Free Shipping On Many Orders Over $350 (Exclusion Apply)

Chat To Us - 7am-10pm - 7 Days A Week

SFOS 17.5 MR10 Released

The Tech Geeks |

Hi XG Community!

We've released SFOS v17.5.10 MR10 for the Sophos XG Firewall. Initially, the firmware will be available by manual download from the Licensing Portal. We then make the firmware available via auto-update to a number of customers, which will increase over time.

Please visit the following link for more information regarding the upgrade process: Sophos XG Firewall: How to upgrade the firmware.

Issues Resolved

  • NC-46001 [Authentication] STAS is erroring out and causing high CPU load on E-Directory
  • NC-50521 [Authentication] User group assignment issue with LDAP users
  • NC-51881 [Authentication] CAA causing access_server to crash
  • NC-53730 [Dynamic Routing (PIM)] HA active/active appliance is duplicating multicast traffic
  • NC-50560 [Email] Restrict access to WEB-INF directory on port 8094
  • NC-37775 [Firewall] Configuring over 20 time schedulers on the various firewall rules is causing CSC freeze
  • NC-49976 [Firewall] NMI Backtraces & Device Hang in XG v17.5.7-MR7
  • NC-50176 [Firewall] DNAT with Range doesn't work as expected after reboot
  • NC-50713 [Firewall] Sophos Connect does not work with WebProxy and HTTPS traffic
  • NC-51632 [Firewall] Invalid traffic is sent to garner although syslog server is deleted
  • NC-51867 [Firewall] Denied firewall logs send to garner for allowed firewall rule even if logging is disabled
  • NC-52395 [Firewall] Getting wrong username in admin event for firewall rule group name update
  • NC-52474 [Firewall] Incorrect error message displayed while creating "Email server" business rule with existing name
  • NC-55842 [Firewall] Local ACL Exception Rule not working for WebProxy
  • NC-46189 [Hotspot] Timeout received when generating lots of vouchers with QR code enabled
  • NC-50854 [Interface Management] Firefox: vertical scrolling is affected for network interfaces when 4 or more aliases are configured
  • NC-52056 [Interface Management] GRE Tunnel disabled state doesn't persist through a reboot
  • NC-54013 [IPS Ruleset Management] Unable to create backup via local, ftp or email
  • NC-44603 [IPsec] Default Microsoft Azure IPsec policy should use disconnect instead of re-initiate
  • NC-49919 [IPsec] DGD service stopped and unable to start
  • NC-51534 [IPsec] Allowed User is not treating as compulsory for Sophos Connect client configuration
  • NC-51887 [IPsec] Simultaneous login does not work for Sophos Connect IPsec client
  • NC-52701 [IPsec] IPsec tunnel is not reinitiated when XG rekeys IKEv1 session in aggressive mode with certificate
  • NC-50239 [Network Utils] Internet connection get lost when backup job (storagecraft) is running
  • NC-52986 [nSXLd] Web categorization failed and nSXLD coredump
  • NC-49339 [Policy Routing] Traceroute is answered with IP addresses from different port
  • NC-44880 [RED] XG Site to Site RED Tunnel disconnects randomly and does not reconnect until we restart RED service
  • NC-46758 [RED] REDS2 interface is showing blank IP address in hosted server details for WAF.
  • NC-47109 [RED] When customer boot 17.5 MR5 it goes into fail-safe mode because it failed to start RED service
  • NC-49527 [RED] FQDN host appearing as IP host in RED configuration - split network
  • NC-50148 [RED] XG85 /tmp partition fills up
  • NC-47526 [Sandstorm] During Sandstorm scanning, web UI session to the XG gets expired
  • NC-43224 [Synchronized App Control] Unable to load Synchronized Application Control page
  • NC-50809 [UI Framework] Patch jQuery (CVE-2019-11358)
  • NC-44637 [Web] Appliance reboots randomly
  • NC-47824 [Web] File downloading stopped when enabling HTTPs scanning
  • NC-51134 [Web] HTTPS redirected links via HTTP not accessible with sandstorm option on
  • NC-51971 [Web] Scan FTP for malware corrupts zip files
  • NC-48479 [Wireless] Active Access Points are showing as inactive in GUI
  • NC-49480 [Wireless] Backup restore fails from CR35iNG to XG135
  • NC-50532 [Wireless] Wireless Interfaces in UNPLUGGED state after upgrade
  • NC-51539 [Wireless] HA failover takes 15-20 mins due to separate zone(vxlan) interfaces
  • NC-52714 [Wireless] Unable to open the GUI due to CSC service stuck


To manually install the upgrade, you can download the firmware from the Licensing Portal. Please refer to Sophos XG Firewall: How to upgrade the firmware.