Important note about SSL VPN compatibility for 20.0 MR1 with EoL SFOS versions and UTM9 OS. Learn more in the release notes.

  • Sophos XG Firewalls Need Reboot

    Hello: I was wondering if anyone has ever come across this issue. We have two XG210 firewalls in HA mode. There are three WAN connections inbound. Today, one of the WAN connections was showing offline all of sudden. I was able to ping the WAN…
  • Sophos XG 330 - Unable to ping

    Hello, We have a Sophos XG330 running 18.0.4 MR-4. The HA was working fine till yesterday and then suddenly no one in the network could access the internet. Unable to ping the HA, unable to get through using the WebGUI. The HA screen shows the static…
  • XG Firewall crashed after changing port 2 WAN IP address

    I have a HA pair of Sophos XG 310 firewalls on v17.5-MR12 - been running fine for a few years now. The story begins... I had port 2 WAN set up with an IP address and multiple alias addresses on top of port 2, + a VLAN interface on top of port 2 which…
  • XG 330 HA Active-Active and Lag to 2 Dell S5524F-ON switches in VLT

    I am setting up a new environment. I have 2 XG 330's that I am planning on deploying in Active-Active mode. On the LAN side I will have 2 Dell S5224F-ON switches. The switches will be utilizing VLT (equivalent to MLAG). My plan is to utilize flexi ports…
  • LAG - Move from 1GB to SFP Ports

    Hello I have a pair of XG330's in HA mode (Active/Passive). I'm running V18.0.4 MR-4 Currently these are connected to my Core switch in a LAG LACP 802.3ad (Ports 4+8) and we have 11 VLAN's configured on this LAG interface. We have just purchased…
  • HA Passive Module License XG450 (SFOS 18.0.4 MR-4)

    Hi everyone, My client bought two XG450 Sophos as HA Activ/Passive, one license for the Active module everything works fine, but in MySophos Portal it shows that the only Active module is licensed and the slave is not. will the passive module still…
  • Question around XG230 HA(Active-Passive) using LAG for port monitoring

    I have 4 ports that are assigned to my LAG1. If I use LAG1 as "ports to be monitored" in HA setting, does this mean all 4 ports need to go down to trigger fail over? If only one of the 4 ports go down, it will not trigger fail over?
  • WAN Failover to VPN connection

    Im trying to setup failover connections so that in the event of our WAN (P2P) connection fails the sophos auto fails over to our WAN (VPN) connection. the wan P2P connection also has static routes enabled so these would need to failover aswell.
  • Sophos XG HA Design

    Hello , i just want to know if this is a do-able design config wise for Sophos XG HA (Active-Active Mode) - as you can see on the diagram, i have 2 DC which has 300 meter distance in between.
  • WiFi stops working after a few minutes upon an HA failover

    I have a pair of 230 (mix of SG and XG but same port configurations) running in an HA configuration. I also have 2 AP100Cs and an AP55. My network backbone is a pair of stacked Cisco SG-500s with PoE. I have the following for the port configurations:…
  • Is it possible to change the time zone, when HA is enabled? (Answer)

    Hi, I was searching for an answer for my problem, as I had to change the time zone of my XG Firewall V18, and ended up at this Thread (which is closed) https://community.sophos.com/xg-firewall/f/discussions/108679/is-it-possible-to-change-the-time…
  • ha active-passive : change wan physical port from 1G to 10G

    I should like to change WAN physical port from 1G to 10G. My XG230 with the newest firmware is HA active-passive. What is the best scenario for this change and the shortest interruption of the communication ?
  • HA peer stuck as faulty

    I just upgraded a HA setup of XG310 models to 18.0.3 MR-3 from the most recent 17.5 firmware. The upgrade appeared to have have gone smoothly but I discovered that the auxiliary device has ended up as "faulty". The device itself is in perfect working…
  • HA Status faulty

    Hello, what is this HA info page telling me? HA is green and the peer is faulty. Does it mean, the peer is alive but unhealty or does it mean, peer is dead?
  • XG HA: Kernel Panic on Auxiliary Appliance 18.0.1 MR-1-Build396 Tainted Module winbindd

    Hello Community, this is my first Post here. We updated our Cluster this Weekend to 18.0.1 MR-1-Build396. After the update both Devices restarted. One took Master Role and other Aux all fine... for about a minute. Auxilliary Device dropped to Faulty…
  • Does XG have a feature that functions like GLBP or VRRP?

    We're looking to implement HA for the LAN and we're wondering if the XG has the ability to do HA without syncing its configurations because each firewall would have different WAN connection settings. Is this available in XG? (I essentially want it to…
  • HA - firmware version mismatch with peer device

    Hi every one. I've been trying to set up two XG210 in high availability (active - passive) however, although both devices have the same firmware send us the message "firmware version mismatch with peer device". Both devices have SFOS 17.1.2 MR-2.
  • High Availability

    Hi All, I have some questions regarding HA. How to configure Cluster IP and seperate IP for accessing the devices? How to configure HA when different WAN for both the devices? Will the Auxilary device WAN will be connected when device is in…
  • Sophos XG Firewall - HA Active/Passive

    Hi All, I have an issue getting HA - Active/Passive to work between 2 VMWARE Clusters In my environment. I have set these up many times and ran into a few issues. Hoping someone can assist. VM Spec - Cluster 1 VM Spec - Cluster 2 HA Setup…
  • HA Active-Passive Configuration on VMs (devices not accessible)

    I'm attempting to spin up a new HA cluster of a couple of XG VMs for a new environment. This is hosted in Hyper-V I followed the basic setup here for active-passive mode: https://community.sophos.com/kb/en-us/123174 I confirmed that the devices can…
  • High Availability Peer Sanity Check Failed

    I've finally had time to spin up another ESXi Server in my HomeLab, and now that Allow High Availability with DHCP is viable I went to setup an Active-Passive High Availability solution like I've been using in UTM 7/8/9 since forever, however, it keeps…
  • [Fresh From the Press: Latest KB's] Sophos XG Firewall: How to rollback to previous firmware version in High Availability

    Hey Community, This KB article describes the steps to rollback to a previous firmware version in High Availability (HA). Regards, FloSupport | Community Support Engineer
  • New video on configuring the Sophos XG INBOUND HA in Azure

    Here's a new video that covers how to deploy the Sophos XG inbound HA in Azure. https://youtu.be/AyWJukXnMHI It goes through the content in this KB - community.sophos.com/.../127934
  • Active-Passive with NO port monitoring

    Curious: Any takes on what happens when HA Active-Passive is enabled but without any port monitoring? Will it fail-over in case of power unplugging or other hardware breakdown?
  • XG230 - High Availability - Unable to connect with peer device

    Hi all, Hoping someone on the community can assist with the set up of HA. We have 2 x XG 230 devices, both have been registered, both have the same firmware. I have followed this article to the letter - https://community.sophos.com/kb/en-us/123174 to…