Sophos XG: SFOS 17.0.6 MR6 Released

Sophos has just released the long awaited MR6, for SFOS v17, I have installed it, and it looks like the VPN dropouts, finally stopped 🙂

Release notes:

Note: On v16 to v17 update, SFOS does not set SHA2 truncation on custom IPSec policy. Please see https://community.sophos.com/kb/127867 for details.

Issues Resolved

  • NC-26520 [Base System] Logviewer exceeds allotted diskspace
  • NC-26601 [Base System] validatePort didn’t validate all used ports correctly
  • NC-25574 [IPsec] Upgrade to v17 failed when a policy with name ‘IKEv2’ was created before upgrade
  • NC-26694 [IPsec] High memory usage of charon
  • NC-27001 [IPsec] Unable to enable the fail-over group for IPSec
  • NC-27228 [IPsec] IPsec connection ref count sometimes wrong
  • NC-27276 [IPsec] IKEv2 connection not retried when receiving AUTH_FAILED
  • NC-27278 [IPsec] Display issue in IE11 for IPSec Connections – NAT
  • NC-27283 [IPsec] HA: Hard reset failover takes too long
  • NC-27333 [IPsec] HA: Connections not synced to aux when pushing connect button
  • NC-27384 [IPsec] Race condition in charon when 60s retry timeout and IKE_INIT occur close together
  • NC-27412 [IPsec] IPSec failover group shows 2 active connections
  • NC-27510 [IPsec] IKEv1: cannot handle more than 2 concurrent Quick Mode exchanges per IKE_SA
  • NC-27608 [IPsec] IPSec Profiles XML has no information for new added configuration
  • NC-27734 [IPsec] Unable to recreate the config using the same connection name in Cisco VPN connection after reset
  • NC-27916 [IPsec] CSC freezing sporadically & system goes unresponsive
  • NC-28090 [IPsec] Follow Up – VPN connection can’t be established if the PSK is very long
  • NC-27240 [Mail Proxy] Unable to send emails due to auto routing to rcpt DNS in case of greylisting reply for MX
  • NC-27382 [Network Services] DHCP Relay didn’t work after upgrade to SF v17 MR3
  • NC-26104 [Networking] Networkd dead in HA setup
  • NC-27488 [WAF] Mod_url_hardening stack corruption

Downloads

You can find the firmware for your appliance from in MySophos portal.

Leave a Comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

By continuing to use the site, you agree to the use of cookies. more information

The cookie settings on this website are set to "allow cookies" to give you the best browsing experience possible. If you continue to use this website without changing your cookie settings or you click "Accept" below then you are consenting to this.

Close