Important note about SSL VPN compatibility for 20.0 MR1 with EoL SFOS versions and UTM9 OS. Learn more in the release notes.

  • Outgoing country block rule not working

    XGS6500 (SFOS 19.0.1 MR-1-Build350) I have incoming and outgoing rules to block traffic from certain countries, both are the same (with source and destination swapped). Incoming block works, outgoing doesn't seem to trigger. I get the same result from…
  • Can't Use Live Response Feature

    Hi, I have a firewall rule for my devices that are not connected to the internet and have Sophos Endpoint installed. With this rule, these devices only connect to Sophos services and pull Endpoint updates and communicate with Sophos Central. The configuration…
  • Running Sophos XG in OpenStack

    Has anyone done that yet? We are currently trying to setup a Sophos XG 19.0.1 kvm version in OpenStack. Installation runs seemlessly. But when trying to get network traffic from LAN to WAN nothing happens. It seems as if the traffic is not getting back…
  • Can not access hosted website with Sophos Installed

    I have a server that hosts multiple dockers out to a website. I just installed my Sophos and configured a basic Lan > Wan rule with no web filtering at all. But when I go to the sites I get a 522 error. So I believe all I need to do is to get Sophos to…
  • Use 3cx Phone from outside network

    Hi Team, I`m running Sophos XG 135 firewall. I `m using 3CX for CRM. I want to setup IP Phone outside my network(Home). Soft Phone is working fine but I want to use IP Phone. Can you please help me to achieve this. My email id is hiren@bmg.ng…
  • Iimpossible to route my different vlans configured on mikrotik to the internet

    Hello Mr, I configured 3 vlan with a dhcp server on my mikrotik router. until everything works well: the PCs of the different networks manage to receive ip addresses from the different vlans. However when I connect this mikrotik router to the sophos xg…
  • switch to xg

    Hello everyone, I hope someone can explain me.... Im trying to connect a trunk port to xg, however looks like im missing something which i dont fully understand. server: static ip switch: link to server = vlan 1, link to xg trunk added the vlans…
  • Malware and Virus protection in Sophos XG

    Hi there, I discovered Sophos XG and am pleasantly surprised by the configurations that can be put in place to secure your network. A big thank you for the work done on this tool. Also, I managed to create my various firewall rules based on groups…
  • Block external site only for single IP address in LAN network

    I'm trying to block single website on single LAN address (both http and https protocol), but without success... My device: XG310. I got also DHCP service on Sohpos. How to block this site for single IP? Thanks in advance, Tom
  • Firewall not picking up IP for FQDN

    have a firewall rule to allow outgoing connects for teamviewer using a FQDN of *.teamviewer.com However, when local endpoints trying to connect using one of the IPs in this FQDN the firewall blocks the request due to it bypassing the rule. I can…
  • USA country group issue

    We have an exchange firewall rule that we only allow certain countries as the source. If someone goes on holiday we add the country and that works but recently we did this with the USA and the person couldn't access their emails or owa. I couldn't find…
  • Allow only certain traffic to exit Windows in a XG environment

    Running a Windows Server farm on VMware in a XG environment . We want only certain allowed traffic from the Windows Server to exit the network. ( Eg in a Windows 2019 SQL server, block all outgoing connections to office.com, SharePoint, www and allow…
  • XGS2100 (SFOS 18.5.4) WebAdmin don't show some Icons

    Hi, After update to SFOS 18.5.4, some icons from webadmin portal are not shown, I'm using Edge (v106.1370.37) and Chome (v106.0.5249.119). Any suggestion how to solve this annoying issue? Thanks.
  • Machine Trying to connect to malicious domain

    IP is trying to make connection to malicious domain .But issue is that that ip by which connection is going is my wan link Interface. It mean all internal machine are getting access to internet by this and lot of my machine in my network not updated…
  • v19.0.1 - Drop & log Rule allows traffic 80/443/3128

    Due a log investigation, we have discovered a leak in the firewall policys. If you set a rule with simply complete drop & log from a source to WAN zone, Traffic with destination Ports 80/443 will be allowed. So the traffic flows to the integrated proxy…
  • How to allow specific url in SF -XG

    Hi All, I am new with the SF XG firewall, Can anyone explain here how to allow specific url step by step. Thank you Joy
  • External Connection / Mail Server

    Dear colleagues, I have an internal e-mail server and in the last few days, I have received several login attempts in an attempt to send emails through IPS port 25 coming from other countries where we do not have employees. I would like to know how I…
  • Add Exception (Rules and policies) - XGS2100

    All streaming Apps are being blocked on our Firewall but, they request to allow it in a specific user (PC) i already add the Mac Address of the unit that i want to exclude but still not working what i need to do. Thank you
  • Communication between two Lan ports

    How to make communication between two different Lan ports configured on sophos Lan Port 1 (ip: 172.16.1.1 and subnet 255.255.0.0) Lan Port 5 (ip 172.16.46.1 and subnet 255.255.255.224) Dhcp is configured on both ports. Now i want that the dhcp ip given…
  • Internet Access for DMZ clients/Server

    We have configured DMZ network on Sophos firewall and added some desktops with DMZ network configuration. Computers available in DMZ network can ping DMZ gateway. Firewall rule has been created for internet access on desktops. when we run policy test…
  • New scan to email error with XGS firewall

    Greetings everyone, Our organization's admin, sales, and accounting departments do a lot of scanning to email. We have an on-premise Exchange server. Last week when I replaced a UTM with a new XGS firewall I started getting an error on only certain…
  • Api - Update firewall rule fails

    I am trying to update firewall rule with api to change the certificate. It is usefull for let's encrypt certificate update. I have followed the community suggestion to read the rule and set the values read in the update statement (obviously changing…
  • Web Mail server

    Kindly assist Some users inside the network can't access the webmail server that is hosted inside the network
  • New Firewall polices not betting added

    When i add new policies to Sophos i keep getting warning message " The operation will take time to complete. The status can be viewed from the "Log viewer" page ". When in check Log Viewer there's nothing in the log viewer. The firewall is not yet in…
  • How to connect vm Sophos firewall port with vm ubuntu port in VMEsxi?

    i have problem when add filtering rules in sophos vm to block icmp when ping ubuntu vm ip. icmp stay reply, i feel vm sophos firewall don't connect with ubuntu. Can you help me everybody? thankyou