Guest User!

You are not Sophos Staff.

Thread Info
  • State Suggested Answer
  • +1 person also asked this people also asked this
  • Locked Locked
  • Replies 5 replies
  • Answers 1 answer
  • Subscribers 27 subscribers
  • Views 1130 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Sophos Central - FQDN host \"{hostname}\" could not be updated |

djdrastic

Hi guys we've been using Sophos Central quite a lot to keep our FQDN and Host objects central between all our different firewalls.

Recently we've been noticing new firewalls that are joining are not successfully syncing objects when placed in their groups.

Error message is pretty vague tbh being given a

"

ID : 3 | Status: FAILED

FQDN host \"{hostname}\" could not be updated |"

I've gone through the log as there are thousands of fqdn's and cidrs that it syncs and for the life of me cannot find the problematic entry.Is there a way to debug it any way to figure out what is causing the sync issue ?



This thread was automatically locked due to age.
Parents
  • 0

    Similar concern here.  Began using Central policy groups to manage XG firewalls for the first time recently.  When placing them in groups the initial sync processes repeatedly hang at failures that require either retrying or skipping or the firewall gets stuck at "Error needs attention".   Many also get stuck with red status "Last seen ..minutes ago" for ~10-15 minutes during sync sometimes resulting in service interruptions which may be related.  Sync runs roughly 30 minutes to 1 hour.  When an actual valid fqdn is presented in the error it's often the same domain failing across multiple xg's.  In these cases it may be an fqdn that exists in both local xg + Central policy with same fqdn but different name.  Is there a way for the Central policy to handle renaming the fqdn automatically if that's what it's hanging on?  Not having much time to research the underlying problem the workaround has been to delete the relevant object(s) from the local xg and then retry sync when retries fail.  These are on sfos 18.0.5 mr5 and the majority are rev3 xg115 or xg115w.  Chrome 90.x on Win10 20h2 is the client browsing Central.  Any suggestions?  Examples:

    FQDN host \"{hostname}\" could not be updated | Lightly Limited User (Create bandwidth policy)

FQDN host \"{hostname}\" could not be updated | 256kbps link _Policy FWA (Update bandwidth policy API)

FQDN host \"{hostname}\" could not be updated | *.randomdomain1.com (Update fqdn host)

FQDN host \"{hostname}\" could not be updated | *.randomdomain2.com (Update fqdn host)

Reply
  • 0

    Similar concern here.  Began using Central policy groups to manage XG firewalls for the first time recently.  When placing them in groups the initial sync processes repeatedly hang at failures that require either retrying or skipping or the firewall gets stuck at "Error needs attention".   Many also get stuck with red status "Last seen ..minutes ago" for ~10-15 minutes during sync sometimes resulting in service interruptions which may be related.  Sync runs roughly 30 minutes to 1 hour.  When an actual valid fqdn is presented in the error it's often the same domain failing across multiple xg's.  In these cases it may be an fqdn that exists in both local xg + Central policy with same fqdn but different name.  Is there a way for the Central policy to handle renaming the fqdn automatically if that's what it's hanging on?  Not having much time to research the underlying problem the workaround has been to delete the relevant object(s) from the local xg and then retry sync when retries fail.  These are on sfos 18.0.5 mr5 and the majority are rev3 xg115 or xg115w.  Chrome 90.x on Win10 20h2 is the client browsing Central.  Any suggestions?  Examples:

    FQDN host \"{hostname}\" could not be updated | Lightly Limited User (Create bandwidth policy)

FQDN host \"{hostname}\" could not be updated | 256kbps link _Policy FWA (Update bandwidth policy API)

FQDN host \"{hostname}\" could not be updated | *.randomdomain1.com (Update fqdn host)

FQDN host \"{hostname}\" could not be updated | *.randomdomain2.com (Update fqdn host)

Children
No Data