Guest User!

You are not Sophos Staff.

Thread Info
  • State Verified Answer
  • +2 person also asked this people also asked this
  • Locked Locked
  • Replies 86 replies
  • Subscribers 46 subscribers
  • Views 18258 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

XG Firewall v18 MR-5: Feedback and experiences

LuCar Toni

New Thread to cover changes / feedback / experiences about MR5.

MR5 was Re Released. New Build number: 586

"Old" MR3 Thread: https://community.sophos.com/xg-firewall/f/discussions/123403/xg-firewall-v18-mr-3-feedback-and-experiences

"Old" MR4 Thread: https://community.sophos.com/sophos-xg-firewall/f/discussions/124771/xg-firewall-v18-mr-4-feedback-and-experiences

Release Notes: https://community.sophos.com/sophos-xg-firewall/b/blog/posts/xg-firewall-v18-mr5-is-now-available

https://docs.sophos.com/releasenotes/output/en-us/nsg/sf_180_rn.html



This thread was automatically locked due to age.
Parents
  • 0

    I have been doing some testing on my home edition, so I cannot log a ticket, but this update has broken HA (Active-Passive);

    to clarify my setup & testing performed so far.

    I have a VMWare v6.7 with XG running on MR5 (previously I had this running without issue on MR4, it is only when I upgraded to MR5 did I get this issue).

    to connect to FTTC, I have a router/modem set to bridge mode (PPPoE PassThru)

    Initially I upgraded to MR5, and found that the upgrade on on of the unit did not initiate and update/reboot to the MR5 (a little disappointed).

    then to update to MR5,

    • I disabled HA
    • booted using MR5 on Primary.
    • then booted the secondary unit to MR5
    • checked config was correct for both units, and tried to configure HA (Active-Passive) using the quick mode - this would not connect.
    • then tried interactive mode - this worked - I thought it was just an oversight on my part.
    • problem is that I had no internet connection

    I checked my network connections and all was correct except for the internet connection.

    I assumed that it was the router/modem causing the issue, I then went about getting another router  updated and configured, testing before hand to check that it did indeed connect to the internet via FTTC, I go this setup, abut still no connection.

    I now turned to the XG HA setup, disabled HA and voila within seconds, it all connected and i could access the internet.

    I can replicate this every time, without issue.

    I have even gone through creating new VMs and this same experience happens so it is not down to a configuration issue on my VMs.

    if anyone can help me fix the issue I would be very grateful, or if you need to use my system to gather the logs to identify the issue I would also be willing to help.

    I hope this provides some info.

  • 0 in reply to Argo 2

    Do you use the option to use the physical MACs on HA (Checkbox)?

    __________________________________________________________________________________________________________________

  • 0 in reply to LuCar Toni

    I did try both options and neither worked, I got the same results.

  • 0 in reply to Argo 2

    Likely this is a Switch issue, caused by the virtual MACs loaded by XG. The change to physical MACs should resolve this issue, as i can reproduce this on my vmware without this option. Can you check for Logs in this? And can you check the logs to WAN as well? Because this checkbox needs to be set by interactive mode and both appliances will continue to use their physical MACs. 

    Which VMware hypervisor is this? See: https://docs.vmware.com/en/VMware-vSphere/7.0/com.vmware.vsphere.security.doc/GUID-942BD3AA-731B-4A05-8196-66F2B4BF1ACB.html

    __________________________________________________________________________________________________________________

Reply Children
Share Feedback
×

Submitted a Tech Support Case lately from the Support Portal?