December 5, 2014, 6:45 am
Quote:
Install u2d packages <sys>
2014:12:05-15:43:35 matrix auisys[10347]: Starting installing up2date packages for type 'sys'
2014:12:05-15:43:35 matrix auisys[10347]: Installing up2date package: /var/up2date/sys/u2d-sys-9.300005-301002.tgz.gpg
2014:12:05-15:43:35 matrix auisys[10347]: Verifying up2date package signature
2014:12:05-15:43:36 matrix auisys[10347]: Unpacking installation instructions
2014:12:05-15:43:36 matrix auisys[10347]: parsing installation instructions
2014:12:05-15:43:36 matrix auisys[10347]: >================================================= ========================
2014:12:05-15:43:36 matrix auisys[10347]: You are currently running Version 0.0, but Version 9.300005 is required for this up2date package.
2014:12:05-15:43:36 matrix auisys[10347]:
2014:12:05-15:43:36 matrix auisys[10347]: 1. Modules::Logging::msg:46() /</sbin/auisys.plx>Modules/Logging.pm
2014:12:05-15:43:36 matrix auisys[10347]: 2. Modules::Auisys::Installer::Systemstep::install:14 9() /</sbin/auisys.plx>Modules/Auisys/Installer/Systemstep.pm
2014:12:05-15:43:36 matrix auisys[10347]: 3. Modules::Auisys::Up2DatePackages::install:140() /</sbin/auisys.plx>Modules/Auisys/Up2DatePackages.pm
2014:12:05-15:43:36 matrix auisys[10347]: 4. Modules::Auisys::QueueIterator::process_qfiles:81( ) /</sbin/auisys.plx>Modules/Auisys/QueueIterator.pm
2014:12:05-15:43:36 matrix auisys[10347]: 5. main::main:295() auisys.pl
2014:12:05-15:43:36 matrix auisys[10347]: 6. main::top-level:40() auisys.pl
2014:12:05-15:43:36 matrix auisys[10347]: |================================================= ========================
2014:12:05-15:43:36 matrix auisys[10347]: id="371J" severity="error" sys="system" sub="up2date" name="Fatal: Version conflict: required version: 9.300005 <=> current version: 0.0" status="failed" action="install" package="sys"
2014:12:05-15:43:36 matrix auisys[10347]:
2014:12:05-15:43:36 matrix auisys[10347]: 1. Modules::Logging::alf:100() /</sbin/auisys.plx>Modules/Logging.pm
2014:12:05-15:43:36 matrix auisys[10347]: 2. Modules::Auisys::Installer::Systemstep::install:15 2() /</sbin/auisys.plx>Modules/Auisys/Installer/Systemstep.pm
2014:12:05-15:43:36 matrix auisys[10347]: 3. Modules::Auisys::Up2DatePackages::install:140() /</sbin/auisys.plx>Modules/Auisys/Up2DatePackages.pm
2014:12:05-15:43:36 matrix auisys[10347]: 4. Modules::Auisys::QueueIterator::process_qfiles:81( ) /</sbin/auisys.plx>Modules/Auisys/QueueIterator.pm
2014:12:05-15:43:36 matrix auisys[10347]: 5. main::main:295() auisys.pl
2014:12:05-15:43:36 matrix auisys[10347]: 6. main::top-level:40() auisys.pl
2014:12:05-15:43:36 matrix auisys[10347]: [CRIT-311] Firmware Up2Date installation failed
|
any hints ? thank you !
↧
December 5, 2014, 8:50 am
Trying to figure out if this is possible, and based on what I've seen in the UTM probably not. Our client has 2 external IP's. One comes in to the UTM, the other goes directly in to a PBX box. That box will ONLY work if it is directly receiving it's own PUBLIC IP. Is it possible to setup the interfaces in the UTM to passthrough the external IP to the PBX system?
↧
↧
December 5, 2014, 9:03 am
I applied the 9.210-20 update last evening so I could update the TLS certificate (previous bug fixed with this version). The previous cert was expired, but somehow had not been affecting any incoming email. I'm guessing because the firewall just forwards email on to our on-premise exchange server (?). In testing today, I'm noticing no incoming email from google (and several other providers) but plenty from others. Looking the at the SMTP log, I see the following:
2014:12:05-02:25:37 rhythm exim-in[9951]: 2014-12-05 02:25:37 TLS error on connection from mail-ie0-f182.google.com [209.85.223.182]:59201 (SSL_accept): error:1408A0C1:SSL routines:SSL3_GET_CLIENT_HELLO:no shared cipher
2014:12:05-02:25:37 rhythm exim-in[9951]: 2014-12-05 02:25:37 TLS client disconnected cleanly (rejected our certificate?)
