Forum Post: RE: v21 HA Active passive - Aux node takes over same Management...
Again I cannot set up a reliable HA with these two machines. I don't know how I would ever use them in production. 1. deleted HA on primary 2. turned off node 2 and reimaged it with 21GA 3. updated the...
View ArticleForum Post: RE: v21 HA Active passive - Aux node takes over same Management...
One appliance was already replaced - correct? About the network: How are they connected ? Are you using a cable between each other and what is on the other end of both appliances?
View ArticleForum Post: RE: zero touch and initial deployment not working Firewall is...
XGS136_XN02_SFOS 21.0.0 GA-Build169 HA-Auxiliary# cat /log/zt.log ___________________________ | | ------------------------------------| Checking for ZeroTouch |------------------------------------...
View ArticleForum Post: RE: zero touch and initial deployment not working Firewall is...
I wonder how many support cases this NTP server not enabled creates. must be many and many frustration.
View ArticleForum Post: Bloqueio conecxão App itau Desktop
Olá Pessoal tudo bem? Me Chamo Marcos, estou fazendo a primeira implantaçao de um Firewall Sophos em um ambiente, o equipamento é um (XGS 107 Security Appliance). Fiz toda configuração inicial e ele...
View ArticleForum Post: RE: v21 HA Active passive - Aux node takes over same Management...
yes, one replaced. all locally, no switches involved. it's just the basic setup. Port10 directly connected. node1-node2 from node 2: XGS136_XN02_SFOS 21.0.0 GA-Build169 HA-Auxiliary# tail /log/ha.log...
View ArticleForum Post: RE: v21 HA Active passive - Aux node takes over same Management...
is it just a license issue due to one node replaced? because there are lots of lines about licensing.
View ArticleForum Post: RE: Sophos XG86w, Hardware Problem, forget the cmos settings,...
Hi, I would suggest the bios chip is faulty or the motherboard has an intermittent joint which fails under heat load.
View ArticleForum Post: RE: Sophos Firewall: v21.0 GA: Feedback and experiences
I added the FireHOL L3 threat (IP address) threat feed and am finally getting blocks. (URLHaus URLs don't seem to give blocks beyond Sophos built-in. Which is fine: I think the Sophos list does a great...
View ArticleForum Post: RE: v21 HA Active passive - Aux node fails - system startup...
support case created 01963540
View ArticleForum Post: RE: TLS Inspection & Google Passkeys
Hi Ian, IPv6 is enabled on the router, firewall and workstation, but not used. The active connection is Sophos are not showing any active IPv6 sessions. Just to clarify, did you have to create an entry...
View ArticleForum Post: RE: TLS Inspection & Google Passkeys
I had to make a specific gmail rule for IPv6 traffic. IP4 traffic was handled by the existing mail rule. I had to use the IPv6 address of google and create my own IP address group because the current...
View ArticleForum Post: IPsec Remote Access not Receiving traffic
I need some assistance please. Also i am new here, in the community. My ipsec remote access sends traffic but does not receive. See the screenshots of my configuration:
View ArticleForum Post: RE: IPsec Remote Access not Receiving traffic
Hi Adebisi Atilola Please re verify the configuration as per the below link :...
View ArticleForum Post: RE: HA config - After trying to upgrade to the latest version I...
Steve Weißflog THANK YOU for trying to help. Running "ip a" on the nodes showed the Master's ports, used with link aggregation (eth1 thru eth4), as all DOWN and their lights were off. The Slave node...
View ArticleForum Post: Suggestion - Add a hotkey or command that can be ran from the...
I know the system automatically backs up the config before applying firmware. I wish Sophos would add a hotkey or a console command that would be advertised after logging in that would list out all the...
View ArticleForum Post: RE: Modify sub domain, port and path of URL
Try using the browser's developer tools. There you should be able to see what is arriving and how the browser is reacting.
View ArticleForum Post: RE: TLS Inspection & Google Passkeys
That's helpful and sent me down the right path. I created an IPV6 rule for LAN to WAN, with the "Destination networks" being the predefined "Google app enforcement" group. The "Security features" are,...
View ArticleForum Post: RE: TLS Inspection & Google Passkeys
Form what I can see the pass key is an encryption method not an application, so you will never see the pass key because it sets up secure communication with google by encrypted handshakes.
View Article