Configuring VPN Remote Access for the first time on your Sophos XG Firewall? Check out this useful Community post!
Advisory: Sophos XG Firewall - Antivirus service stopped due to failed pattern update. Please visit this KBA for the latest updates
We'd love to hear about it! Click here to go to the product suggestion community
Does anyone here use Sonos in combination with XG? I can't seem to update Sonos. I do not get any error messages, it just says 'No update is required', and I know there are more recent versions of the Sonos controller app available.
Sonos says I can't reach the update servers, but their support is not very good.
All playback works well.
I run Sonos at home but I've turned off the Web Filtering(AV) and IPS stuff by excluding each of the Sonos speakers that I have. (I just have a rule for Stuff that shouldnt be filtered right above my default internet firewall rule that doesnt include any filtering/scanning so I ues that for Sonos devices and my Rokus around my house) I never have an issue with the actual software updates on my windows client(or mobile phone) though.
I'll double check when I get home from work to confirm this is true.
In reply to Scott_D_L:
Would be great if you could please elaborate on this in a bit more detail, preferrably with some screenshots.
I do not know how to disable Web Filtering on the XG. Please, if you would be so kind to explain in detail I'd be very happy.
I tried to do this, but it didn't make any difference. I find the interface of XG confusing and there is no button to completely disable the web filter that I can see. The IPs are my Sonos speakers.
In reply to Sven David Hildebrandt:
you don't disable the web filter, you just don't add it to your firewall rule.
Please see the explanation given above about creating a firewall fule at the top for your sonos devices only.
The XG uses a different approach to application filtering etc to the UTM and most home routers. The XG approach is the current industry NGF in protection, other companies have similar approaches..
In reply to rfcat_vk:
Yeah ok, but I am not sure how to create this rule, sorry. I don't know what needs to be in it....
after breakfast I will post a rule that you can try out.
the following should give you a rule that achieves your goal.
1/. create a fixed IP address for your sonos either by dhcp static or in the sonos itself.
2/. create a rule at the top of the list, destination any, network any, source any, network the IP address of your sonos.
3/. add your sonos IP address to the match known user tab.
4/. add nat (MASQ)
5/. add gateway.
6/. tick log traffic box.
Thanks Ian, will try this tonight ! Will let you know the outcome. I will also post a screenshot, makes it much easier :-)
Hi, I did this. SRV is the Windows host where the Sonos Controller App runs. Sonos Systems is the loudspeakers with IP-range 192.168.55.101-110.
I also tried unchecking the 'Match know users' but it didn't make any difference. It was not possible to find the Sonos System in the user or group box, probably because it's a host. The rule is placed on top.
Still doesn't work, but I suspect there may be something wrong with the Sonos Controller App. Either that, or the updates I know exists, are not mandatory and won't trigger when checking for updates. I'm having a hard time getting some proper help from Sonos.
the fact the sonos is a host is no reason for it not to show. Can you see it in the logs? It should have 1 IP address, are you able to ping it from your network?
Can you access it to see networks details it has been assigned? Sounds like it might be upnp device?
It makes sense to me that a host won't show in a box/list of users. See image:
Notice: I said in my previous post that SRV is the host where the Sonos Controller app runs. This was wrong, my bad. The host is called i7 and it's also assigned to the source network and devices instead of SRV (as you can see from the image). i7 is a Windows 10 PC.See also an image from static DHCP. These are all SONOS units (various loudspeakers and they can all be pinged.) The Boost is the unit that creates the wireless network that the Sonos speakers use.
In my situation all I had to do was create a Web Protection Exception for Sonos' update site. I've inserted a screenshot of that exception for your reference.