Firewall Management
This is a maintenance release only, so there are no new features.
These are the release notes for Central Firewall.
The features mentioned in these release notes are only available if you have the appropriate license.
View the product documentation at Firewall management.
This is a maintenance release only, so there are no new features.
| Issue ID | Component | Description |
|---|---|---|
| NR-11112 | Firewall Management | Resolved an issue where scheduled firmware upgrades were triggered at the incorrect time. |
| NR-11238 | Firewall Management | Resolved an issue where full mesh configuration of 2 firewalls assigned both firewalls as responder. |
| NR-11236 | Firewall Management | Resolved an issue where creating a group on Sophos Central by importing the configuration from an existing firewall failed. |
| NR-11233 | Firewall Management | Resolved an issue where both primary and secondary WAN link gateways weren't allowed with a wildcard. |
| NR-11403 | Firewall Management | Resolved an issue where a 404 occurred when a firewall was moved to the silent/verbose category from the default dategory. |
| NR-11190 | Firewall Management | Resolved an issue where users couldn't configure web policies for firewall groups when accessing the firewall's web admin console from Sophos Central. |
| NR-11155 | Firewall Management | Resolved an issue with firewall monitor service hosts. |
There are no resolved issues included in this version.
This is a maintenance release only, so there are no new features.
| Issue ID | Component | Description |
|---|---|---|
| NR-11001 | Firewall Management | Resolved an issue where users couldn't access pages on the firewall web console when accessing the firewall through Sophos Central. |
| NR-10963 | Firewall Management | Resolved an issue in Sophos Central Partner where the firewall firmware schedule details didn't show. |
| NR-10894 | Firewall Management | Resolved an issue where the auxiliary firewall wasn't showing on the Firewalls page after users deregistered the primary firewall. |
| NR-10889 | Firewall Management | Resolved an issue where both HA nodes were shown separately in the Firewall Task Queue after an HA failover. |
| NR-10849 | Firewall Management | Resolved an issue where the firewall configuration couldn't be imported to Sophos Central when users added a clientless user (when accessing the firewall through Sophos Central). |
| NR-10848 | Firewall Management | Resolved an issue where HA firewalls showed an orange icon in the Firmware Upgrades - HA window. |
| Issue ID | Component | Description |
|---|---|---|
| NR-9778 | Firewall Management | Resolved an issue where the Sophos Central Firewall API required that users enter the time in "Zulu" format but interpreted it as local time. |
| NR-10218 | Firewall Management | Resolved an issue where users couldn't schedule firmware upgrades through the Sophos Central Firewall API. |
| NR-10369 | Firewall Management | Resolved an issue where some firewalls stopped responding when synchronizing. |
| NR-10835 | Firewall Management | Resolved an issue where users couldn't refresh reports by clicking Report Hub and Report Generator. |
| NR-10885 | Firewall Management | Resolved an issue where no success message was shown when users created a NAT rule. |
| NR-8283 | Firewall Management | Resolved an issue where the firmware upgrade pop-up page wasn't showing the firewall's firmware information. |
| Issue ID | Component | Description |
|---|---|---|
| NR-10534 | Firewall Management | Resolved an issue where users couldn't edit or delete SD-WAN groups after refreshing the SD-WAN Connection Groups page. |
| NR-9123 | Firewall Management | Renamed the Sophos Central signature name "Musical.ly" to "Tiktok". |
This is a maintenance release only, so there are no new features.
| Issue ID | Component | Description |
|---|---|---|
| NR-10475 | Firewall Management | Resolved an issue in Sophos Central where the Create Connection Group button didn't appear after users refreshed the SD-WAN Connection Groups page. |
| NR-10321 | Firewall Management | Resolved an issue in Sophos Central where scheduled firewall backups failed with the following error message: Firewall backup generation has failed. |
This is a maintenance release only, so there are no new features.
