Sophos UTM: Issue with 9.601 and new RED Unified Firmwares!

After upgrading to UTM 9.601, all RED devices will perform firmware update, but this also introduces a major change in the firmeware functions, as it introduces the new “unified firmware”, as Sophos both have UTM and XG, they want the two devices to use the same firmware, so it’s only needed to maintain one package.

Unfortunately some RED devices run bad, stops working og even breaks!

For know, there is no solution, just a workaround – which is NOT SUPPORTED on your UTM, if you do this by yourself, but is can be done via this command from SSH shell:

from su –

cc get red use_unified_firmware

if value returned = 1

cc set red use_unified_firmware 0

reds will update and reboot

After this, RED devices are running with the old firmware and are stable again.

live log shows this:

6-10:13:29 cloud red_server[16900]: SELF: (Re-)loading device configurations
2019:03:26-10:13:29 cloud red_server[16900]: A35XXXXXXXXXXX: Device config value ‘version_ng_red50’ changed from ‘1-330-f4c55ab8-0000000’ to ‘5209’
2019:03:26-10:13:29 cloud red_server[16900]: A35XXXXXXXXXXX: Device config value ‘version_red50’ changed from ‘1-330-f4c55ab8-0000000’ to ‘5209’
2019:03:26-10:13:29 cloud red_server[16900]: A35XXXXXXXXXXX: Device config value ‘version_red15’ changed from ‘1-330-f4c55ab8-655eb7e’ to ‘5209’
2019:03:26-10:13:29 cloud red_server[16900]: A35XXXXXXXXXXX: Device config value ‘overlay_fw_enabled’ changed from ” to ‘0’
2019:03:26-10:13:29 cloud red_server[16900]: A35XXXXXXXXXXX: Staging config for upload
2019:03:26-10:13:30 cloud red_server[16900]: SELF: shutdown requested, killing clients
2019:03:26-10:13:30 cloud red_server[16900]: SELF: killing client A35XXXXXXXXXXX
2019:03:26-10:13:30 cloud red_server[16900]: SELF: exiting
2019:03:26-10:13:31 cloud red_server[17016]: [A35XXXXXXXXXXX] Uploaded config to registry service
2019:03:26-10:13:35 cloud red_server[17301]: SELF: RED10rev1 fw version set to 14
2019:03:26-10:13:35 cloud red_server[17301]: SELF: RED10rev2 local fw version set to 5209R2
2019:03:26-10:13:35 cloud red_server[17301]: SELF: RED10rev2 fw version set to 2005R2
2019:03:26-10:13:35 cloud red_server[17301]: SELF: RED15(w) fw version set to 5209
2019:03:26-10:13:35 cloud red_server[17301]: SELF: RED50 fw version set to 5209
2019:03:26-10:13:35 cloud red_server[17301]: SELF: IO::Socket::SSL Version: 1.953
2019:03:26-10:13:35 cloud red_server[17301]: SELF: Startup – waiting 15 seconds …
2019:03:26-10:13:50 cloud red_server[17374]: UPLOAD: Uploader process starting
2019:03:26-10:13:50 cloud red_server[17301]: SELF: (Re-)loading device configurations
2019:03:26-10:13:50 cloud red_server[17301]: A35XXXXXXXXXXX: New device
2019:03:26-10:13:50 cloud red_server[17301]: A35XXXXXXXXXXX: Staging config for upload
2019:03:26-10:13:51 cloud red_server[17374]: [A35XXXXXXXXXXX] Config has not changed, no need to upload to registry service

I made this thread in the community about the troubleshooting – Sophos Support has confirmed this to be a bug, and a currently working on a solution!

https://community.sophos.com/products/unified-threat-management/f/remote-ethernet-device-red/111304/utm-9-601—red-issues

Share:

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.