Sophos UTM: Issue with 9.601 and new RED Unified Firmwares!

25/03/2019 0 Comments

Sophos UTM

After upgrading to UTM 9.601, all RED devices will perform firmware update, but this also introduces a major change in the firmeware functions, as it introduces the new “unified firmware”, as Sophos both have UTM and XG, they want the two devices to use the same firmware, so it’s only needed to maintain one package.

Unfortunately some RED devices run bad, stops working og even breaks!

For know, there is no solution, just a workaround – which is NOT SUPPORTED on your UTM, if you do this by yourself, but is can be done via this command from SSH shell:

from su –

cc get red use_unified_firmware

if value returned = 1

cc set red use_unified_firmware 0

reds will update and reboot

After this, RED devices are running with the old firmware and are stable again.

live log shows this:

6-10:13:29 cloud red_server[16900]: SELF: (Re-)loading device configurations
2019:03:26-10:13:29 cloud red_server[16900]: A35XXXXXXXXXXX: Device config value ‘version_ng_red50’ changed from ‘1-330-f4c55ab8-0000000’ to ‘5209’
2019:03:26-10:13:29 cloud red_server[16900]: A35XXXXXXXXXXX: Device config value ‘version_red50’ changed from ‘1-330-f4c55ab8-0000000’ to ‘5209’
2019:03:26-10:13:29 cloud red_server[16900]: A35XXXXXXXXXXX: Device config value ‘version_red15’ changed from ‘1-330-f4c55ab8-655eb7e’ to ‘5209’
2019:03:26-10:13:29 cloud red_server[16900]: A35XXXXXXXXXXX: Device config value ‘overlay_fw_enabled’ changed from ” to ‘0’
2019:03:26-10:13:29 cloud red_server[16900]: A35XXXXXXXXXXX: Staging config for upload
2019:03:26-10:13:30 cloud red_server[16900]: SELF: shutdown requested, killing clients
2019:03:26-10:13:30 cloud red_server[16900]: SELF: killing client A35XXXXXXXXXXX
2019:03:26-10:13:30 cloud red_server[16900]: SELF: exiting
2019:03:26-10:13:31 cloud red_server[17016]: [A35XXXXXXXXXXX] Uploaded config to registry service
2019:03:26-10:13:35 cloud red_server[17301]: SELF: RED10rev1 fw version set to 14
2019:03:26-10:13:35 cloud red_server[17301]: SELF: RED10rev2 local fw version set to 5209R2
2019:03:26-10:13:35 cloud red_server[17301]: SELF: RED10rev2 fw version set to 2005R2
2019:03:26-10:13:35 cloud red_server[17301]: SELF: RED15(w) fw version set to 5209
2019:03:26-10:13:35 cloud red_server[17301]: SELF: RED50 fw version set to 5209
2019:03:26-10:13:35 cloud red_server[17301]: SELF: IO::Socket::SSL Version: 1.953
2019:03:26-10:13:35 cloud red_server[17301]: SELF: Startup – waiting 15 seconds …
2019:03:26-10:13:50 cloud red_server[17374]: UPLOAD: Uploader process starting
2019:03:26-10:13:50 cloud red_server[17301]: SELF: (Re-)loading device configurations
2019:03:26-10:13:50 cloud red_server[17301]: A35XXXXXXXXXXX: New device
2019:03:26-10:13:50 cloud red_server[17301]: A35XXXXXXXXXXX: Staging config for upload
2019:03:26-10:13:51 cloud red_server[17374]: [A35XXXXXXXXXXX] Config has not changed, no need to upload to registry service

I made this thread in the community about the troubleshooting – Sophos Support has confirmed this to be a bug, and a currently working on a solution!

https://community.sophos.com/products/unified-threat-management/f/remote-ethernet-device-red/111304/utm-9-601—red-issues

Related Posts

Leave a Comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

By continuing to use the site, you agree to the use of cookies. more information

The cookie settings on this website are set to "allow cookies" to give you the best browsing experience possible. If you continue to use this website without changing your cookie settings or you click "Accept" below then you are consenting to this.

Close