Sophos Firewall: v19.0 MR1: Feedback and experiences

Hi SWEthank you for sharing your experience. Do you have an open case with Support regarding this issue?

Upgraded on a Atom based system E3845 with 8GB RAM, about 60% RAM utilisation atm (based on 6GB usable).  I accept the UI is slow on these systems, but with power costs and the fact that I haven't had the house cabling project move forward it's what it is atm.  Ultimately with the house cabled I'd use the Dell R220 or XG210 units I have spare.

Hi SWE, 

We (Sophos Engineering team) is very interested in taking a look at your system to find out why it went into failsafe. Do you mind PM'ing me? I tried to send you a PM but seems like you have private messaging disabled. 

Thanks! 

I have a problem with firewall rules. Since I upgraded from 19.0 GA to 19.0 MR1, my WIFI rule is not working anymore, nothing is let through. No ping, no TCP connection from LAN zone to WIFI zone:

As you can see, 0 bytes sent/received. When I switch back to 19.0 GA it all works again and counters go up. I have no explanation why this is happening, any idea where to look for in the logs?

Edit: Same seems to be the case for Rule #11 SMTP.

Why do you use a rule without Logging? 

Check the packet capture - There you should see the used Firewall/NAT Rule. 

Maybe another rule picks up the traffic. Automatic VPN Rule is something, which could potentially cause issues. 

Thx I will see what turned on logging will bring.

However there was a "breaking change" in 19.0 MR1...

Ok now I moved those 2 rules to the top:

And with MR1 there is still no traffic in the "LAN to WIFI" rule. I even deleted the WIFI rule and recreated it. Still the same.

The log viewer shows nothing for that destination IP 10.0.2.14.

Packet capture showed violation by "Firewall".

Rule 0 is the default drop rule, but how can it be that this is now taken, when my rule should cover the connection?

So it seems there is definitely something broken with the WIFI connections (all others seem to work), as it works with 19.0 GA without a problem.

What kind of appliance is this? Is wlnet1 a internal Wireless? 

Its a Home Edition on a Intel based 4-Port Barebone. No internal wireless. The network 10.0.2.0/24 is the network configured on wireless APX120.

It is indeed odd. Looks like something is not rendering your policy. Rule 0 is simply default drop, therefore you do not see anything in Logviewer. If you already recreated the zone, what i could potentially suggest: 

Try to re save the IoT Zone. See if you can save the wireless zone or if there is any error. 

Then check the policy tester in logviewer, does it give you the same result or rule 32? This will lead to the next steps.