Thread Info
  • State Suggested Answer
  • +6 person also asked this people also asked this
  • Locked Locked
  • Replies 95 replies
  • Answers 2 answers
  • Subscribers 46 subscribers
  • Views 176721 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

After MR7 , IPS Pattern fails to update 3.13.89

lferrara

Hi All,

IPS is not updating anymore after MR7. Can someone else confirm this behaviou?

Thanks



This thread was automatically locked due to age.
Parents Reply Children
  • 0 in reply to Andrea Clemente

    Hi

    I have same problem with MR7 . XG is configured as transparent proxy. I have rolled back to MR6 Mail is working fine but Still IPS is not updating.

    BR

    Vishvas

    IPS and Application signatures
    3.13.89
    -
    19:49:29, Aug 24 2017
    Failed
  • 0 in reply to VishvasChitale

    Same issue with my firewall at home. Upgraded our main units at work though and do not have the issue. My home firewall is an SG125 running the software version of SFOS. Wonder if it is only the software version that is having issues?

  • 0 in reply to MichaelBolton

    HI , 

    Sorry to hear that, could you print the output by executing the command in Shell using Optio 5 >3

    #tail -f /log/u2d.log 

    Run the pattern update.

    Post the logs (Obfuscate the Serial ID of your appliance of your discretion )

  • 0 in reply to Aditya Patel

    SFVH_SO01_SFOS 16.05.7 MR-7# tail -f /log/u2d.log
    DEBUG Aug 25 09:52:23 [16637]: Added new server : Host - eu-west-1.u2d.sopho
    s.com., Port - 443
    DEBUG Aug 25 09:52:23 [16637]: Added new server : Host - us-west-2.u2d.sopho
    s.com., Port - 443
    DEBUG Aug 25 09:52:23 [16637]: Added new server : Host - ap-northeast-1.u2d.
    sophos.com., Port - 443
    DEBUG Aug 25 09:52:23 [16637]: Final query string is :
    ?&serialkey=                             &deviceid=cfe24d65-10f7-4a9a-9c6d-6182f3e3919f&fwvers
    ion=16.05.7.305&productcode=CN&appmodel=SF01V&appvendor=SO01&useragent=SF&oem=&p
    kg_ips_version=3.13.89&pkg_ips_cv=12.0&pkg_atp_version=1.0.0156&pkg_atp_cv=1.00&
    pkg_savi_version=1.0.11406&pkg_savi_patch=2&pkg_savi_cv=1.00&pkg_avira_version=1
    .0.20419&pkg_avira_patch=2&pkg_avira_cv=1.00&pkg_clientauth_version=1.0.0008&pkg
    _clientauth_cv=2.00&pkg_apfw_version=9.0.001&pkg_apfw_cv=1.00&pkg_redfw_version=
    2.0.008&pkg_redfw_cv=2.00&pkg_waf_version=1.0.0006&pkg_waf_cv=1.00&pkg_sslvpn_ve
    rsion=1.0.007&pkg_sslvpn_cv=1.00
    DEBUG Aug 25 09:52:23 [16637]: Response code : 200
    DEBUG Aug 25 09:52:23 [16637]: Response body :
    <Up2Date/>