2014:12:05-02:25:37 rhythm exim-in[9951]: 2014-12-05 02:25:37 SMTP connection from mail-ie0-f182.google.com [209.85.223.182]:59201 closed by EOF
The certificate is an Exchange UCC from digicert. I exported from our Exchange server to a pfx, imported it into the UTM, and selected that cert under SMPT->Advanced->TLS. I have the intermediate installed on the firewall and it all appears to be installed correctly. Is there a problem with how these certs are installed or is there a problem with this new version of firmware?
Note that I submitted this a case to support and did not get very far.
↧
December 5, 2014, 11:24 am
Hi,
I have 2 UTMs. One is in the Datacenter(DC) and has a fixed IP. The other is in a remote branch, with a floating IP adress. I want to set the DC as respond only. The BranchUTM should initiate the tunnel setup.
To initiate the tunnel is currently manual.
I have to disable the DC Tunnel and enable it. After that, to tunnel will be build.
Is there a How-To for Dummies with screenshots, to set this 'respond only' config up?
Connection Tab:
I'm using he policy AES256 PFS on bith sides.
Automatic Firewall rules is checked
Local interface = internal
Remote-Gateway Tab:
Initiate Connection on the Branch / Respond Only on the DC side
RSA Key
Remote Network of other side each
VPN-ID = hostname of the other side each
Support Path MTU discovery is checked
Support congestion signaling (ECN) is checked
Advanced-TAB:
Automatic CRL fetching is checked
NAT traversal is set to 60
Enable probing of preshared keys is checked
Whats wrong with this?
Stefan
↧
December 5, 2014, 12:18 pm
I'm using 9.210 and trying to get IPv6 working with DNS with a forwarder setup for 1 domain. I'm using Hurricane Electric for IPv6 and that is working fine. I can browse to ipv6.google.com and other IPv6 sites.
The problem is that I have 1 DNS forwarder setup for my local work domain, which is located over a VPN. With IPv6 turned off, this works fine. I can use test.example.local (where example.local is my work domain), and the UTM will use the work DNS server for that DNS lookup. But when I turn on IPv6 and the DNS Request Route at the same time, look ups for example.local stop working. I ran Wireshark on a client and the responses look like it is sending the example.local DNS look ups over the IPv6 link to ns1.he.net, not to my work DNS server.
Anybody have any ideas how to fix that?
Thanks,
Jim
↧
↧
December 5, 2014, 12:40 pm
Hi,
I am hoping someone can point me in the right direction. I have several HP Officejet Pro X576dw that supports ePrint and several Chromebooks that are capable of printing to it. Prior to implementing Sophos UTM, it worked very well. However, since I installed our UTM, it no longer works. Does anyone have any suggestions. I did open a few ports related to ePrint such as the following:
Port 161
Port 427
Port 5222
Port 5223
Also, I did whitelist the ip address of the printer that is in my office in Web Protection just in case it was a URL being blocked.
Thanks,
Jahad
↧
December 5, 2014, 12:49 pm
Hi,
I have a question. Is it possible to create a web form on the blocked page to allow users to submit a site review request? We had this on our previous gateway product that allowed a user to submit a site review request that was emailed to me with the site URL being blocked, the category, their IP Address, the reason it was blocked, their submitted email address, and a comment of why they needed unblocked.
Site Review Request
URL:
http://abcpubliclibrary.org/researchdatabases (the real site is also catergorized as games as well in Sophos)
Categories: Games
User: (172.17.3.9)
Block Reason: Blocked by URL filtering
Email:
user@mydomain.net
Comments:
I would like to be able to request books online I need from my local library to be used in my classroom. Please allow.
__________________________________________________ _______
Date Generated: 2014-09-22 14:43:54
Rule:Block URLs Whose Category Is in Category BlockList
Gateway: mwgappl
Adding this feature to futher UTM builds would help to make the product even better :)
Thanks,
Jahad
↧
December 5, 2014, 1:43 pm
Hi guys,
More than 2 years without having to seek your help again, this product used to stand quiet stable...
