Intercept X with Cisco ASA

Hello to all,

I would have a question regarding the ports / domains to open for my sophos intercept x clients to install.
I have already opened the domains found on this thread ( except for wildcard domains. Unfortunately my firewall doesn't handle this type of object.
Despite open domains, it seems not enough, the client does not download the application.

  • Hi  

    Would you please provide more details about the error you are receiving while you are trying to install Intercept X? 

  • In reply to Shweta:

    I didn't arrive at the installation.

    My firewall block the download.

    I think that the inserted domains are not enough. Is it possible?

    As I said before my firewall doesn't manage wildicard domain.

  • In reply to Mario Rossi5:


    The above article defines all the domains and ports required for installation and communication from the endpoint to Server. I would suggest you check under the logs where it is getting blocked if you have already allowed these ports and domains. 

  • In reply to Mario Rossi5:

    Hi Mario,

    Is the download of the Windows installer from Sophos Central failing or the download of the software via the SophosSetup.exe failing?  If SophosSetup.exe, try creating exclusions for the following:

    Also it might help if you can share with us the contents of the CloudInstaller log located in C:\ProgramData\Sophos\CloudInstaller\logs\

  • In reply to MEric:



    I've already insert those exclusion whithout success.

    The problem is not Sophos but the firewall. Seems that the destinations that I've opened is not enough to install Intercept X.

    However now I ask to my customer to tell me what he see on "C:\ProgramData\Sophos\CloudInstaller\logs\"


    Started C:\Users\ADMINI~1\AppData\Local\Temp\sfl-d4e7a181\Setup.exe
    2020-01-22T08:14:19.0300353Z INFO : Stage 1 command-line options:
    2020-01-22T08:14:19.0300353Z INFO : ---
    2020-01-22T08:14:19.0300353Z INFO : Quiet mode on: 0
    2020-01-22T08:14:19.0300353Z INFO : Automatic Proxy detection disabled: 0
    2020-01-22T08:14:19.0300353Z INFO : No feedback mode on: 0
    2020-01-22T08:14:19.0300353Z INFO : Dump feedback enabled: 0
    2020-01-22T08:14:19.0300353Z INFO : Bypass competitor removal: 0
    2020-01-22T08:14:19.0300353Z INFO : Using CRT catalog file path: --
    2020-01-22T08:14:19.0300353Z INFO : Only register endpoint with Central: 0
    2020-01-22T08:14:19.0300353Z INFO : Log messages between endpoint and Central: 0
    2020-01-22T08:14:19.0300353Z INFO : Log command-line passed to executables: 0
    2020-01-22T08:14:19.0300353Z INFO : Using custom server that hosts the installer stage2 filename : --
    2020-01-22T08:14:19.0300353Z INFO : Using cloud group: --
    2020-01-22T08:14:19.0300353Z INFO : Overriding computer name: --
    2020-01-22T08:14:19.0300353Z INFO : Overriding computer description: --
    2020-01-22T08:14:19.0300353Z INFO : Overriding domain name: --
    2020-01-22T08:14:19.0300353Z INFO : Language will be set to: --
    2020-01-22T08:14:19.0300353Z INFO : Using message relays: --
    2020-01-22T08:14:19.0300353Z INFO : Proxy address: --
    2020-01-22T08:14:19.0300353Z INFO : Proxy user name: --
    2020-01-22T08:14:19.0300353Z INFO : Using custom customer token: --
    2020-01-22T08:14:19.0456501Z INFO : Using specified products: --
    2020-01-22T08:14:19.0456501Z INFO : Using certificates from the MCS app data folder.: 0
    2020-01-22T08:14:19.0456501Z INFO : Using custom customer ID.: --
    2020-01-22T08:14:19.0456501Z INFO : Using specified user ID.: --
    2020-01-22T08:14:19.0456501Z INFO : Using local install source.: --
    2020-01-22T08:14:19.0456501Z INFO : ---
    2020-01-22T08:14:19.3045082Z INFO : Sending HTTP 'POST' request to: api/download/stage2-details/f14b606f-acdd-4bb5-815c-fd032ee39fcf
    2020-01-22T08:14:19.3200200Z WARNING : WinHttpGetProxyForUrl returned: 12180
    2020-01-22T08:14:19.3200200Z INFO : Attempting to connect using proxy '' of type 'Empty Proxy'.
    2020-01-22T08:14:19.3200200Z INFO : Set security protocol: 00000800
    2020-01-22T08:14:19.3200200Z INFO : Opening connection to
    2020-01-22T08:14:19.3200200Z INFO : Request content size: 31
    2020-01-22T08:14:26.2843333Z ERROR : WinHttpSendRequest failed with error 12029
    2020-01-22T08:14:26.2843333Z INFO : Failed to connect using proxy '' with error: WinHttpSendRequest failed
    2020-01-22T08:14:26.2843333Z INFO : Cleaning up extracted files

  • In reply to Mario Rossi5:


    Please check this article and see if it helps. If you try to download and install from other network source is it successful? 

  • In reply to Mario Rossi5:

    Hi Mario,

    Try excluding '' as well as it looks like that is where the installer is getting caught up in the logs.  Make sure there's no HTTPS scanning that's occurring this this site.

  • In reply to MEric:



    my customer tried to launch this command:


    sophosSetup.exe --proxyaddress=X.X.X.X:port

    via powershell and then the client installed the software

  • In reply to Mario Rossi5:

    Hi there,

    Glad to know that issue has been resolved for you. Feel free to reach out to us for any further concerns.