# LIST OF KNOWN ISSUES FOR SOPHOS UTM Manager V4 # ============================================== # The purpose of this list is to give you an overview of known issues and # possible workarounds, as well as known problems in other software being # used in connection with Sophos UTM Manager V4 # The ID denotes the internal Sophos bugtracking ID and will be shown in # the description of an Up2Date if the issue is fixed. # # We would appreciate if you contribute to this list and would give us # feedback in this respect. # For further infos please contact: knownissues@astaro.com # # Last edit (time is UTC): # $Id: Known_Issues-SUM-V4.txt,v 1.16 2016/03/02 15:39:59 mantis Exp $ Open Issues - Management ======================================================================== ID35774 4.301 Eth3 is not configurable via Webadmin ------------------------------------------------------------------------ Description: If the SUM is running on an SG Appliance or a UTM appliance eth3 won't be configureable. Workaround: Fixed in: Open Issues - Various ======================================================================== ID36324 4.302 object import fails because the system encountered an internal error ------------------------------------------------------------------------ Description: It could happen that the object import from a gateway via the gateway manager fails. You could get one of the following two errors: "syntactic object verification failed" "The system encountered an internal error. Please contact your administrator if this issue persists." Please check the accd log if the following lines are present: # ACCD Log 2016:01:28-10:07:13 sophossum accd: 494433983 [0xecf82b70] WARN libs.store.ObjectValidator null - Syntax validation error for ["global.network.dns_group","hostname"] data: {"comment":"","hostname":"http://supportaccess.sophos.com","name":"http://supportaccess.sophos.com"} [^] 2016:01:28-10:07:13 sophossum accd: 494433984 [0xecf82b70] ERROR server.global.GlobalImportableStore null - syntactic object verification failed, error data: [["global.network.dns_group","hostname"]] -------- 2016:01:28-10:09:11 sophossum accd: 494551884 [0xe25f1b70] WARN libs.store.ObjectValidator null - Semantic validation error: [{"owner":"REF_ACC_GBL_d6a45f21218f496db1458546f1c7ecbeecbe","path":["global.network.host","hostnames",0],"reservation_class":"network_host_hostname","resource":"testsystem10"}] 2016:01:28-10:09:11 sophossum accd: 494551885 [0xe25f1b70] ERROR server.global.GlobalImportableStore null - adding object failed, data: {"address":"10.10.10.10","address6":"","comment":"","hostnames":["argedis8180"],"name":"TESTSYSTEM10","reverse_dns":true}, what: Resource is already exclusive in use, exception data: [{"owner":"REF_ACC_GBL_d6a45f21218f496db1458546f1c7ecbeecbe","path":["global.network.host","hostnames",0],"reservation_class":"network_host_hostname","resource":"testsystem10"}] From the excerpt of the accd log above it can be seen that... 1) ...the accd doesn't allow the creation of a dns_group object Object with the hostname 'http://supportaccess.sophos.com' This happens because in the accd there exists a strict check for a fully qualified hostname that is applied on the hostnames of dns_group objects. This check doesn't allow to have a ':' or a '/' in a fqdn string. -------- 2) ...the accd doesn't allow the creation of a host object with the hostname 'testsystem10' Again here there exists a check in the accd that doesn't allow the creation of a host objects having the same hostname. In the Gateway Manager at Cofiguration->Defintions->Networks there can be found a host object with the name 'TESTSYSTEM10' that uses the same hostname Therefore the accd refuses the creation of another object with the same hostname. The same check exists on the UTM. The confd doesn't allow the creation of two host objects sharing the same host name. Workaround: Fixed in: ID32390 4.201 UTMs connecting to a fresh installation of SUM will have their global configuration objects removed ------------------------------------------------------------------------ Description: UTMs that are configured for central management will connect to their SUM. If that SUM has been re-installed and its backup has not yet been restored, previously deployed configuration objects will be removed. Once the backup on SUM has been restored, all removed configuration objects will be re-deployed. Once that is completed, operation will be back to normal. Please consult the KBA and SUM Upgrade Guide for more information on how to safely update and restore SUM installations: http://www.sophos.com/en-us/support/knowledgebase/120690.aspx http://www.sophos.com/en-us/medialibrary/PDFs/documentation/SUM%20Upgrade%20Guide%204200.pdf Workaround: Fixed in: ID30155 4.000 SUM shows pattern version as outdated ------------------------------------------------------------------------ Description: The SUM downloads every pattern to provide the actually pattern to the UTMs which use the SUM as Up2Date