Hi there,
I'm running SFVH (SFOS 18.0.0 GA-Build379.HF050620.1) on a SG1235.
Currently these Services are stopped, or dead.
|
WebFTPProxy
|
STOPPED
|
|
WebProxy
|
STOPPED
|
|
WINGc
|
DEAD
|
What can I do?
kind regards
Guenter
Hi Guenter
Please follow the below given steps.
Try to restart the service using below given command
service <service name>:start/restart/stop/debug –ds nosync
-------------------------------------------------------------------------------------------------------------------------
fsck-on-nextboot , please perform this as well
Check file system integrity of all the partitions. Turning ON this option forcefully checks the file system integrity on
next device reboot. By default, a check is OFF but whenever the device goes in failsafe due to following reasons, this check
is automatically turned ON:
• Unable to start Config/Report/Signature Database
• Unable to Apply migration
• Unable to find the deployment mode
fsck-on-nextboot[ off | on | show ]
Once the check is turned ON, on the boot, all the partitions will be checked. The check will be turned OFF again on
the next boot.
If the option is ON and the device boots up due following reasons, then file system check will not be enforced and
the option will be disabled after boot:
• Factory reset
• Flush Device Report
Hi,
On Advancedshell and
kill -9 <PID_of_awarrenhttp>
the Webproxy is still running.
But WINGc is DEAD because
SFVH_SO01_SFOS 18.0.0 GA-Build379.HF050620.1# tail -f WINGc.log
May 07 19:20:59.562641 [MSG] load_crinfo() FW Version: 'SF01V_SO01_18.0.0.379'
May 07 19:21:00.276963 [MSG] load_crinfo() Publickey: '8bd7595d-77cf-4afd-973c-541b84260b0c'
-----------------------------------------
-----------------------------------------
May 07 19:21:00.302593 [MSG] create_webcat_cache() tldcount: 278
May 07 19:21:00.326770 [MSG] create_webcat_cache() done!
May 07 19:21:00.326825 [MSG] tlv_init() wctlv on 4
May 07 19:21:00.326860 [ERR] init_tlv_client() connect failed: No such file or directory!
May 07 19:21:00.326889 [ERR] tlv_init() failed to init TLV client!
May 07 19:21:00.326907 [FAT] main(): starting tlv listner failed
there are some missing file or directory.
fsck-on-nextboot, this command is unknown.
Hi,
as I wrote. This command is unknown.
Sophos Firmware Version SFOS 18.0.0 GA-Build379.HF050620.1
console> fsck
console> fsck-o
console> fsck-on-ne
console> fsck-on-nextboot show
% Error: Unknown Parameter 'fsck-on-nextboot'
console> fsck-on-nextboot
% Error: Unknown Parameter 'fsck-on-nextboot'
console>
Update:
The command is
system fsck-on-nextboot on
I did it, and rebootet the firewall.
In Advanced Console
service -S shows me
skein STOPPED
awarrenhttp STARTING
WINGc DEAD
In addition
Update:
The Webinterface shows again
Currently these Services are stopped, or dead.
|
WebFTPProxy
|
STOPPED
|
|
WebProxy
|
STOPPED
|
|
WINGc
|
DEAD
|
Hi Guenter
Could you please check your license details? Please also share the service -S command output and when you try to start/restart the service what error message are you getting.
WINGc service was used for web categorization in the previous SFOS version from SFOS v17 it has been changed to nSXLd service - https://community.sophos.com/kb/en-us/132211
Hi Guenter
Could you please check your license details? Please also share the service -S command output and when you try to start/restart the service what error message are you getting.
WINGc service was used for web categorization in the previous SFOS version from SFOS v17 it has been changed to nSXLd service - https://community.sophos.com/kb/en-us/132211
Seems OK
SFVH_SO01_SFOS 18.0.0 GA-Build379.HF050620.1# service -S
lcdd UNTOUCHED
postgres RUNNING
sigdb RUNNING
reportdb RUNNING
awarrensmtp UNREGISTERED
smtpd RUNNING
nasm RUNNING
ntpclient RUNNING
garner RUNNING
skein STOPPED
awarrenhttp STARTING
WINGc DEAD
nsxld RUNNING
warren RUNNING
ftpproxy RUNNING
ctipd RUNNING
antispam RUNNING
ips RUNNING
ripd RUNNING
ospfd RUNNING
bgpd RUNNING
zebra RUNNING
dgd RUNNING
dhcpd RUNNING
dhcpd6 UNREGISTERED
ipsec-monitor RUNNING
strongswan RUNNING
strongswan-ctl UNTOUCHED
ddc RUNNING
networkd RUNNING
dyniface UNTOUCHED
gateway RUNNING
tomcat RUNNING
ssod UNTOUCHED
fwcm-updaterd UNREGISTERED
fwcm-heartbeatd UNREGISTERED
fwcm-eventd UNREGISTERED
apache RUNNING
antivirus RUNNING
sandboxd RUNNING
dnsd RUNNING
sslvpn RUNNING
clientless_acce RUNNING
pptpd UNREGISTERED
l2tpd RUNNING
mrouting UNREGISTERED
pimd UNREGISTERED
ha_tunnel UNTOUCHED
ha_pair UNREGISTERED
msync UNTOUCHED
WAF UNREGISTERED
red_client UNREGISTERED
red UNREGISTERED
supportaccess UNTOUCHED
heartbeat UNREGISTERED
enhancedappctrl UNREGISTERED
csd UNTOUCHED
access_server RUNNING
bwm RUNNING
fwm UNTOUCHED
radvd UNREGISTERED
fqdnd RUNNING
fwlog RUNNING
pktcapd RUNNING
hostapd UNTOUCHED
mdev UNREGISTERED
awed RUNNING
hotspotd RUNNING
policyroute RUNNING
snmpd UNREGISTERED
redis-av RUNNING
redis-modified- RUNNING
redis-original- RUNNING
redis-quota RUNNING
redis-resume-se RUNNING
redis-resume-ti RUNNING
redis-appcache RUNNING
link_notify UNTOUCHED
appcached RUNNING
vmtool UNTOUCHED
cfs RUNNING
listener RUNNING
timer RUNNING
shm RUNNING
dbh RUNNING
License:
(Sensitive Infos deleted)
Device registration details
Model SFVH (C----------)
Company name --------------------
Contact person Günter
Registered email address --------------
Module subscription
Add a subscription to your serial number or add time to your existing subscription.
