Sometimes Sophos releases updates or patterns that corrupts a function in the UTM and make that function crash! – Everytime a core dump is generated, and that is filling up the data disk.
Sophos UTM: How to access the UTM shell via SSH using PuTTY KB-000038680 08 27, 2020 0 people found this article helpful. Overview Sophos allows remote shell access via SSH. PuTTY is a Windows SSH client, that may be used to sign in to the shell and access the Sophos command line environment remotely. Putty has many options and supports. Sophos UTM 9.7 – easier, faster and more flexible and Stronger. What's new in UTM 9.7? Support for new APX Access Points In addition to the legacy AP series access points, UTM 9.7 brings support for the new. Sophos XG Firewall version 18. Sophos UTM/XG: Clear the ARP / Neighbor table; Sophos SUM: SUM core daemon not running – restarted; SOPHOS UTM: CRITICAL: Up2Date 9.705, 9.607, 9.511 Released; Sophos UTM: Up2Date 9.704 Released; SOPHOS UTM: Use Azure MFA for SSLVPN and Userportal; RE-RELEASED: Sophos UTM Up2Date 9.703-3 Released. They failed to do so in the UTM 9.7 Beta, they failed to do so in the XG and they failed to connect to Sophos Central as well. I did a bit of a digging and it seems that they are trying to contact the controller on a wrong port 2713 instead of 2712 (as they should based on this KB document (and all my Sophos training): https://community.sophos. UTM 9.7 will not include IKEv2 support, that is not saying that it will never arrive in UTM, but it is not part of UTM 9.7. The screenshot in the latest website mentioned is out of date and does not reflect the current planned content of either UTM 9.7 nor UTM 9.8. We will be shortly launching the beta for UTM 9.7 so stay tuned.
If that happens you eventualle see a notification land in your mailbox saying:
Data Disk is filling up – please check. Current usage: 82%
When logging into webadmin, you may see this:
Clearly the data disk is getting full!
To fix this, you can connect to your UTM’s shell with SSH
GO into the folder /var/storage/cores and issue a “ll” command:
As you can see here, there are a lot of dumps in this case, especially the httpproxy files are huge.
Sophos Utm 9.7 Manual
If you do not need to examine the log files, you can safely delete them with the command:
Sophos Utm 9.7 Software
“rm *” for the httpproxy files only issue: “rm httpproxy.*”
After that, all is cleared up and the webadmin will update the storage status in a few minutes:
Hope this helps ?