

  • We are also having the same problem, definitely something going on with hotfix update from sophos ? As this happens globally, all our XG85 are inacessible right now as we've disabled wan SSH as per recommendation from sophos. 

  • Hi All,

    Sophos is actively investigating this issue under the ID NC-59728. More information to come.

    Apologies for the inconvenience caused.

    Regards,

    Jasmin
    Community Support Engineer | Sophos Support

    Sophos Support VideosKnowledge Base  |  @SophosSupport | Sign up for SMS Alerts |
    If a post solves your question use the 'This helped me' link

  • Hi Emmo,

    Thanks for reply.

    Yes I'm able to ssh into the boxes and I applied all your points, but no changes.

    Here are some log excerps:

    apache.log

    [Tue May 05 23:29:10.710415 2020] [core:warn] [pid 3548:tid 1995573568] AH00111: Config variable ${MYBASE} is not defined
    [Wed May 06 08:11:45.996052 2020] [core:warn] [pid 25428:tid 1995618624] AH00111: Config variable ${NEWURLMAP} is not defined
    [Wed May 06 08:11:45.996245 2020] [core:warn] [pid 25428:tid 1995618624] AH00111: Config variable ${MYBASE} is not defined
    [Wed May 06 08:11:45.996283 2020] [core:warn] [pid 25428:tid 1995618624] AH00111: Config variable ${MYBASE} is not defined
    [Wed May 06 08:11:45.996318 2020] [core:warn] [pid 25428:tid 1995618624] AH00111: Config variable ${NEWURLMAP} is not defined
    [Wed May 06 08:11:45.996353 2020] [core:warn] [pid 25428:tid 1995618624] AH00111: Config variable ${MYBASE} is not defined
    [Wed May 06 08:11:45.996388 2020] [core:warn] [pid 25428:tid 1995618624] AH00111: Config variable ${NEWURLMAP} is not defined
    [Wed May 06 08:11:45.996421 2020] [core:warn] [pid 25428:tid 1995618624] AH00111: Config variable ${NEWURLMAP} is not defined
    [Wed May 06 08:11:45.996455 2020] [core:warn] [pid 25428:tid 1995618624] AH00111: Config variable ${NEWURLMAP} is not defined
    [Wed May 06 08:11:45.996467 2020] [core:warn] [pid 25428:tid 1995618624] AH00111: Config variable ${MYBASE} is not defined

    tomcat.log

    2020-5-6 7:12:2,473 - INFO - HFHelper - isCaptchaRequired() client is in Zone:2
    2020-05-06 07:12:02.678:WARN:oejs.HttpChannel:qtp5592464-8: /webconsole/webpages/login.jsp
    javax.servlet.ServletException: javax.servlet.ServletException: java.lang.UnsatisfiedLinkError: /lib/jvm/java-8-openjdk/jre/lib/i386/libfontmanager.so: libfreetype.so.6: cannot open shared object file: No such file or directory
    java.lang.UnsatisfiedLinkError: /lib/jvm/java-8-openjdk/jre/lib/i386/libfontmanager.so: libfreetype.so.6: cannot open shared object file: No such file or directory
    2020-5-6 7:12:2,990 - INFO - HFHelper - isCaptchaRequired() client is in Zone:2
    2020-05-06 07:12:02.998:WARN:oejs.HttpChannel:qtp5592464-10: /webconsole/webpages/login.jsp
    javax.servlet.ServletException: javax.servlet.ServletException: java.lang.NoClassDefFoundError: Could not initialize class sun.font.SunFont

     

     

    bye Josef

    BERGMANN engineering & consulting GmbH, Wien/Austria

  • Hello, Jasmin.

    Where can we keep up with problem updates in ID NC-59728?

    Do you have any predictions or suggestions with something we can work around? We also have two XG85 with this same problem, and one of these boxes is used by the user portal as clientless access.

  • Hi Jasmin

    Where can we be kept up to date on this issue?  I also have several XG's with the same problem.  

    Thanks

    Bill

     

    Jasmin said:

    Hi All,

    Sophos is actively investigating this issue under the ID NC-59728. More information to come.

    Apologies for the inconvenience caused.

     

  • I have [70] XG85W with this problem.

    Do we have any idea when will it be fix?

  • Hello Juan,

     

    Have you tried in the last two minutes? My device are coming back up without this error so I believe they are pushing down a fix to affected devices.

     

    Thanks,

     

    Brandon

  • Nothing yet on mine

     

    Bill

     

    **fix confirmed after receiving hot fix**