2016-12-07

Sophos XG firewall once again kills backup with Crashplan Central (Cloud)

It seems such a long time ago I battled with Sophos XG firewall (v15.x) to get Crashplan Central (Cloud Backup) to work through it (#1). Last month I upgraded to v16.x and hey, what do you know? A new problem with connection to Crashplan Central.

To make a long story short (read the forum posts), there's a bug (what else is new when it comes to Crashplan and XG) in v16 (including v16.0.1.1) that blocks the crashplan traffic. It's confirmed by Sophos KB (#2) and they say:
In certain situations traffic being passed through the XG firewall may appear be passed through the proxy even when no Web Policy is enabled within the relevant firewall rule and HTTP/HTTPS scanning is disabled."
Both the KB and forumpost (#3) gives a workaround:


    1. Connect to the XG firewall via SSH and select option 4 (Device Console) from the menu
    2. run the below to disable this:
      system application_classification microapp-discovery off
    3. Restart Crashplan

    Links:
    1. https://community.sophos.com/products/xg-firewall/f/firewall-and-policies/32111/anyone-successfully-running-crashplan-backups-through-an-xg/314571#pi2132219853=1
    2. https://community.sophos.com/kb/en-us/125458
    3. https://community.sophos.com/products/xg-firewall/f/firewall-and-policies/81482/crashplan-connectivity-issues-with-xg-16/310556?pi2132219853=2&pi2132219849=84
    PS! I have not checked, nor installed, v16.0.1.2 to confirm it's still there or not. Might do that soon, and update this post.
    Post a Comment