Guest User!

You are not Sophos Staff.

Thread Info
  • State Verified Answer
  • +1 person also asked this people also asked this
  • Locked Locked
  • Replies 22 replies
  • Answers 6 answers
  • Subscribers 33 subscribers
  • Views 59538 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

SFM not syncing with devices

JoseCasanova

Hi everybody,

I have a brand new virtual SFM with SFMOS 15.01.0 MR-2. I've already used SFM and it worked. However this installation it's having a big issue:

non of the devices are Syncing:

You can also see the next Error Log:

The SFM is behind an XG Firewall, I've already created a DNAT policy for it, that allows the traffic from the public IP that I'm registering in the devices Central Management module to the SFM, and another that MASQ with the same IP all traffic from SFM to WAN. 

The Fun part is that the XG in the same LAN is not syncing either. The next security policy log from the XG maybe usefull for the diagnose, it shows traffic when the SFM is trying to sync:

2016-09-09 09:24:24
Invalid Traffic
Denied
-
0
Port1
-
LAN IP of SFM :TCP (52618)
IP of one device :TCP(4444)
01001
2016-09-09 09:24:23
Invalid Traffic
Denied
-
0
Port1
-
LAN IP of SFM :TCP(52618)
IP of one device :TCP(4444)
01001
2016-09-09 09:24:22
Invalid Traffic
Denied
-
0
Port1
-
LAN IP of SFM :TCP(52618)
IP of one device :TCP(4444)
01001
2016-09-09 09:24:22
Invalid Traffic
Denied
-
0
Port1
-
LAN IP of SFM :TCP(52618)
IP of one device :TCP(4444)
01001
2016-09-09 09:24:22
Invalid Traffic
Denied
-
0
Port1
-
LAN IP of SFM :TCP(52618)
IP of one device :TCP(4444)
01001

Any thoughts?

Regards,



This thread was automatically locked due to age.
Parents
  • 0

    Hi Jose,

    Please create a Source based Allow All rule for SFM IP in XG Firewall & check the status of issue.

    Ravi

  • 0 in reply to RaviPatel

    Hi Ravi,

    i have exactly the same behavior. I have added an allow any rule for the sfm host ip to any zone and any destination with any service. Tis is not solving the problem. The XG and the sfm are both with one interface in the same net and the SFM can connect the XG but can not sync with the XG.

    The Firewall logging Feature oft the XG is really very bad when you come from administrating UTM firewalls... This is definitly a step backwards not forward. The Firewall and SFM constellation is not working out of the box and the troubleshooting of this problems are really fail...

    Can you please tell me how to exactly troubleshoot this problem, can i monitor the logs with grep and tail on the cli to see the issues clearly?

    What is the meaning of invalid traffic? Is this traffic malformed or only does not apply to the policys of the xg?

    In the documentation of the xg i miss a lot of things like what is invalid traffic,... 

    For me the concept of XG/SFM looks a little beta...

     

    Sorry for this direct words.

  • 0 in reply to AndreasRieger

    Hi Jason/Andreas,

    We have checked the issue & found issue as bug. Reference JIRA ID: NCCC-3807.

    Please email me (ravi.b.patel@sophos.com) SFOS SSH, GUI access and  SFOS credential to apply solution to resolve the reported issue.

    Ravi

  • 0 in reply to RaviPatel

    Hi Ravi,

    thanks for the answer. I Already sent the email.

    Regards,

    Jose

Reply Children
No Data