But since update to 9.210-20 some issues pop up :
Quote:
Random mails are not coming in, I have nothing in mail manager->smtp logs. Gmail mails for instance wait outside .. until I shutdown the smtp proxy :(
*edit* I get the error from logs with ssh :
"TLS error on connection from mail-wi0-f182.google.com [209.85.212.182]:56209 (SSL_accept): error:1408A0C1:SSL routines:SSL3_GET_CLIENT_HELLO:no shared cipher" which apparently is a know bug
FIX ==> https://www.astaro.org/gateway-produ...rportal-2.html
|
Here is my second problem, I can't get the log to open in the webadmin interface. Popup windows open white and stays like that (for smtp live logs for example), "logging & reporting -> view log files" just hang with the famous "wait an other 30 seconds"
Third thing, I'm stuck with this version as no 9.3 shows up in the up2Date. I'll tried to add manually but without any success..
That's all folks. I'll read your answer tomorrow, if any, here it is already quite late.
I did 9.206 to 210-20 in one "update me to the last version". Before, everything was working like a charm.
I have a software appliance sitting on 2 Dell 2950. Active-passive configuration.
↧
December 5, 2014, 2:41 pm
Hi Guys,
Can someone help with with a quick and dirty guide to configuring Dyn DNS to work with Sophos? I'm trying to setup my firewall to allow remote access to my Network Video Recorder.
Thanks!
↧
↧
December 5, 2014, 6:47 pm
I had threats detected on my computer after opening an email last night so I ran a scan on my computer with my Sophos. I am happy to say that the threats have stopped. Since I ran the scan I have had problems opening two of my facebook games and have an issue posting with a third. I did not have these issues before the scan. I do not know if this is related or just a coincidence. I have preformed problem solving suggested by facebook website(checked Flash, cleared cookies). Has anyone had this issue with Sophos?
↧
December 5, 2014, 8:00 pm
Thank you very much for your help!
↧
December 5, 2014, 10:23 pm
Hi, I have updated to 9.210020 last week on my UTM 110. I noticed some newer updates came out (9.3x) on the up2date website:
Index of /UTM/v9/up2date/
However, I do not see any update that goes form 9.210020 to any of the 9.3 releases. I tried using the 9.209008 to 9.300005 but it freezes at 3% during the pre-check stage. Is it because I have 9.210020 install? Any help is sincerely appreciated.
↧
December 6, 2014, 2:29 am
Hallo Zusammen!
Ich habe vor ca. 2 Wochen von meinem CISCO AP auf den AP15 hier zu Hause umgestellt. Alles läuft wunderbar bis auf den Epson 1500W.
Hat eventuell ein User hier das gleich Problem?
Konfiguration:
VM mit UTM 9 - 9.303-2
WLAN ist bridged ins Accesspoint Netz (internes Netz).
Drucker wird über die mitgelieferte Apple Software (CD) konfiguriert.
Drucker wird über adhoc WLAN konfiguriert und (soll) sich dann automatisch mit dem WLAN verbinden.
Dies funktioniert mit dem CISCO AP einwandfrei, mit dem AP15 nicht. Gleicher Standort beider Systeme.
Drucker hat neuste Firmware.
Während der Konfiguration sehe ich den Drucker immer wieder in den Wireless Protection Einstellungen auftauchen, zeitweise mit sehr niedrigen Übertragungsraten von 11 Mbit und weniger. Teilweise bekomme ich ihn garnicht ins Netz und nach dem Aus- und wieder einschalten des Druckers ist es dann ganz vorbei.
Aus meiner Sicht habe ich schon alle Einstellungen durch (WPA/WPA2, AES/TKIP, Kanaländerung, Drucker direkt neben den AP, 2. WLAN erstellt).
Langsam fällt mir nichts mehr ein und hoffe, das einer von Euch noch eine Idee hat. Mich beschleicht aber eher, das noch ein Firmwarebug des AP15 vorliegt, da es mit dem Cisco ohne Probleme funktioniert.
Viele Grüße
Clipper
↧
↧
December 6, 2014, 6:51 am
IPv6 seems to be pretty broken in 9.3
This is more for devs to read and fix rather than user interaction.
Prior to 9.3 you could either choose Prefix Assignments or DHCPv6. This was handy because Prefix Assignments on the UTM require a /64 prefix. This is another gripe as the RFC for Prefix Assignments states
Code:
3.1. Number and Length of Delegated Prefixes
The prefix delegation mechanism should allow for delegation of
prefixes of lengths between /48 and /64, inclusively. Other lengths
should also be supported. The mechanism should allow for delegation
of more than one prefix to the customer.
