This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

How do i remove a invisible source/hosts?

juergenb52 over 4 years ago

Simple Question,

how do i remove a invisible source/hosts entry in email policies?

This thread was automatically locked due to age.

Parents

0 lferrara over 4 years ago

Uhm....strange!

Firmware version? Did you try with other browsers?
Cancel
Vote Up 0 Vote Down

Cancel
0 juergenb52 over 4 years ago in reply to lferrara

Chrome 79.0.3945.130

Latest MS Edge Browser

Is there any way to do this with the Shell?
Cancel
Vote Up 0 Vote Down

Cancel
0 lferrara over 4 years ago in reply to juergenb52

Ok.

Try to export the configuration in xml format to understand if it is a UI bug.

https://community.sophos.com/products/xg-firewall/f/initial-setup/93262/export-import-selective-configuration-from-xg-135w-to-xg-330-os-version-16-05-3

Let us know!
Cancel
Vote Up 0 Vote Down

Cancel
0 lferrara over 4 years ago in reply to lferrara

Also, which firmware are you running on XG?
Cancel
Vote Up 0 Vote Down

Cancel
0 juergenb52 over 4 years ago in reply to lferrara

It`s XG 17.5.9

I still Need to download the Export and browse the XML.

But if i want to add the host a second time i can´t find it anymore.

First i added a FQDN Host for the exceiption, but the email/policiy didn´t Show me the FQDN Host (not visibile).
So i removed the FQDN Host and entered it in the email/Police/exception Dialog...

So it´s still not vissible...

Maybe the FQDN Name is way to long?
Cancel
Vote Up 0 Vote Down

Cancel
0 lferrara over 4 years ago in reply to juergenb52

Check the export file and let us know. Maybe you are exceeding the number of maximum characters. To be honest, I don not know the limitation number! Sorry about that!
Cancel
Vote Up 0 Vote Down

Cancel
0 juergenb52 over 4 years ago in reply to lferrara

source/host is in the Export file.

Name length is 29 characters.
<SourceHost>*.mail.protection.outlook.com</SourceHost>

But i have Sender adresses that have 33 Charachters and are still visible.

<ExceptionPolicy transactionid="">
    <Name>Office 365 - Exchange Online</Name>
    <MalwareProtection>
      <Malware>Disable</Malware>
      <Sandbox>Disable</Sandbox>
    </MalwareProtection>
    <SpamProtection>
      <RBL>Disable</RBL>
      <RDNSAndHelo>Disable</RDNSAndHelo>
      <Antispam>Disable</Antispam>
      <Greylisting>Enable</Greylisting>
      <IPReputation>Disable</IPReputation>
      <RecipientVerification>Disable</RecipientVerification>
      <CheckforSPF>Disable</CheckforSPF>
    </SpamProtection>
    <Other>
      <Encryption>Disable</Encryption>
      <DataProtection>Disable</DataProtection>
      <FileProtection>Disable</FileProtection>
      <BanerAddition>Disable</BanerAddition>
    </Other>
    <ForTheseSourceHost>Enable</ForTheseSourceHost>
    <ORTheseSenderAddresses>Disable</ORTheseSenderAddresses>
    <ORTheseRecipientAddresses>Disable</ORTheseRecipientAddresses>
    <SourceHostList>
      <SourceHost>*.mail.protection.outlook.com</SourceHost>
    </SourceHostList>
</ExceptionPolicy>
<Time transactionid="">
Cancel
Vote Up 0 Vote Down

Cancel

Reply

0 juergenb52 over 4 years ago in reply to lferrara

source/host is in the Export file.

Name length is 29 characters.
<SourceHost>*.mail.protection.outlook.com</SourceHost>

But i have Sender adresses that have 33 Charachters and are still visible.

<ExceptionPolicy transactionid="">
    <Name>Office 365 - Exchange Online</Name>
    <MalwareProtection>
      <Malware>Disable</Malware>
      <Sandbox>Disable</Sandbox>
    </MalwareProtection>
    <SpamProtection>
      <RBL>Disable</RBL>
      <RDNSAndHelo>Disable</RDNSAndHelo>
      <Antispam>Disable</Antispam>
      <Greylisting>Enable</Greylisting>
      <IPReputation>Disable</IPReputation>
      <RecipientVerification>Disable</RecipientVerification>
      <CheckforSPF>Disable</CheckforSPF>
    </SpamProtection>
    <Other>
      <Encryption>Disable</Encryption>
      <DataProtection>Disable</DataProtection>
      <FileProtection>Disable</FileProtection>
      <BanerAddition>Disable</BanerAddition>
    </Other>
    <ForTheseSourceHost>Enable</ForTheseSourceHost>
    <ORTheseSenderAddresses>Disable</ORTheseSenderAddresses>
    <ORTheseRecipientAddresses>Disable</ORTheseRecipientAddresses>
    <SourceHostList>
      <SourceHost>*.mail.protection.outlook.com</SourceHost>
    </SourceHostList>
</ExceptionPolicy>
<Time transactionid="">
Cancel
Vote Up 0 Vote Down

Cancel

Children

0 lferrara over 4 years ago in reply to juergenb52
You can perform these steps:

remove the entry from the xml file

perform an XG backup, first

try to import the entry again

check if the entry disappears

Let us know
Cancel
Vote Up 0 Vote Down

Cancel
0 juergenb52 over 4 years ago in reply to lferrara

I dont want to restore an exported XML file.
I am not shure if this XG will survive such Methods.

I could delete the comlete rule and later the FQDN hosts.
But i´d rather like sophos to fix this.

XG 17.5.9 has enough Bugs.
Cancel
Vote Up 0 Vote Down

Cancel
0 lferrara over 4 years ago in reply to juergenb52

Juergent,

I sent you a PM. The item could be removed via advanced shell through sql commands.

Otherwise, open a ticket with support

Regards
Cancel
Vote Up 0 Vote Down

Cancel
0 juergenb52 over 4 years ago in reply to lferrara

Hi,

i have a ticket open,
but Sophos has not tested my problem.

They asked some team members. And L2 think´s it´s some kind of config error.
I should factory reset the XG and restore from backup.

Happens ins MR9, MR10 and XG18 GA
Cancel
Vote Up 0 Vote Down

Cancel