Guest User!
You are not Sophos Staff.
We have 2 XGS 2300 (HA mode) with firmware 19.0.1 MR365,
We tried to configure a rule for ssl vpn user with option "Block client without heartbeat" checked". Rule matchs also for clients wihout endpoint installed.
We tried KB-000038254 without luck.
I find NC-93919 solved issue in 19.5. Could be the problem? Could be a solution making a firmware upgrade to 19.5?
Thanks in advance.
Hello Gianluca Maistri ,
Thank you for reaching out to the community, yes the following NC-93720 was reported as Bug in v19.0 GA but has been fixed in the following versions - v19.5.0 GA, v19.0.1 MR-1.
Can you share output of the following commands from the console:
1.) system synchronized-security delay-missing-heartbeat-detection show
2.) system synchronized-security suppress-missing-heartbeat-to-central show
*Note - Ensure to share the output from both the nodes in HA
And is your HA mode deployed in A-A or A-P ?
Thanks & Regards,
_______________________________________________________________
Vivek Jagad | Team Lead, Global Support & Services
Sophos Community | Product Documentation | Sophos Techvids | SMS
If a post solves your question please use the 'Verify Answer' button.
Hello Gianluca Maistri ,
Thank you for reaching out to the community, yes the following NC-93720 was reported as Bug in v19.0 GA but has been fixed in the following versions - v19.5.0 GA, v19.0.1 MR-1.
Can you share output of the following commands from the console:
1.) system synchronized-security delay-missing-heartbeat-detection show
2.) system synchronized-security suppress-missing-heartbeat-to-central show
*Note - Ensure to share the output from both the nodes in HA
And is your HA mode deployed in A-A or A-P ?
Thanks & Regards,
_______________________________________________________________
Vivek Jagad | Team Lead, Global Support & Services
Sophos Community | Product Documentation | Sophos Techvids | SMS
If a post solves your question please use the 'Verify Answer' button.
Okay, can you also share the output from the aux appliance ?
And since when are you facing this issue , was there a failover occurred, or any power outage which lead to reboot ?
Thanks & Regards,
_______________________________________________________________
Vivek Jagad | Team Lead, Global Support & Services
Sophos Community | Product Documentation | Sophos Techvids | SMS
If a post solves your question please use the 'Verify Answer' button.
Try setting the delay-missing-heartbeat-detection to 270 seconds with the following command:
#system synchronized-security delay-missing-heartbeat-detection set seconds 270
And then check !
Thanks & Regards,
_______________________________________________________________
Vivek Jagad | Team Lead, Global Support & Services
Sophos Community | Product Documentation | Sophos Techvids | SMS
If a post solves your question please use the 'Verify Answer' button.
Hey Gianluca Maistri we would request you to log a support service request and share the service request id with us, so that we can expedite the process to narrow down the situation further.
Thanks & Regards,
_______________________________________________________________
Vivek Jagad | Team Lead, Global Support & Services
Sophos Community | Product Documentation | Sophos Techvids | SMS
If a post solves your question please use the 'Verify Answer' button.
