Guest User!

You are not Sophos Staff.

Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 5 replies
  • Subscribers 28 subscribers
  • Views 1784 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Firmware Updates stuck at 0.1%

Chris Boucher

We have a Sophos XG330 and for some reason updates are no longer downloading.
Everything else seems to be working ok Internet, License Sync, Check for firmware updates, ect.
When I click download for the new firmware (HW-18.0.5_MR-5.SF300-586) it just sits at 0.1%
Any ideas as to what I should be looking for?



This thread was automatically locked due to age.
  • 0

    Hi,

    check your disk capacity/occupancy.

    Ian

  • 0

    They all good good to me, most is /boot at 36% use.

  • FormerMember
    0 FormerMember

    Hi ,

    Thank you for reaching out to Sophos Community.

    Request to follow the steps below to narrow down the reported issue.

    ==> Login to SSH > 5. Device Management > 3. Advanced Shell

    Run the below command.

    # tail -f /log/u2d.log

    ==> Click on 'Check for new firmware' under Backup & firmware > Firmware > Latest available firmware.

    ==> You'll be able to see few u2d events. Find below the log line to get the URL on which new firmware will be requested.

    Here is the example for your reference:

    DEBUG Jun 10 08:01:16 [24327]: Received release : GA
    DEBUG Jun 10 08:01:16 [24327]: Received releasenotes : d3tusa5dvomhzy.cloudfront.net/.../18.0.5.586.releasenotes
    DEBUG Jun 10 08:01:16 [24327]: Received message : Sophos Firewall MR Release
    DEBUG Jun 10 08:01:16 [24327]: Received releasedate : 2021-04-29

    ==> Note down the URL from "Received releasenotes :".

    ==> Go back to SSH and run below command.

    # tcpdump -nei any host d3tusa5dvomhzy.cloudfront.net

    ==> Click on 'Download' button under Backup & firmware > Firmware > Latest available firmware.

    Share the session output here or in PM.

  • 0 in reply to FormerMember

    Everything checks out as you have listed, after running tcpdump -nei any host d3tusa5dvomhzy.cloudfront.net and clicking Download I get the below -

    Thu Jun 10 12:54:28 2021 dr_dload_checker: Download for file HF012821.01.tar.gz.gpg was interrupted/did not complete.
    Thu Jun 10 12:54:28 2021 dr_dload_checker: Retrying/Resuming download for file HF012821.01.tar.gz.gpg.

  • FormerMember
    0 FormerMember in reply to Chris Boucher

    It seems the device is unable to download latest HotFix.

    Run the below command to put the CSC service in debug.

    # csc custom debug

    Click on 'Download' button under Backup & firmware > Firmware > Latest available firmware.

    And then run below commands in shell.

    # cat /log/csc.log | grep -i "u2d_dload"

    # cat /log/u2d.log | grep -i "HF012821"

    ==> It would be great if you capture traffic on "d3tusa5dvomhzy.cloudfront.net" in another SSH window.

    # tcpdump -nei any host d3tusa5dvomhzy.cloudfront.net


    Note: Run the below command again to stop csc debugging.

    # csc custom debug

    Also please share the output of below command.

    Login to SSH > 4. Device Console

    console> system diagnostics show version-info