Cache. This can cause the SUM showing an old pattern version. The explaination for this behaivour is the following: The pattern version in the Dashboard will be calculated by the installed pattern versions. Only active patterns will be upgraded. This means the pattern version can be difficult on each UTM through the configuration(active features). Workaround: Fixed in: ID21041 4.000 ACC may leave deleted/undeployed global objects on ASG ------------------------------------------------------------------------ Description: Sometimes in unspecified cases the ACC may leave deleted/undeployed global objects on the UTM. Workaround: Disconnect the UTM from the ACC. click on cleanup objects and re-connect the ACC. Fixed in: Closed Issues - Management ======================================================================== ID22683 4.000 Maps API Error is confusing ------------------------------------------------------------------------ Description: In Google Chrome/Chromium the Worldmap doesnt work. Workaround: There is no workaround. Fixed in: 4.180 Closed Issues - Various ======================================================================== ID35943 4.302 SUM shows error "unable to load Setup Wizard" when trying to open the VPN wizard ------------------------------------------------------------------------ Description: Workaround: Fixed in: 4.302 ID35941 4.301 Update SUM appliance images ------------------------------------------------------------------------ Description: Workaround: Fixed in: 4.302 ID35939 4.301 SUM system.log shows postgres error invalid input value for enum location_m_enum ------------------------------------------------------------------------ Description: Workaround: Fixed in: 4.302 ID35773 4.301 It is not possible to create a DHCP interface ------------------------------------------------------------------------ Description: Workaround: Fixed in: 4.302 ID35735 4.301 SUM system.log shows postgres error column ev_last does not exist ------------------------------------------------------------------------ Description: Workaround: Fixed in: 4.302 ID35492 4.300 Update images on SUM appliance ------------------------------------------------------------------------ Description: Workaround: Fixed in: 4.301 ID35203 4.300 SUM SSO requests should be UTM version independent ------------------------------------------------------------------------ Description: Workaround: Fixed in: 4.301 ID35103 4.300 SUM sending INFO-310 notification, which can't be disabled ------------------------------------------------------------------------ Description: Workaround: Fixed in: 4.301 ID34961 4.300 u2dcache starts with some WARNINGS ------------------------------------------------------------------------ Description: Workaround: Fixed in: 4.301 ID34935 4.300 Unable to push group definitions containing range objects from SUM ------------------------------------------------------------------------ Description: Workaround: Fixed in: 4.301 ID34629 4.300 Accd restart loop and core dumps every few seconds ------------------------------------------------------------------------ Description: Workaround: Fixed in: 4.301 ID34610 4.300 Widget on dashboard is oversized because of too long hostname ------------------------------------------------------------------------ Description: Workaround: Fixed in: 4.301 ID34546 4.300 Coredumps after UTM removal if UTM is still in use by MSP ------------------------------------------------------------------------ Description: Workaround: Fixed in: 4.301 ID34457 4.203 It is not possible to restore backup file ------------------------------------------------------------------------ Description: Workaround: Fixed in: 4.302 ID34101 4.203 Coredump from accd and webadmin ------------------------------------------------------------------------ Description: Workaround: Fixed in: 4.301 ID33369 4.202 MSP license settings not visible in SUM dashboard ------------------------------------------------------------------------ Description: Workaround: Fixed in: 4.301 ID31825 4.250 Container ID for Feature Requests ------------------------------------------------------------------------ Description: Workaround: Fixed in: ID31824 4.200 Fail to import Webfilter Exceptions if applied to users/groups or endpoint groups ------------------------------------------------------------------------ Description: Workaround: Fixed in: ID31537 4.185 SUM doesn't support User objects and Group objects ------------------------------------------------------------------------ Description: Workaround: Fixed in: ID17554 4.000 Missing web filter categories between ASG v8 and ACCv2 ------------------------------------------------------------------------ Description: When managing web proxy URL Filtering Categories via the ACC v2.x/3.x, there are category mismatches between the ACC and the ASG's web proxy. Workaround: A fix is in progress and will be released in a future up2date. Until that time, web categories would need to be directly managed on the ASGs. Fixed in: