Hi XG Community! We've finished SFOS v17.0.8 MR8. This release is available in stages. In first stage it will be available at MySophos. Next week, it will be available from within your device for all SFOS v17.0 installations and later it will be available to v16.05 installations as well.
Notes
- On v16 to v17 update, SFOS does not set SHA2 truncation on custom IPSec policy. Please see https://community.sophos.com/kb/127867
Issues Resolved
- NC-27996 [Authentication] access_server coredump results in users getting logged out
- NC-29485 [Authentication] access_server coredumps and restartings
- NC-28033 [Base System] Packet capture and connection list issue
- NC-28566 [Base System] Garner service restarts
- NC-27214 [Firewall] IPsec NAT chain for all VPN tunnels gets removed if only one tunnel goes down
- NC-29243 [Framework(UI)] Subnet creation is broken for IE11
- NC-26151 [IPsec] IPsec connections can't always be disabled on first try
- NC-27034 [IPsec] IKE packets lost when routed over the HA link
- NC-28076 [IPsec] IPsec detail view has a mismatch for tunnel status
- NC-28558 [IPsec] 'UP' Email notifications are not sent when the IPsec tunnels come up again within 1 second
- NC-28577 [IPsec] Two IKEs for the same connections leads to a lot REKEYED connection on responder
- NC-28795 [IPsec] Strongswan service is stuck in CSC for HA pair
- NC-28850 [IPsec] IPsec Connection UI page hangs
- NC-28857 [IPsec] PFS is shown as enabled in GUI although it is disabled in policy
- NC-28909 [IPsec] Coredump generated for charon due to segmentation fault
- NC-29043 [IPsec] CSC hangs - system becomes unresponsive
- NC-29129 [IPsec] IPsec connection is not reestablished after PPPoE reconnect
- NC-29242 [IPsec] Cannot configure VPNs using IE11
- NC-29254 [IPsec] Random route deletion in IPsec with DGD
- NC-29378 [IPsec] vpnconn_all_status_update takes continuously high cpu when IPsec VPN manage page stays open
- NC-29834 [IPsec] Multiple IKE_SAs in CONNECTING state for the same config when peer does not respond
- NC-29936 [IPsec] vpnconn_all_status_update can overload the system
- NC-29995 [IPsec] IPsec paketfilter rules missing after DGD failback
- NC-30192 [IPsec] IPsec S2S connection not initiated after DHCP interface update
- NC-28106 [RED] RED tunnel disconnects every 24h
- NC-29465 [Reporting] Not able to send mail digest - due to PG connections full
Downloads
You can find the firmware for your appliance from in MySophos portal.