Guest User!

You are not Sophos Staff.

Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 2 replies
  • Subscribers 3 subscribers
  • Views 1350 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Sophos AutoUpdate

loopy
UTM 9.004-34

Beginning with the rolllout in my company and have 4 clients running at the moment. Clients show up in the UTM and have Status OK.
Existing firewall rule: Any => Sophos Live Connect (15 IPs), Services: Any 

But on the clientside the autoupdate does not work.

I'm having following questions;
There's a preconfigured primary address on the clients 
sophos:http://d3.sophosupd.com/update/cat...
 but no secondary path. This is correct? Should'nt there be a primary path with the adress od my UTM and a secondary path with the sophos broker path maybe? I don't find anything in the admin documentation regarding this.

Do I have to change settings on the Web-Protection module?
My clients use a PAC file to go the the internet. Do I have to make some exceptions there?

UPDATE:
When I open the firewall for testing (ANY => ANY) the update works.
The DNS group all.broker.sophos.com for the firewall rule is correct? 


Thanks,


This thread was automatically locked due to age.
Parents
  • 0
    Just add another rule allowing "Internal Network -> Any -> d3.sophosupd.com (DNS group)".

    And if you are using Web Protection in Transparent Mode, add all.broker.sophos.com and d3.sophosupd.com to the Transparent destinations hosts on the Advanced tab.

    ----------
    Sophos user, admin and reseller.
    Private Setup:

    • XG: HPE DL20 Gen9 (Core i3-7300, 8GB RAM, 120GB SSD) | XG 18.0 (Home License) with: Web Protection, Site-to-Site-VPN (IPSec, RED-Tunnel), Remote Access (SSL, HTML5)
    • UTM: 2 vCPUs, 2GB RAM, 50GB vHDD, 2 vNICs on vServer (KVM) | UTM 9.7 (Home License) with: Email Protection, Webserver Protection, RED-Tunnel (server)
  • 0 in reply to scorpionking
    Just add another rule allowing "Internal Network -> Any -> d3.sophosupd.com (DNS group)".

    And if you are using Web Protection in Transparent Mode, add all.broker.sophos.com and d3.sophosupd.com to the Transparent destinations hosts on the Advanced tab.


    Works, thanks
Reply
  • 0 in reply to scorpionking
    Just add another rule allowing "Internal Network -> Any -> d3.sophosupd.com (DNS group)".

    And if you are using Web Protection in Transparent Mode, add all.broker.sophos.com and d3.sophosupd.com to the Transparent destinations hosts on the Advanced tab.


    Works, thanks
Children
No Data
Share Feedback
×

Submitted a Tech Support Case lately from the Support Portal?