Zitat von
mpachmann am 4. Juni 2024, 12:39 Uhr
https://community.sophos.com/sophos-xg-firewall/b/blog/posts/sophos-firewall-os-v20-mr1-is-now-available
Important points to know before you upgrade
SSL VPN compatibility for 20.0 MR1 with EoL SFOS versions and UTM9 OS
OpenVPN has been upgraded to 2.6.0 in this version. Firewalls upgraded to 20.0 MR1 won't establish SSL VPN tunnels with the following clients and firewall versions:
- SFOS 18.5 and earlier versions (end-of-life): Site-to-site SSL VPNs won't be established between SFOS 18.5 or earlier versions and SFOS 20.0 MR1. We recommend that you upgrade both firewalls to 20.0 MR1 at the same time. Alternatively, you can use site-to-site IPsec or RED tunnels.
- Legacy SSL VPN client (end-of-life): Remote access SSL VPN tunnels won't be established with the legacy SSL VPN client, which is already end-of-life. You can use the Sophos Connect client or third-party clients, such as OpenVPN client, or use remote access IPsec tunnels. See Remote access SSL VPN with the Sophos Connect client. See Remote access IPsec VPN.
- UTM9 OS: Site-to-site SSL VPNs won't be established between UTM9 OS and SFOS 20.0 MR1. We recommend that you migrate these to 20.0 MR1. Alternatively, you can use site-to-site IPsec or RED tunnels.
For site-to-site IPsec tunnels, see Route-based VPN. For RED tunnels, see Site-to-site RED tunnel.
End-of-life RED devices
20.0 MR1 and later versions won't support the following legacy RED devices: RED 15, 15w, and 50. They have been declared end-of-life in 2023. For more details, see the article Sophos RED: End-of-life of RED 15/15(w) and RED 50.
https://community.sophos.com/sophos-xg-firewall/b/blog/posts/sophos-firewall-os-v20-mr1-is-now-available
Important points to know before you upgrade
SSL VPN compatibility for 20.0 MR1 with EoL SFOS versions and UTM9 OS
OpenVPN has been upgraded to 2.6.0 in this version. Firewalls upgraded to 20.0 MR1 won't establish SSL VPN tunnels with the following clients and firewall versions:
- SFOS 18.5 and earlier versions (end-of-life): Site-to-site SSL VPNs won't be established between SFOS 18.5 or earlier versions and SFOS 20.0 MR1. We recommend that you upgrade both firewalls to 20.0 MR1 at the same time. Alternatively, you can use site-to-site IPsec or RED tunnels.
- Legacy SSL VPN client (end-of-life): Remote access SSL VPN tunnels won't be established with the legacy SSL VPN client, which is already end-of-life. You can use the Sophos Connect client or third-party clients, such as OpenVPN client, or use remote access IPsec tunnels. See Remote access SSL VPN with the Sophos Connect client. See Remote access IPsec VPN.
- UTM9 OS: Site-to-site SSL VPNs won't be established between UTM9 OS and SFOS 20.0 MR1. We recommend that you migrate these to 20.0 MR1. Alternatively, you can use site-to-site IPsec or RED tunnels.
For site-to-site IPsec tunnels, see Route-based VPN. For RED tunnels, see Site-to-site RED tunnel.
End-of-life RED devices
20.0 MR1 and later versions won't support the following legacy RED devices: RED 15, 15w, and 50. They have been declared end-of-life in 2023. For more details, see the article Sophos RED: End-of-life of RED 15/15(w) and RED 50.
