We noticed that webpages and email photos are loading slow on our XG125 Even the web interface for the XG Firewall seems to load slowly we have checked with our ISP and there are no problems with our cable modem, we also disabled the IPS and Web filtering…

Good day. I am new to networking and firewalls and I'm not sure if i setup the firewall correctly My home setup consists of a ADSL modem(bridge mode)> Mikrotik Router HAP AC2 >PI Hole DNS> Switch,. the ADSL(only service available where I stay )…

Hello together, I am trying to allow traffic to specific websites using firewall rules with FQDN-Hosts as Destination. Unfortunately this is not alwas working as expected: I try to reach github assets under https://github-production-release-asset…

Hi guys, i am not quite sure if I am studpid and overseeing something obvious or if my sophos is behaving strange. I am using Sophos XG in Microsoft Azure and have set Sophos XG as DNS Server for all systems. Traffic from all Systems to Sophos…

Our XG firewall is also running as a DNS server. We have a device sending DNS requests to our firewall trying to get the ip for a malicious domain, and we are trying to identify the ip of the device sending the requests. From what I can see XG…

Hi there I have read a lot in the community but did not found any post who helped me. Try to keep it simple. I have two LAN ( LAN1 10.2.80.0, LAN2 192.168.2.0) DNS ist a Rasp PI > PiHole (10.2.80.222) In the DNS Option from the XG I have set: DNS…

I'll try to keep this short and concise with helpful images where appropriate. For Ubuntu 20.04, I download the OpenVPN config "for Android", because "for other OSs" does not work. Using the gnome network manager, I import the OpenVPN file. I'm able…

We have a few dozen XGs deployed, ranging from 105s to 210s. Most of these have very similar configurations, nothing crazy, AD authentication, Sophos Central Heartbeat, SSL and IPSec VPN, IPS/IDS, etc. At one specific site we have an XG125 that was…

Hello all, thank you for reading and hopefully someone has an answer or a workaround. We have the a Problem with DNS resolution on SophosConnect VPN Clients. If someone is connected with our vpn profile and has IPv6 enabled on the network interface…

Hello Sophos Community, I have setup the Sophos XG 115 to have two WAN links in Active Backup mode. I have setup 2 Policy Routes so that destinations in Asia goes through WAN1 and destinations in USA goes through WAN2. Everything works just fine. However…

Hello people. I am configuring the DHCP server for my client machines through Sophos XG. However, via the web, I can only assign primary DNS and Suncadario through DHCP Server. I would like to assign a 3rd DHCP. Any tips? Thanks.

I want IoT devices to use my internal DNS server. I setup a NAT rule to translate inbound DMZ interface to destination internal DNS server and I have a matching firewall rule but the traffic is getting dropped. IoT device calls to 8.8.8.8 on Port 53…

I'm having a few issues with an XG in place at the moment. Various things are failing such as checking for firmware/pattern updates, being able to use the web filtering feature and also using the inbuilt FTP backup feature. I have discovered that the…

I configured my local DNS server (pfSense) to block access to certain domains. But, when I connect to my office's VPN with Sophos Connect, the domains are not blocked and nslookup shows that the default DNS is the remote server. Is there something in…

I have an office A using 192.168.30.0/24 network. Office A LAN gateway IP is 192.168.30.170. And i have an office B using 192.168.22.0/24 network. Both office A and B has IPsec VPN connection. I added DNS host entry for Web-server01(192.168.22…

I have a XG Firewall with an active SSL VPN. I'm now trying out Sophos Connect as an alternative / replacement and so far I was able to connect from my client to the firewall and access the resources as long as I access everything via the IP address.…

Hi community, i am trouble finding the source of these google request's how do i stop this. 22:05:46.858375 lo, IN: IP 127.0.0.1.38637 > 127.0.0.1.53: 62194+ A? www.google.com.ar. (35) 22:05:46.958721 lo, IN: IP 127.0.0.1.38637 > 127.0.0.1.53: 62194…

Hi everyone, How and where do I enable wildcard blocking? I want to block all the stupid, ",io" TLD's among others. Something like this; https?://[A-Za-z0-9.-]*\.io/ just not sure where to put it. Thanks in advance!

Is it possible to create a DNS reverse lookup DNS request route for internal network ranges? It is mandatory for a mail gateway but does not seem to work when I set it up like in the screenshot and help button is no help. It can be done in UTM / SG…

Either locally or through Central is there a way to perform 24/7 dns logging from multiple sfos 18 xg's that doesnt require tcpdump packet capture?

Hi! Currently I'm planning a deployment of an XG system at a customer site. We have to do a "soft switch" from the old firewall to the new one, because of the remote access VPN, which are already deployed. For the most part I don't see any major problems…

I'm using Sophos XG as my DHCP server but a separate device (Pi-hole) as my DNS server. Everything works fine and Pi-hole is functioning as expected. However, if I shut down the Sophos XG DNS service, I can no longer access any websites (i.e. no longer…

I have a SSL vpn profile (PROFILE 1) through which majority of my users login remotely if required to access the LAN For a small group of contractors i have created a separate SSL VPN profile (PROFILE 2), so they have access only to 1 resource (SERVER…

Hi, i have a VPN with two XG Firewalls. One Branch Office and a Headoffice. At the Headoffice side i have the Domain DC). Now i want to join Clients in the Branch Office to the Domain. For this an working DNS with forwarding to the DC is needed. …

We are using XG230 firewall with latest firmware. We are web development company, we frequently update pages and DNS for our clients. But these changes not update for the users under firewall proxy rules. At same time, it is working fine with users without…