So that should be changed regardless.
Anyways...in 9.3 this was changed so that DHCPv6 now requires Prefix Assignments to be turned on but if you have an ISP like Comcast that only gives you 1 /64 for your internal LAN then you are forced to subnet that for multiple networks.
The other part of IPv6 that seems broken, I tested minimally...
Prior to 9.3 you could either NAT your LAN IPv6 range to your WAN IPv6 address or just come directly from the LAN IPv6 range. Once I upgrade to 9.3 I was not able to access the internet via IPv6 until I added a NAT rule for my IPv6 network which sort of defeats the purpose of IPv6.
I have rolled back to 9.209 in the meantime and everything is working again.
↧
December 6, 2014, 7:24 am
Hallo Community,
ich habe eine Sophos UTM 9.2 uns möchte die aktuelle Version von "Endpoint Security and Control" über das Installtionsfile installieren.
Unter Windows 7 funktioniert es ohne Probleme.
Unter Windows 8.1 bekomme ich die Meldung:
"Could not extract Installation files. Error code: 15"
Laut der Knowledgebase von Sophos müsste es mit Windows 8.1kompatubel sein.
Kann mir jemand weiterhelfen??
Vielen Dank im vorraus.
↧
December 6, 2014, 7:26 am
I have been running UTM 9 Virtual Appliance on a VMware farm within my home for a few years now. Just a great product that has all the features I need to manage my families needs and learn for my enterprise profession. My home network contains (5) APs consisting of EnGenius EAP300's. Although everything works great, I wanted to configure the APs into a mesh network. However, the UTM does not recognize the APs within the Pending list. After reading all of the Sophos documentation and Internet research, it appears that the UTM requires a Sophos AP30 (or other Sophos models). I am basing an assumption that the Sophos AP30 is either a rebranded EAP300 or a modified EAP300.
Questions:
1) Is it possible to setup a mesh network with my HW/SW components?
2) If #1=yes, do I need to reflash the EAP300's with AP30 firmware?
3) If #2=yes, where can I get the proper AP30 firmware?
4) If possible to create the mesh network, do I need a Radius server?
5) Is it possible for UTM to create a mesh network with the EAP300's current EnGenius fireware?
Home Version
Model: ASG Software
Firmware: 9.210-20
Pattern: 71507
EnGenius EAP300 APs with power injectors (power cords)
HW version 1
Fireware version: 1.5.1
Appreciate any assistance!
Michael Petit
↧
December 6, 2014, 11:34 am
Webfiltering used to work fine but then it just stopped.
I mainly web filtering for the endpoint protection web control feature.
Looking at the eplog.log file I see all entries containing:
category="0" reputation="" categoryname=""
It looks like categorization is not working anymore..
I backed up my UTM config, re-imaged my server and restored the configs and I am getting the same results
Any advice/help would be much appreciated.
-Dethpod
↧
↧
December 6, 2014, 7:18 pm
Hi everybody,
I update to 9.210-20 but after this the RED live log stop to working, the pop-up of live log is open when click in "Open RED live log" button but no logs are displayed.
Anyone know about it ?
In advanced in the Overview tabs I can see the REDs UP...
thx.
↧
December 6, 2014, 9:00 pm
I am trying to install Sophos UTM Home Edition in Virtualbox but I am having problemas configuring the network settings I guess.
I'm using 2 bridge adapters, as external network my network by default(eg: 192.168.0.x) and then for internal network installer sets by default 192.168.2.1, I don't know if this is correct. When I finish the installation web filtering is not listening the web pages I am visiting.
Can anybody help me to get through this configuration? :confused:
Thanks in advance.
↧
December 7, 2014, 1:01 am
Hi,
I see in the SMTP proxy log that emails are rejected with the following reason:
exim-in[8565]: 2014-12-07 09:52:53 TLS error on connection from [*.*.*.*]:44554 (SSL_accept): error:00000000:lib(0):func(0):reason(0)
2014:12:07-09:52:53 exim-in[8565]: 2014-12-07 09:52:53 TLS client disconnected cleanly (rejected our certificate?)
Why i it rejected? It uses now the default certificate of the UTM. When I use a 3rd party certificate I still get this error. What did I configured wrong?
↧