    DEBUG Aug 25 09:52:23 [16637]: Response length : 11
    DEBUG Aug 25 10:00:55 [18048]: --serial =  
    DEBUG Aug 25 10:00:55 [18048]: --deviceid = cfe24d65-10f7-4a9a-9c6d-6182f3e3
    919f
    DEBUG Aug 25 10:00:55 [18048]: --fwversion = 16.05.7.305
    DEBUG Aug 25 10:00:55 [18048]: --productcode = CN
    DEBUG Aug 25 10:00:55 [18048]: --model = SF01V
    DEBUG Aug 25 10:00:55 [18048]: --vendor = SO01
    DEBUG Aug 25 10:00:55 [18048]: --pkg_ips_version = 3.13.89
    DEBUG Aug 25 10:00:55 [18048]: --pkg_ips_cv = 12.0
    DEBUG Aug 25 10:00:55 [18048]: --pkg_atp_version = 1.0.0156
    DEBUG Aug 25 10:00:55 [18048]: --pkg_atp_cv = 1.00
    DEBUG Aug 25 10:00:55 [18048]: --pkg_savi_version = 1.0.11406
    DEBUG Aug 25 10:00:55 [18048]: --pkg_savi_cv = 1.00
    DEBUG Aug 25 10:00:55 [18048]: --pkg_avira_version = 1.0.20419
    DEBUG Aug 25 10:00:55 [18048]: --pkg_avira_cv = 1.00
    DEBUG Aug 25 10:00:55 [18048]: --pkg_apfw_version = 9.0.001
    DEBUG Aug 25 10:00:55 [18048]: --pkg_apfw_cv = 1.00
    DEBUG Aug 25 10:00:55 [18048]: --pkg_waf_version = 1.0.0006
    DEBUG Aug 25 10:00:55 [18048]: --pkg_waf_cv = 1.00
    DEBUG Aug 25 10:00:55 [18048]: --pkg_sslvpn_version = 1.0.007
    DEBUG Aug 25 10:00:55 [18048]: --pkg_sslvpn_cv = 1.00
    DEBUG Aug 25 10:00:55 [18048]: --pkg_clientauth_version = 1.0.0008
    DEBUG Aug 25 10:00:55 [18048]: --pkg_clientauth_cv = 2.00
    DEBUG Aug 25 10:00:55 [18048]: --pkg_redfw_version = 2.0.008
    DEBUG Aug 25 10:00:55 [18048]: --pkg_redfw_cv = 2.00
    DEBUG Aug 25 10:00:55 [18048]: Added new server : Host - eu-west-1.u2d.sopho
    s.com., Port - 443
    DEBUG Aug 25 10:00:55 [18048]: Added new server : Host - us-west-2.u2d.sopho
    s.com., Port - 443
    DEBUG Aug 25 10:00:55 [18048]: Added new server : Host - ap-northeast-1.u2d.
    sophos.com., Port - 443
    DEBUG Aug 25 10:00:55 [18048]: Final query string is :
    ?&serialkey=                            &deviceid=cfe24d65-10f7-4a9a-9c6d-6182f3e3919f&fwvers
    ion=16.05.7.305&productcode=CN&appmodel=SF01V&appvendor=SO01&useragent=SF&oem=&p
    kg_ips_version=3.13.89&pkg_ips_cv=12.0&pkg_atp_version=1.0.0156&pkg_atp_cv=1.00&
    pkg_savi_version=1.0.11406&pkg_savi_patch=2&pkg_savi_cv=1.00&pkg_avira_version=1
    .0.20419&pkg_avira_patch=2&pkg_avira_cv=1.00&pkg_clientauth_version=1.0.0008&pkg
    _clientauth_cv=2.00&pkg_apfw_version=9.0.001&pkg_apfw_cv=1.00&pkg_redfw_version=
    2.0.008&pkg_redfw_cv=2.00&pkg_waf_version=1.0.0006&pkg_waf_cv=1.00&pkg_sslvpn_ve
    rsion=1.0.007&pkg_sslvpn_cv=1.00
    DEBUG Aug 25 10:00:55 [18048]: Response code : 200
    DEBUG Aug 25 10:00:55 [18048]: Response body :
    <Up2Date/>

    DEBUG Aug 25 10:00:55 [18048]: Response length : 11

     

     

  • 0 in reply to Andrea Clemente

    Hi, I have the same problem [SG115w with XG on board]. After applying MR7 I receive messages, but my mails won't go to recipients.

    Any ideas how to fix it without roll back to MR6?

  • 0 in reply to Aditya Patel

    we need a solution/workaround.

    Thanks

  • 0 in reply to MichaelBolton

    For what its worth, I am running the home version SFOS, software version, just updated to MR7 and the IPS patterns updated to 3.13.89 ok for me.  I have not yet updated my XG210 appliance.

  • 0 in reply to lferrara

    Hi All,

    MR7 also does not download other patterns, such as AV. After many hours, the "download" state, and the new automatic pattern download sessions do not start.

    So we have a problem with MR7.
    When the time comes that new firmware version will not break anything ??

    Regarsd
    Jan

  • 0 in reply to JanSadlik

    Hi All

    With MR7 only receiving of mail is not working as well as IPS Update is not working.  Log viewer also does not show Email logs. While rolled back to MR6 ,Every thing is OK except IPS is not updating.

    IPS and Application signatures
    3.13.89
    -
    19:49:29, Aug 24 2017
    Failed

    I fell that for last  couple of Releases  such as  MR4 and MR5 DNS was breaking on VPN. Team need to take rigorous testing and then only release Major Release.

    I will appreciate quick resolution  for MR7  as it contains major vulnerability fix

    BR

    Vishvas

  • 0 in reply to JanSadlik

    Hi lferrara,

    Thanks for your input. It seems to have sorted itself out now. However, I now have a warning that the MTA is Dead. I assume that is related to email relay (I'm in Legacy Mode) but I don't know if it means that email is not being AV scanned or if it's related to the problem that this thread is about?

    Hopefully MR8 or v17 will be more user friendly and less prone to glitches.