Sophos Firewall OS v21 MR1 (re-release) is Now Available

19/02/2025 0 Comments

Sophos Firewall

Sophos has released the MR 1 for SFOS v21 today, there are many bugfixes, and then som new improvements – we still look very much forward to SFOS 21.5 🙂

Release notes from Sophos:

Sophos Firewall v21 MR1 Build 272 brings a number of enhancements; as well as scalability and stability fixes to your Sophos Firewall.

VPN Enhancements

  • SSL VPN now supports the key sizes 3072 and 4096 bits for the Diffie-Hellman key exchange to deliver enhanced communication security and meet compliance requirements.
  • Enhanced UDP-based SSLVPN tunnel resiliency using granular dead peer detection timeout configuration.
  • Improved stability for offloaded Policy-based VPN IPsec traffic that eliminates slow browsing issues.

NAT64 (IPv6 to IPv4 traffic)

  • NAT64 is supported for IPv6 to IPv4 traffic in explicit proxy mode. In this mode, IPv6-only clients can access IPv4 websites. The firewall also supports IPv4 upstream proxy for IPv6-only clients.

Quality-of-life enhancements

v21 MR1 Build 272 offers some enhancements in networking, providing improved performance.

  • The firewall offers enhanced cellular WAN monitoring by automatically setting “8.8.8.8” as the second probe target. This addresses the issue of ISPs blocking gateway pings, reducing the need for manual configuration.
  • Added resiliency to the DHCP service which now auto-restores if it gets into an error state.
  • SD-RED devices now support remote troubleshooting and diagnostics by Sophos Support.

Issues resolved in the re-release of v21 MR1 Build 272:

  • NC-152963 [Firewall]: Fixed the issue discovered in the 21 MR1 Build 272 about the Let’s Encrypt feature related to certificate generation/renewal and firewall rule positioning.
  • NC-152641 [Base System]: After upgrading to 21 MR1 Build 272, the device stopped processing traffic due to SWAP memory configuration changes.
  • NC-151389 [UI Framework]: Hotspot voucher fails to load on the User Portal page.
  • NC-147793 [VPN]: Pattern update failure for SSL VPN.
  • Additionally resolves 50+ important reliability, stability and security fixes.

Check out the v21 MR1 Build 272 release notes for full details.

How to get the firmware and documentation

Sophos Firewall OS v21 MR1 Build 272 is a free upgrade for all licensed Sophos Firewall customers and should be applied to all supported firewall devices as soon as possible to ensure that you have all the latest security, reliability, and performance fixes.

This firmware release will follow our standard update process. You can manually download SFOS v21 MR1 Build 272 from Sophos Central and update anytime. Otherwise, it will be rolled out to all connected devices over the coming weeks. A notification will appear on your local device or Sophos Central management console when the update is available, allowing you to schedule the update at your convenience.

Sophos Firewall OS v21 MR1 Build 272 is a fully supported upgrade from all previous versions of v20, v19.5 and the earlier v21 MR1 Build 237 release. Please refer to the Upgrade Information tab in the release notes for more details.

Full product documentation is available online and within the product.

Related Posts

Leave a Comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

By continuing to use the site, you agree to the use of cookies. more information

The cookie settings on this website are set to "allow cookies" to give you the best browsing experience possible. If you continue to use this website without changing your cookie settings or you click "Accept" below then you are consenting to this.

Close