Thread Info
  • State Not Answered
  • +1 person also asked this people also asked this
  • Locked Locked
  • Replies 20 replies
  • Subscribers 30 subscribers
  • Views 5509 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

XG210 blown up

Big_Buck

Yes blown up.  Dead.  Nothing. Nada.

Power supply most probably toasted.  No fan. No LED. No LCD.

Called Sophos.  Waited around 75 minutes.  Then line hung up or lost connection.  I re-called.  Waited.

Meanwhile, Sophos WEB site was dead.  Cursor was turning around permanently waiting for HTTPS connection.  That was while trying to open a new case.  One more hour toasted.  At that point, it was more than two in total.  Remember that meanwhile, my phone speaker is repeating the "Please wait while somebody will assist you shortly" ...  Two hours of that message has the potential of turning you numb.

At one point I told myself maybe the chat box works.  It did answer at one point.  The tech there opened the case.

A little before 3 hours waiting, repeating messages stop, then someone on the phone !!!

That tech organised the RMA.  But ...  My business has no phone, no VPN, no mails.  And I'm told I could receive the replacement between 1 to 4 days.

Holy sh...

Paul Jr 



This thread was automatically locked due to age.
  • 0 in reply to rfcat_vk

    Hello

    "Minor gripe, you cannot see the backup password, you can only change it. Not a very successful implementation of security."

    Not only that.  You do not see the SFOS version.   An MR3 backup will not restore on a MR5 SFOS.  So if your backup dates back one or two version, you better have noted it down.  Otherwise go figure.  But wait !!! It gets worse.  You will not restore either if some of your pattern updates does not match.  Particularly "AP Firmare" I presume.  

    It is most possibly THAT problem I had.

    Paul Jr Robitaille

  • 0 in reply to Big_Buck

    Hi Paul,

    I think there was a documented change between MR-3 and MR-5, something about a format change. Your mail message if you have one should identify the SFOS version or at least mine does and I don't mean the name of the backup.

    More testing is required before an update release.

    Ian

  • 0

    Jesus Christ !!!  Another XG210 blown this morning ...

    Reboot, then the screen is stuck there forever:

    I will plug to the serial interface, but ***, I already know it's dead.

    I will toast another 3 hours on the phone setting up an RMA ...  

    Paul Jr

  • 0 in reply to Big_Buck

    Hi, 

    I would talk to your sales to get a deal on a 2nd appliance for HA.  Maybe they will throw you a bone, I know when I bought mine last December it was a BOGO deal at the time.

  • 0 in reply to Big_Buck

    Hi Paul,

    I would begin to suspect your UPS has a fault with over voltage regulation failing?

    Ian

  • 0 in reply to rfcat_vk

    We use Toshiba full time line conditioning  inverter UPS.  And.  This firewall is at a different location.   It’s not the power supply that broke this time.

    Paul jr

  • 0

    Update on my issue.

    I do backup all 3 ways, on a regular basis, manually, and automatically.

    1. Sophos Central
    2. Mail
    3. Local

    You already know that mail method fails since version v17.5.4.  So I cannot count on this one much anymore.

    I had around 50 backups on file.  Dating all the way to January 2019.  YES. Like a paranoid.

    When we upgraded to v17.5.5, I posted the idea to encrypt backup the way Sophos implemented it was a HUGELY BAD idea.  And that and Opt-Out button would have been much more than a luxury.

    1. I know all Go... Da... passwords for all our firewalls backups.  Worry not.  I know them thru time because I note them.  And remember them.
    2. I know the SFOS version on the new and on the old appliance.
    3. I know also the wireless version.
    4. I do not know the version number of all other Avira antivirus, Sophos antivirus or other pattern update.  Who knows ???

    When I was trying to restore any backup version v17.5.5, then v17.5.7 on the new appliance that was supposed to replace the broken one, it failed with a very clueless error message.  "Backup Incompatible, or wrong password".

    SO

    I WAS DEAD for a while.

    The only option left was to try to boot the "broken" XG210.  Console port would show it would jam at trying to load one of both firmwares available there.

    1. Power Off
    2. Power On
    3.  Wait 10 minutes.
    4. Frozen at firmware selection option.
    5. Power Off
    6. Power On
    7.  Wait 15 minutes.
    8. Frozen at firmware selection option.
    9. Power Off
    10. Power On
    11.  Wait 20 minutes.
    12. Frozen at firmware selection option.
    13. Power Off
    14. Power On
    15.  Wait 25 minutes.
    16. Frozen at firmware selection option.
    17. ... And so on.  You got the idea already.  I've done that MANY, MANY, MANY times.
    18. The little display on the appliance would still be blank.  Or sometime would freeze on the first screen.  SSD LED would sometime be stuck RED solid. 

    Many hours wasted.

    So, I had the idea at one point trying to load the other firmware v17.5.5.  And simultaneously go into the firmware and remove anything that would be on the boot list except the SSD.

    WTF ???  It booted ... 

    Do a backup with the same Go...  Da... password via the web page. Transfer the file on the new firewall.  WTF ??? it worked.

    OK.  Let's try to revert the broken firewall back to version v17.5.7.

    WTF ???  It booted ... 

    Do a backup with the same Go...  Da... password via the web page. Transfer the file on the new firewall.  WTF ??? it worked.

    I know an SSD that's dying can behave unpredictably like this.  I regret I did things simultaneously.  I do not know at what step exactly things started to work again, so I do not know which step did not have an impact.  For now, everything is circumstantial.

    It's Sophos’ password implementation I just cannot take.  Just another “find” to make things even less reliable.

    It’s NOT the first time this happen to us.  Last time I had the luxury I uploaded latest setup onto another stand-by firewall just days before the current one blew up.  This time, I could restore because of sheer luck.  Problem created by Sophos.

    Paul Jr

  • 0

    On a positive note, this time, I received the replacement unit MUCH faster. 3 days.

    And just like in May, swapping the registration to the replacement unit was fast, with no hassle, and without a glitch.

    Paul Jr 

  • 0 in reply to Big_Buck

    Do you use the Central Management with Backup Management? 

    Could safe you the trouble of saving Passwords / Backups in the first place. 

  • 0 in reply to LuCar Toni

    Hello Lucar

    I log at central.sophos.com, and there, I use the cloud button "Backup".  I setup the "Backup Frequency" to what I want.  And I do manual backup as well.    And I can only download locally via the WEB page.  My understanding is that these backup were generated by the appliance, and as such are using the password set in the backup menu ON the appliance.  meaning restoring such backup files REQUIRES the appliance password.

    From there, I cannot update firmware.  Like announce by Sophos last week.

    Paul Jr