Guest User!

You are not Sophos Staff.

Thread Info
  • State Verified Answer
  • +1 person also asked this people also asked this
  • Locked Locked
  • Replies 16 replies
  • Answers 1 answer
  • Subscribers 32 subscribers
  • Views 1633 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

XGS Stopped Working (18.5.3)

Peter Mastrangelo

(2) Sophos XGS4500 (SFOS 18.5.3 MR-3-Build408) HA

I was wondering if anyone has seen this issue.
Yesterday our XGS just stopped passing traffic (nothing would go through). The XGS was accessible internal (web interface and ssh) and was able to communicate to external. Just nothing would pass through and no errors anywhere I could find.

Forcing  a failover to the auxiliary XGS solved the issue and everything came back up. Switching back to the primary also everything is now fine.

The XGS has been solid for months with no issues.
The only change that has been made to the XGS was the update to 18.5.3 last week.

I am now a little uneasy about the stability of 18.5.3 and thinking of rolling back to 18.5.2.
Wanted to see if anyone else has seen this issue or if it was just a fluke.

Thank You,
-Peter Mastrangelo



This thread was automatically locked due to age.
  • 0

    Hi ,

    Did you collect logs from the firewall in a broken state? Did it reboot properly after the firmware update? Did you check the uptime or any service is down? 

    You might find the root cause in the system or applog log files. 

  • 0 in reply to Excommunicado

    Thank You for the answer.

    Unfortunately the issue happened again. We had to quickly "switch to passive" because we are a K12 school dependent on Chromebooks.

    I rolled back the firmware to 18.5.2 using this as a guide https://support.sophos.com/support/s/article/KB-000038017?language=en_US

    The issue has not appeared again \ yet.

    I did pull the logs off the device(s) and have been looking through them but haven't found anything yet.

    We will be holding off any firmware updates 18.5.3 or possibly 19 until the end of the school year.

    Thank You,

    -Peter Mastrangelo

  • 0 in reply to Peter Mastrangelo

    I have the same problem in the company. Updated XG for SFOS 18.5.3 MR-3-Build408. Equipment in Active x Passive HA. Simply 1 stops traffic and only returns after restarting. We are currently operating on the secondary XG and there have been no more problems. We have an open call with Sophos to try to identify the cause.

  • 0

    Update 2022-05-03

    We spoke too soon that the rollback to 18.5.2 appeared to correct the issue. We had the issue again today.

    It might be just coincidence that this issue started appearing after the 18.5.3 update. XGS was rock solid for months.

    We opened a support ticket.

    -Peter Mastrangelo

  • 0 in reply to Peter Mastrangelo

    Hi everyone, we have the same problem. We have also updated from 18.5.2 to version 18.5.3. Also another update to version 19 did not help the problem persists. We have also already opened a support ticket. (We have also dissolved the HA, this has not solved the problem either.)

  • 0

    We have an open case with Sophos regarding this (Case# 05098782-050987). This has now been escalated all the way through global escalation specialists (GES) to Development (basically as high as it gets) - Development reference number: NC-92066

    We've had the issue with 18.5.2, 18.5.3 and 19.0

    Pair of XGS 116 in HA. Primary stops passing traffic and HA fails over to Auxillary. If you reboot the failed XGS, the HA is restored. If you don't reboot the failed XGS, the new Primary will eventually fail, leaving you with no internet connectivity.

    I would suggest those affected open a case with Sophos and reference our case number and the development reference number. If you already have a case I would suggest you pass our case details on to your current support specialist.

  • 0 in reply to JasP

    Hello everyone, does anyone already have any feedback, with us the support still analyzes the problem...

  • 0 in reply to Andreas Hahn

    With us there was the service, analysis and no assertive diagnosis. We are currently operating on secondary equipment that does not have the problem. when possible, we will leave the problematic equipment operating and put a monitoring system to collect logs in an attempt to find the reason for the traffic stop.

  • 0 in reply to Andreas Hahn

    We are logging a permanent serial console connection to both XGS to see if they can capture a kernel dump when the XGS fails. Waiting for a failure now.

  • 0 in reply to JasP

    Thank you for your feedback, since it affects both firewalls from the HA, we will set up a new firewall and test whether it also occurs there

Share Feedback
×

Submitted a Tech Support Case lately from the Support Portal?

Unfiltered HTML