Important note about SSL VPN compatibility for 20.0 MR1 with EoL SFOS versions and UTM9 OS. Learn more in the release notes.

This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

SSL/TLS inspection | bridge mode | multiple local subnets | SSL connections time out

Dear community,

i think we are suffering the same problem mark57165 described in his post 'IPS Service - with no FW rules - Prevents Certain Sites from Loading'.

https://community.sophos.com/sophos-xg-firewall/f/discussions/134535/ips-service---with-no-fw-rules---prevents-certain-sites-from-loading

Our Situation:

SOPHOS XG / XGS Firewall

in Bridge Mode

no firewall rule / no SSL/TLS inspection rule for the problem connections

multiple IPv4 Subnets on the LAN side

SSL/TLS connections from one local subnet to another local subnet time out

Unsatisfying workarounds:
- disable SSL/TLS inspection completely
- stop IPS Service
- add bypass-stateful-firewall-config rules for the local subnets


Is someone facing the same problem?

Did someone find a solution?



Regards, Nicolai



This thread was automatically locked due to age.
Parents Reply
  • Hi Elardus,

    we have this problem / this situation on multiple (=all) XG and XGS Firewalls. We have one XG 106, all others are XGS 87 or XGS 107.

    All firewalls have at least SFOS 19.0.1 MR-1-Build278.

    The Screenshots are form my local environment which I reconfigured to reproduce and test the problem scenario.

    Here I have a XGS87 with SFOS 19.5.3 MR-3-Build652

    Regards, Nicolai

Children