| Issue ID | Component | Description |
|---|---|---|
| NR-10347 | Firewall Management | Resolved a firewall monitoring issue with the UTM health check. |
| NR-10247 | Firewall Management | Updated the firewall firmware upgrade message in Sophos Central. |
| NR-10118 | Firewall Management | Resolved an issue where read-only users could create, edit and delete SD-WAN connection groups in Sophos Central. |
| NR-9895 | Firewall Management | Resolved an issue where the Data Anonymisation screen was stuck loading after disabling Data Anonymisation. |
| NR-9504 | Firewall Management | Resolved an issue where users couldn't import their existing firewall configuration into a new firewall group in Sophos Central. |
| NR-10133 | Firewall Management | Resolved an issue where users couldn't create an SD-WAN connection group in Sophos Central because new policies were stuck in a pending status. |
| NR-9807 | Firewall Management | Resolved an issue where an SD-WAN connection group was stuck in a pending status after users added a new firewall in Sophos Central. |
| NR-9638 | Firewall Management | Resolved an issue in Central Partner where the Save button was grayed out when users tried to assign new customers to existing firewalls. |
| NR-10200 | Firewall Management | Resolved an issue where firewalls weren't visible in Central Partner. |
| NR-10217 | Firewall Management | Resolved an issue where users couldn't see the firewall rules for a firewall subgroup in Sophos Central. |
| Issue ID | Component | Description |
|---|---|---|
| NR-9766 | Firewall Management | Resolved an issue where users couldn't manage their firewall templates from the Central Partner dashboard. |
| NR-4514 | Firewall Management | Resolved an issue where firewall synchronization failed if users ungrouped a firewall and then added it back to the same group. |
| NR-9638 | Firewall Management | Resolved an issue where the user couldn't assign firewalls to a different customer because the Save button was grayed out. |
| NR-9304 | Firewall Management | Resolved an issue where users experienced a delay when accessing their firewalls from Sophos Central. |
| NR-10025 | Firewall Management | Resolved an issue where the firewall list wasn't loading due to a high-availability issue. |
| Issue ID | Component | Description |
|---|---|---|
| NR-9655 | Firewall Management | Resolved an issue where no firewalls were listed as available when users attempted to create an SD-WAN connection group. |
| NR-9616 | Firewall Management | Resolved an issue where Sophos Central firewall manager showed the following message, "The firewall has been upgraded to 18.5.2.3" when the firewall was on firmware version 18.5.1 MR-1. |
| NR-9808 | Firewall Management | Resolved an issue where the ATP settings pushed from Sophos Central weren't applied to some firewalls in a group. |
| NR-9437 | Firewall Management | Resolved an issue where a full firewall synchronization failed due to a TLS SSL rule. |
| NR-9196 | Firewall Management | Resolved an issue where a firewall was stuck in a synchronizing status in Sophos Central. |
| NR-9643 | Firewall Management | Resolved an issue where users were unable to open the firewall page from the Central Partner dashboard. |
| NR-10097 | Firewall Management | Resolved an issue where users were unable to perform firmware upgrades for their firewalls from Sophos Central. |
This is a maintenance release only, so there are no new features.
| Issue ID | Component | Description |
|---|---|---|
| NR-9503 | Firewall Management | Resolved an issue where firewalls appeared in MySophos but not on the Central Partner dashboard under Licensing and Billing. |
| NR-9462 | Firewall Management | Resolved an issue where Sophos Central showed an incorrect WAN link status under the SDWAN group. |
| NR-9214 | Firewall Management | Resolved an issue where users couldn't access the Firewall Management dashboard in Sophos Central. |
| NR-9206 | Firewall Management | Resolved an issue where synchronization failed, causing Sophos Central to change default app filter policies. |
| NR-9535 | Firewall Management | Resolved an issue where firewall synchronization failed when users updated a specific policy from Sophos Central. |
| NR-9499 | Firewall Management | Resolved an issue where users' updated their virtual firewall model sizes, and the virtual firewall names weren't updated. |
| NR-9203 | Firewall Management | Resolved an issue where users got an internal server error 500 when adding a secondary ISP link for the SD-WAN connection group. |
| NR-9046 | Firewall Management | Resolved an issue where the firmware upgrade schedule time didn't match the Sophos firewall's local time. |
