We have a Sophos XG on Release 16.05 MR8. Since Dec-20-2017 the antivirus service restarts permanently and we are unable to install new antivirus signatures, neither for AVIRA nor SOPHOS engine.
We already tried the workarounds (which includes renaming /content/u2d/pattern or removing /var/savapi and restarting antivirus services) mentioned here:
https://community.sophos.com/products/xg-firewall/f/web-protection/77229/av-service-stopped
We also re-imaged a new XG machine (not just factory reset, a complete fresh installation of XG) with a 16.0.5 MR8 release and restored a backup. Everything works fine until this machine updates to current antivirus patterns. Then the same things happen like mentioned above.
Log /content/u2d.log says for SOPHOS antivir:
Download for file savi_1.00_1.0.12005_full.tar.gz.gpg passed integrity and gpg checks
Either FILE or MSID received in U2DVERSION is blank, savi_12005.tar.gz,
Current savi patterns are at /content/savi_1.00/1.0.11946
New updated patterns are now at /content/savi_1.00/1.0.12005
Callback u2d_pt_installed failed for savi, version = 1.0.12005.
Setting status 'fail' in DB and reverting link for savi to old version = 1.0.11946.
This is nearly identical for AVIRA signatures.
Any help appreciated.
This thread was automatically locked due to age.
