SFOS V17 - Microsoft Update and Xbox Download Issues

I got the list from here kamilslab.com/.../

I haven't created any special NAT/fwding rules for xbox, but in all the years i have been running xbox360 and xbone behind my FW i never seemed to need it. Everything worked nicely and I have been buying/downloading games on the platform for years now. That was until a few weeks ago, when i purchased some new titles and none of them (or even any larger updates for existing ones) seemed to install. I first suspected some HDD issues on the console; since the titles were of the play-anywhere type i wanted to install them on my PC - that's when i noticed that they weren't loading there either ...

I always figured, the NAT forwarding was only really necessary for online gaming - which i hardly ever used. Also when I hook the xbox directly into the network of my provider-router the downloads seem to run just fine and there's also no FWding setup and i deliberately switch off UPNP on my routers ...

I will give it a try when i find some time, but honestly, i hope sophos fixes that issue because from my point of view, there must have gone something wrong on their end.

But thanks for the quick help anyway!

Wow. What a mission. I even factory reset my XBox One before stumbling my way into this thread. For me the work around was to create a new LAN to WAN firewall rule right above the original. In the identity section of the new rule I turned on Match Known Users and added my Xbox's group (it was already part of a special clientless open group). Then I removed the Web Policy for this rule.

Luckily I pay extra to my ISP for unlimited downloads...I have a whole lot of games to re-install now!

This doesn't look like it was resolved in SFOS 17.0.3 MR-3.

https://community.sophos.com/products/xg-firewall/b/xg-blog/posts/sfos-17-0-3-mr3-released

Any updates? I'm seeing the same behavior downloading games on the PS4 and watching Netflix on an Amazon Fire TV.

Same issue here running SFOS 17.0.3 MR-3 and trying to download anything to the Xbox over 2GB.

I’m running MR-3 as well and I am not experiencing any issues downloading files over 2GB. I just downloaded a 52GB game with no issues. I have my Xbox One X assigned to its own firewall rule with no web, application or IPS policies (they’re all set to ‘None’). I also have HTTP Scanning disabled.

There is a bug when handling range requests (files broken down into smaller chunks downloaded separately) and file sizes over 2GB.

This will be resolved in 17.0 MR5.

There are no issues in downloading file sizes over 2GB when doing full file downloads or when the file is not broken down using range requests.  Some applications/sites break down large files in other ways.

The workaround until then is to create a higher level firewall rule for service Web and destination network of just that site.  Be sure to remove the workaround after MR5 is installed.

Thanks for the update! I'll be watching for MR5 release.

Michael,

Could you please be more specific on the workaround you are suggesting?

This bug also appears to be blocking the download of Windows Updates on WSUS server in addition to Standard Windows updates. I would simply like the best way to allow this on an entire domain until MR5 is released and hopefully resolves this. 

Thanks!

Ryan