I started using Sophos I believe in 9.1(-ish), and ran it for a few months. I tried another solution for a couple months, and recently set up a new Sophos UTM with 9.2.
The new installation seems pretty buggy, and has me scratching my head. I don't know there's going to be much resolution, other than reinstalling. I downloaded the .iso from Sophos' website, and verified the checksum. When I first tried to install making a USB key with Rufus, the installation would fail stating "install.tar does not exist.." I switched to disc, and it worked fine.
I have everything up and running, and the network runs fine, but here are the issues:
-DNS works for getting to the internet, but does not work for internal hosts. I have defined a couple of static hosts, as I have done previously, but trying to SSH to my server (for example) using its internal host doesn't work.
-Email relay works fine (relaying email for my file server, etc), and I get email messages for updates, reboots, etc, but the daily report doesn't work. I've noticed in the past sometimes I don't get the daily report, but since I've installed this machine I've received one report, and a lot of the images/stuff in it was broken.
-I'm not totally convinced the IPS is working. Of course, testmyids.com is considered a friendly site and I haven't changed it, but IPS logs are nearly empty. Web filtering and such seems to work (as far as sites/content), but for the most part the only logs in IPS are loading/reloading rules, etc. 9.1 was far more verbose in logging. I don't even think the firewall was logging a lot, and the older version would usually provide a lot of data in the live logs.
-Dynamic DNS doesn't seem to want to update. I use freedns.afraid.org at the moment, which worked fine under 9.1, but it doesn't seem to update with the new install. I logged into my account, and it had an old IP on it. The status on the UTM just says "an update is being performed".
I'm kind of concerned at this point that my network is vulnerable due to all the bugs, but I won't be able to do anything about it for another week yet (and it has been running for probably close to two weeks.
Anyway, I don't know if it's a misconfiguration due to the changes in the new version (which I doubt), or there was something that went horribly wrong, but I doubt there's going to be any reconciliation without reinstalling from scratch, and probably configuring from scratch to try and work around any errors. Not much fun! [:(]
This thread was automatically locked due to age.