| NR-8895 | Firewall Management | Resolved an issue with URLs that occurred if a web filter exception was created using a Central Partner Firewall template. |
| NR-7997 | Firewall Management | Resolved an issue where the tasks queue didn't load tasks when the user accessed their firewall through Sophos Central firewall management. |
| NR-7707 | Firewall Management | Resolved an issue where firewall templates couldn't be edited when users included a "#" in the template name. |
| NR-6704 | Firewall Management | Resolved an issue where firewalls were suspended if they weren't in a group. |
| NR-9331 | Firewall Management | Resolved an issue on the Firewall Management - Firewalls page where the Synchronized Security and Version columns were truncated. |
| NR-9109 | Firewall Management | Resolved an issue where UI responsiveness was slow when users accessed the Firewall Management - Firewalls page. |
| NR-8995 | Firewall Management | Resolved an issue where users couldn't update an Application policy for one firewall from Sophos Central. |
| NR-9351 | Firewall Management | Resolved an issue where a firewall wasn't showing on the Central Partner dashboard under the Licensing and Billing tab. |
| NR-9329 | Firewall Management | Resolved an issue in Central Partner where the user couldn't successfully update the firewall template, and the synchronized region wasn't updated. |
| NR-9196 | Firewall Management | Resolved an issue where firewalls were stuck synchronizing in Sophos Central. |
Note: SD-WAN profiles don't work if the XFRM interface's IP address isn't in the /30 subnet. If it isn't, the Migrate option appears next to the firewall. Click it to migrate all IP addresses of the tunnel to the /30 subnet.
| Issue ID | Component | Description |
|---|---|---|
| NR-8897 | Firewall Management | Resolved an issue where Sophos Central's performance was impacted due to the volume of alerts for "Firewall RED tunnel down". |
| NR-8637 | Firewall Management | Resolved an issue in Central Partner where the page got stuck when trying to find firewalls to upgrade. |
| NR-8983 | Firewall Management | Resolved an issue where users couldn't add labels to their firewalls. |
| NR-8686 | Firewall Management | Resolved an issue in Central Partner where users couldn't search on the Firewalls page. |
| NR-7886 | Firewall Management | Resolved an issue where the Feedback button was in the way when users accessed their firewalls through Sophos Central. |
| NR-7288 | Firewall Management | Resolved an issue where the map of India was incorrect on the SD-WAN world maps page. |
| Issue ID | Component | Description |
|---|---|---|
| NR-6870 | Firewall Management | Resolved an issue where customers couldn't import their firewall configuration to Sophos Central. |
| NR-7610 | Firewall Management | Resolved an issue where customers couldn't push their policy configuration from Sophos Central to their firewall. |
| NR-7994 | Firewall Management | Resolved an issue where customers couldn't add firewalls to a group. |
| Issue ID | Component | Description |
|---|---|---|
| NR-7759 | Firewall Management | Resolved a synchronization issue where general policies weren't applied to firewalls correctly. |
| NR-7994 | Firewall Management | Resolved an issue where customers couldn't add firewalls to a group. |
| Issue ID | Component | Description |
|---|---|---|
| NR-7744 | Firewall Management | Resolved an issue where RP-SSO keep restarting. |
| NR-7722 | Firewall Management | Resolved an issue where the creation of hotspot failed due to login template parameter. |
| NR-4942 | Firewall management | Resolved an issue with filtering FQDN. |
| Issue ID | Component | Description |
|---|---|---|
| NR-7642 | Firewall Management | Resolved an issue where the firewall List API didn't show the correct peer information for HA primary or auxiliary devices. |
| NR-7635 | Firewall Management | Resolved an issue where you couldn't save SD-WAN connection group settings. |
| NR-7614 | Firewall management | Resolved an issue where search query parameters for the firewall's API weren't working. |
| NR-7611 | Firewall Management | Resolved an issue in the firewall API where a GET request with a search didn't work. |
| NR-7387 | Firewall Management | Resolved an issue where Controlled Zero Touch didn't work with monthly Sophos Central accounts. |
| NR-7640 | Firewall management | Resolved an issue in the firewall API where a GET request for the firewall list didn't show the firmware versions in the response. |
| NR-7491 | Firewall Management | Updated the Zero Touch text on Sophos Central. |
| NR-7365 | Firewall Management | Resolved an issue with false alerts on Sophos Central. |