Module subscription details
Module Status Expiration date
Base firewall Evaluating Tue 31 Dec 2999
Network protection Evaluating Tue 31 Dec 2999
Web protection Evaluating Tue 31 Dec 2999
Email protection Evaluating Tue 31 Dec 2999
Web server protection Evaluating Tue 31 Dec 2999
Sandstorm Unsubscribed -
Enhanced support Evaluating Tue 31 Dec 2999
Enhanced plus support Unsubscribed -
Hi,
Sophos Firmware Version SFOS 18.0.0 GA-Build379.HF050620.1
console> system diagnostics show version-info
Serial Number: C----------------
Device-Id: 8bd7595d-77cf-4afd-973c-541b84260b0c
Appliance Model: SFVH
Firmware Version: SFOS 18.0.0 GA-Build379.HF050620.1
Firmware Build: 379
Firmware Loader version:
HW version: SO01
Config DB version: 18.011
Signature DB version: 18.011
Report DB version: 18.011
Webcat Signature version:
Web Proxy version: compiled
SMTP Proxy version: 1.0
POP/IMAP Proxy version: 1.0.0.3.4
Logging Daemon version: 0.0.0.17
AP Firmware: 11.0.011
ATP: 1.0.0296
Avira AV: 1.0.407500
Authentication Clients: 1.0.0019
Geoip ip2country DB: 0
IPS and Application signatures: 18.17.07
Sophos Connect Clients: 1.4.001
RED Firmware: 3.0.000
Sophos AV: 1.0.15575
SSLVPN Clients: 1.0.007
Hot Fix version: 5
Revision number with a HOME-License?
SFVH_SO01_SFOS 18.0.0 GA-Build379.HF050620.1# ls /etc/
OEM group nse_policy_conf.json services
acpi hasalt nsgsig-verify.conf shells
app_series hostname nsswitch.conf snort
cccversion hosts opkg ssh
cish hotplug.d opkg.conf sync.conf
displayversion init.d pam.d sysinit
dropbear iproute2 passwd sysinit_original
ecc_PitWarholInternalCACert.pem ips ppp sysstop
ecc_PitWarholInternalCAkey.pem lic.conf prepdone terminfo
export_var lic_token profile test_keys_and_certs
factrset.sh localtime protocols timezone
firstboot lsb-release rc.d uci-defaults
fonts mdev.conf redis version
fuse.conf mtab redis.conf vimrc
fwgroup nSXLd.conf resolv.conf vmware-tools
fwprep.bin net-snmp rsa_PitWarholInternalCACert.pem zoneinfo
fwtype netconfig rsa_PitWarholInternalCAkey.pem
SFVH_SO01_SFOS 18.0.0 GA-Build379.HF050620.1#
I think this is only a software issue.
Hi Guenter
I think as per the information provided by you, you have installed the XG home version on SG135, is it possible to get SG135 revision number.
It's potentially related to a home license compatibility issue on SG/XG hardware as we do not officially support this deployment method. Could you please try to reinstallation? You may try to install v17.5MR12 official ISO available for the home user and then try to install v18 downloading from mySophos.
Hi,
thank for your effort, but i did not see any context between the hardwarerevision and the software mailfunction.
(btw this HW I received from the Sophos Elite Program).
You wrote WINGc is deprecated and replaces. Why is this service already installed? On a fresh installed System.
What about the disfunction of the classic webproxy?
And why does the SSLTLS Inspection not provide a BLOCK Page?
Sorry, no, I cannot fallback to Version 17.5.
Some Features (like the extended SNAT, DPI Engine and so on) are essential for me and my customers.
V18 is the lowest acceptable Version for me and my customers who want the XG System.
This Setup is a reference for me and my customers and also a good training to learn Sophos XG.
On this background - we should find out what happens here on this (my) box.
I do not want any surprises on Monday if some customers upgraded their boxes.
Hi Guenter,
Apologies for any inconvenience caused.
Since you are a Sophos Partner, could you please raise a support case with us and PM me with your case number so that I can follow up?
I believe this may be related to the ID NC-30873, but will require further investigation to confirm.
Thanks,
