I am having the same issue but it looks like only the Sophos engine is not updating. I tried rebooting the appliance but same result. Also we have two appliances and getting the same issue so it may be something with the update site.
After typing this reply I found this on the community site:
I have the same error. Cisco informed me via email that they are aware of the issue.
Cisco is currently aware of a problem with customers receiving an alert(s) that their Email Security Appliance (ESA) Sophos Anti-Virus Database has expired. Customers who have appliances running Sophos SAV Engine Version 3.2.07.350.1_4.97 may receive these alerts starting on May 16,2014.
The Sophos Anti-Virus engine is still processing and scanning emails although this alert is present. At this time, customer interaction in not needed. Engine and IDE updates are still processing. The IDE serial timestamp will increment and be represented from the latest updater download.
To see the output please use one of the following methods:
From CLI: ‘antivirusstatus sophos’
From GUI: Security Services -> Anti-Virus/Sophos
An example of the IDE Serial is shown below:
IDE Serial 2014051603
We will continue to monitor the issue and provide an update on this issue via this case if requested. If you would like to monitor the situation, the following link will be updated as additional information comes available:"
Aaron.buss mentioned he received a notification email for this issue. How do I get signed up to receive these types of notifications? I am signed up to receive alerts using the Cisco Notification Service, but I'm not sure that's how these types of notifications are generated.
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...