| NR-7512 | Firewall Management | Resolved an issue with the SD-WAN connection group configuration where you could add the same resource accessing the same services for the same firewall, which created duplicate rules on the firewall. |
| NR-6680 | Firewall Management | Resolved an issue where you couldn't export full firewall configuration through Sophos Central. |
| Issue ID | Component | Description |
|---|---|---|
| NR-6850 | Firewall Management | Resolved an issue where Sophos Central didn't generate alerts for auxiliary firewalls in an HA setup. |
| NR-7290 | Firewall Management | Resolved an issue where customers couldn't edit their primary or secondary WAN FQDNs on the firewall backend (if they were originally identical). |
| NR-7001 | Firewall Management | Improved the UI text for the error message when an you try to add a HA pair that isn't properly formed to a firewall group in Sophos Central. |
| NR-6775 | Firewall Management | Resolved an issue where you couldn't upgrade the Sophos Firewall firmware through Sophos Central. |
| NR-6755 | Firewall Management | Resolved an issue where you could add the same resource accessing the same services for the same firewall, which created duplicate rules on the firewall. |
| Issue ID | Component | Description |
|---|---|---|
| NR-7356 | Firewall Management | Resolved an issue where users couldn't open Firewall Templates in certain circumstances. |
| NR-7285 | Firewall Management | Resolved an issue where the browser was unresponsive when a user edited networks and routes, if there were several firewalls in a group. |
| NR-7352 | Firewall Management | Resolved an issue where users couldn't configure the captive portal. |
| NR-6783 | Firewall Management | Resolved an issue where users couldn't re-register a firewall, after removing it from a firewall group. |
| NR-7458 | Firewall Management | Resolved an issue where users couldn't upload a CA certificate if they tried to import the certificate with a private key. |
| NR-7004 | Firewall Management | Resolved an issue for SD-WAN connection groups where users couldn't save custom network names. |
| NR-6852 | Firewall Management | Resolved an issue where the firewall configuration wasn't synchronized when it was added to a firewall group. |
| NR-6763 | Firewall Management | Resolved an issue in Sophos Central where users weren't able to approve firewalls for Central Firewall Management. |
| Issue ID | Component | Description |
|---|---|---|
| NR-7225 | Firewall Management | Resolved an issue where Sophos Central only showed 10 SD-WAN connection groups. |
| NR-6892 | Firewall Management | Updated the SD-WAN shared resource page network format example with the correct value. Also, the user must finish the SD-WAN creation group to receive the API error when the network format is incorrect. |
| NR-6889 | Firewall Management | The SD-WAN map is now hidden when there are no connection groups. |
| NR-6769 | Firewall Management | Resolved an issue on the SD-WAN connection summary page, where some of the information in the # of shared resources column was incorrect. |
| NR-6725 | Firewall Management | Resolved an issue where the total number of tunnels shown was wrong in the SD-WAN connection group. |
| NR-6891 | Firewall Management | Resolved an issue on the SD-WAN shared resources page where the multi-text window placeholder text margin wasn't correct. |
| NR-6890 | Firewall Management | The SD-WAN shared resources page table header Resource has been renamed to Resources. |
| NR-6643 | Firewall Management | Resolved an issue where adding a firewall to a group created by an existing firewall got stuck synchronizing if a custom image was in use under Protect > Web > User notifications. |
| Issue ID | Component | Description |
|---|---|---|
| NR-5382 | Firewall Management | Resolved an issue where registered firewalls weren't showing in the Central UI. |
| NR-5341 | Firewall Management | Resolved an issue where users were able to delete firewall templates without clicking the confirmation check box. |
| NR-5340 | Firewall Management | Resolved an issue where an endless spinner popped up on the Central Partner dashboard if a firewall template with no customer was expanded. |
| NR-5322 | Firewall Management | Resolved an issue where users changed web exceptions in the group policy, but changes weren't pushed to the Sophos Firewall. |
| NR-5230 | Firewall Management | Resolved an issue where users updated an Active Directory (AD) server with the IP of another AD server, causing an "undefined" server entry to be created. |
| NR-5231 | Firewall Management | Resolved an issue on the Central UI, where users could create an AD server without entering information into the "Search Queries" field. |
