Register Now

Login

Lost Password

Lost your password? Please enter your email address. You will receive a link and will create a new password via email.

Sophos UTM High Availability Stuck In Up2date

Issue:

User UTM firewall is configured in high availability, he is trying to upgrade the firmware by leaving firewall in high availability mode. User observed slave node of the firewall stuck in up2date when updating the firmware.

Here is the screenshot of high availability status

up2date stuck
Up2date

Resolution:

Now from the above screenshot we can understand master node has upgraded its firmware but slave node stuck in upgrading the firmware.

This issue is possibly related to lack of space in the slave firewall, so to resolve this issue you need to login to slave firewall CLI and remove up2date files.

Steps:

Login to primary UTM firewall CLI and enter su command, UTM firewall will get root privileges now.

Execute this command “ha_utils ssh” to enter slave node firewall cli

and then execute the below three commands which will remove up2date files:

  • # rm -rf /var/up2date/sys-install/*
  • # rm /var/up2date/sys/*
  • # rm /var/up2date/.queue/* 

Once you remove up2date filesHo reboot slave node and issue should be resolved.

OR

In case if you do not have access to primary firewall and you only have access to secondary UTM firewall. Please connect console cable of the UTM to secondary firewall, you can use following article for the same:

Console

This article will actually refer you to connect to console cable to XG firewall but we can use same article to connect to UTM firewall console cable.

Then login with loginuser user name, and then enter su command to get root privileges of UTM firewall. Execute the below commands to remove up2date files:

  • # rm -rf /var/up2date/sys-install/*
  • # rm /var/up2date/sys/*
  • # rm /var/up2date/.queue/* 

Once we remove the up2date files reboot the slave node and issue should be resolved.

Hope this article helps you.