Important note about SSL VPN compatibility for 20.0 MR1 with EoL SFOS versions and UTM9 OS. Learn more in the release notes.

  • XG Firewall - How to create static IP addresses

    I'm in the proces of setting up a Sophos XG on an Intel platform and step by step overcoming the differences I encounter from other FW products I have used. I mainly have experience with Untangle and Ubiquiti products. The plan was to onboard all of…
  • Creating Firewall Rules for Sophos Central Guest Network

    Hi, I have replaced the UTM with an XGS. I added the existing older access points to Sophos Central. The guest network under Settings Client Addressing is in Nat Mode. Is it only possible to create firewall rules for the guest network, when making…
  • Behaviour of Application Control

    Good Monring, I've an XGS v19.0.1 and want to set an Application Filter (AC) on top of existing Firewall rules. But i'm not sure if i'm understanding how this mechanism is working. My fw-rule is from "serveral internal zones" with "several defined…
  • STAS and User logging not working as expected

    Hi all, Hoping someone can point me in the right direction. I have enabled STAS on our Sophos XG. I can see user showing on the STAS Agent on the server. I have also added the server to the XG on the Auth List and connections pass without issue…
  • Sophos Firewall - Feature request - Rule Group parameters

    Since Ideas.sophos.com has been retired and it wasn't clear if its replacement is operational, yet I went by the retirement article suggesting using the discussions. Sophos Firewall - Feature Request - Rule Group parameters, While working on firewall…
  • IPv6 firewall rule country group

    Ive been asked to setup a firewall rule to allow 1 country access in. But the IP address that's showing is an IPv6 one. Ive been into the separate IPv6 tab in firewall rules to try and add the rule in but I cant select any country group as the source…
  • Sophos XG No Internet

    Hi everyone, I am in a bit of a situation here with my Sophos XG Firewall. Earlier today I had to reboot the server that the Sophos VM is in for an unrelated issue. After everything rebooted, I have not been able to connect to the internet at all on…
  • Allow access to AD through SOPHOS XG (So users can login with AD login https://www.eplatform.co/gb)

    I was wondering if you could help me setup a a firewall rule so that outside URL (eplatform, used for digital libraries) can communicate with our AD so that users can login with their AD username and password. I have added the external host IP of the…
  • FTPS Server on DMZ , external Users can not access !

    Hi All, FW: XG SFOS 18.5.4 MR-4-Build418 i'm using ftps server configured with windows os server (IIS) in DMZ With user isolation. users will connect from external to only upload files There are dnat rule and firewall rule configured: dnat rule:-…
  • Weird Issue Accessing Netgear Router Web Interface

    Hello World, I am running Sophos SFOS 19.0.1 MR-1-Build365 I have a strange issue. I have a separate network for wireless. 10.1.1.1 and another network for my LAN 10.2.1.1 I can ping every device from each network. However, when I attempt to access…
  • Help! Migrating tricky NAT rules from UTM to XG 19

    Hi, hoping someone can help. Apologies for the long post. I'm currently building a Sophos XG appliance to replace my UTM9 as I've exceeded the 50 IP limitation on the home license. Rules and filters etc are slowly but surely being recreated in XG but…
  • unable to acess internet from sophos firewall

    Hello , This is regarding Sophos Firewall XG. We have two ISP lines Hathway which is 10 mbps and second was Netfix 65 mbps. The only thing is changed that we have upgraded bandwidth to 150 mbps to the netfix networks.. As in netfix is our primary…
  • 2 Rules for the same IP Address

    Hi All, Currently we are trying to figure out a way to perform the following Aim: Allow Certain Users to Access Google Drive and Whatsapp Web based on their IP Example: 1st IP : 10.10.10.10 - Have access to google Drive download only 2nd IP…
  • Outgoing country block rule not working

    XGS6500 (SFOS 19.0.1 MR-1-Build350) I have incoming and outgoing rules to block traffic from certain countries, both are the same (with source and destination swapped). Incoming block works, outgoing doesn't seem to trigger. I get the same result from…
  • Can't Use Live Response Feature

    Hi, I have a firewall rule for my devices that are not connected to the internet and have Sophos Endpoint installed. With this rule, these devices only connect to Sophos services and pull Endpoint updates and communicate with Sophos Central. The configuration…
  • Running Sophos XG in OpenStack

    Has anyone done that yet? We are currently trying to setup a Sophos XG 19.0.1 kvm version in OpenStack. Installation runs seemlessly. But when trying to get network traffic from LAN to WAN nothing happens. It seems as if the traffic is not getting back…
  • Can not access hosted website with Sophos Installed

    I have a server that hosts multiple dockers out to a website. I just installed my Sophos and configured a basic Lan > Wan rule with no web filtering at all. But when I go to the sites I get a 522 error. So I believe all I need to do is to get Sophos to…
  • Use 3cx Phone from outside network

    Hi Team, I`m running Sophos XG 135 firewall. I `m using 3CX for CRM. I want to setup IP Phone outside my network(Home). Soft Phone is working fine but I want to use IP Phone. Can you please help me to achieve this. My email id is hiren@bmg.ng…
  • Malware and Virus protection in Sophos XG

    Hi there, I discovered Sophos XG and am pleasantly surprised by the configurations that can be put in place to secure your network. A big thank you for the work done on this tool. Also, I managed to create my various firewall rules based on groups…
  • Iimpossible to route my different vlans configured on mikrotik to the internet

    Hello Mr, I configured 3 vlan with a dhcp server on my mikrotik router. until everything works well: the PCs of the different networks manage to receive ip addresses from the different vlans. However when I connect this mikrotik router to the sophos xg…
  • switch to xg

    Hello everyone, I hope someone can explain me.... Im trying to connect a trunk port to xg, however looks like im missing something which i dont fully understand. server: static ip switch: link to server = vlan 1, link to xg trunk added the vlans…
  • Block external site only for single IP address in LAN network

    I'm trying to block single website on single LAN address (both http and https protocol), but without success... My device: XG310. I got also DHCP service on Sohpos. How to block this site for single IP? Thanks in advance, Tom
  • USA country group issue

    We have an exchange firewall rule that we only allow certain countries as the source. If someone goes on holiday we add the country and that works but recently we did this with the USA and the person couldn't access their emails or owa. I couldn't find…
  • Firewall not picking up IP for FQDN

    have a firewall rule to allow outgoing connects for teamviewer using a FQDN of *.teamviewer.com However, when local endpoints trying to connect using one of the IPs in this FQDN the firewall blocks the request due to it bypassing the rule. I can…
  • Allow only certain traffic to exit Windows in a XG environment

    Running a Windows Server farm on VMware in a XG environment . We want only certain allowed traffic from the Windows Server to exit the network. ( Eg in a Windows 2019 SQL server, block all outgoing connections to office.com, SharePoint, www and allow…