| NR-5409 | Firewall Management | Resolved an issue where group policy firewall rules were stuck in a loading state. |
| CFR-2884 | Firewall Reporting | Resolved an issue where the query filter didn't work when added from a data table or chart. |
| CFR-2882 | Firewall Reporting | Resolved styling issues in the Central Firewall Management UI. |
| CFR-2881 | Firewall Reporting | Resolved an issue where users couldn't select columns from the column settings widget. |
| CFR-2859 | Firewall Reporting | Resolved an issue where if a device had a termed subscription, this wasn't reflected in the Central UI. |
| CFR-2796 | Firewall Reporting | Removed redundant message from the Firewall reporting - Licensing page and changed column name. |
| CFR-2613 | Firewall Reporting | Resolved an issue where the license information for high availabilty devices was shown incorrectly on the Central UI. |
| CFR-2557 | Firewall Reporting | Resolved an issue where users couldn't apply the IN filter for columns which only had numeric values. |
| CFR-923 | Firewall Reporting | Improved text in the Central UI. |
| Issue ID | Component | Description |
|---|---|---|
| CFR-2869 | Firewall Reporting | Dashboard dashlets are not loading for SAS enabled devices. |
| CFR-2859 | Firewall Reporting | When a device has a termed subscription, this isn't reflected in the Central partner dashboard. |
| CFR-2860 | Firewall Reporting | HA status changes don't show on the Central Firewall Reporting licensing page. |
| Issue ID | Component | Description |
|---|---|---|
| NR-4253 | Firewall Management | Resolved an issue in the firewall web admin console where users couldn't delete referenced default FQDN hosts even after they removed the reference from the FQDN host group. |
| NR-5336 | Firewall Management | Resolved an issue in the firewall web admin console where users couldn't update the default FQDN hosts in a group. |
| NR-5305 | Firewall Management | Resolved an issue in the firewall web admin console where users couldn't select a dynamic zone in a local service ACL exception rule. |
| NR-5304 | Firewall Management | Resolved an issue where users couldn't open the firewall web admin console from Sophos Central. |
| NR-5299 | Firewall Management | Resolved an issue in the firewall web admin console where users couldn't create wireless networks or hotspots with the same name. |
| NR-5335 | Firewall Management | Reworded some text in the Firewall Management section in Sophos Central. |
| NR-5271 | Firewall Management | Removed the "drag" icon from the Firewall Management dashboard in the firewall web admin console. |
| NR-5306 | Firewall Management | Removed the "edit" icon from a field in the local ACL exception rule in the firewall's web admin console. |
| NR-5228 | Firewall Management | Resolved an issue where users couldn't uncheck "Use insecure HTTP instead of HTTPS" under Authentication - Captive portal behavior in the firewall web admin console. |
| NR-4690 | Firewall Management | Resolved an issue where users couldn't schedule firewall firmware updates due to a mismatch in the timezone offset from Sophos Firewall and Sophos Central. |
| NR-5347 | Firewall Reporting | Resolved an issue with the subscription listings for virtual firewalls. |
| NR-5338 | Firewall Reporting | Resolved an issue where users couldn't add firewall subscriptions to their firewalls in Central Partner. |
| CFR-2843 | Firewall Reporting | Resolved an issue in Central Firewall Manager where scheduled reports weren't generated. |
| CFR-2778 | Firewall Reporting | Resolved an issue in Central Firewall Manager where the template header wasn't showing Report Generator. |
| CFR-2764 | Firewall Reporting | Resolved an issue in Central Firewall Manager where an incorrect error message showed Report Generator. |
See Central Firewall Management Known Issues list for a full list of known issues with Central Firewall Management.
See Central Firewall Reporting Known Issues list for a full list of known issues with Central Firewall Reporting.
You can find technical support for Sophos products in any of these ways:
Copyright © 2021 Sophos Limited. All rights reserved. No part of this publication may be reproduced, stored in a retrieval system, or transmitted, in any form or by any means, electronic, mechanical, photocopying, recording or otherwise unless you are either a valid licensee where the documentation can be reproduced in accordance with the license terms or you otherwise have the prior permission in writing of the copyright owner.
Sophos and Sophos Anti-Virus are registered trademarks of Sophos Limited and Sophos Group. All other product and company names mentioned are trademarks or registered trademarks of their respective owners.