Important note about SSL VPN compatibility for 20.0 MR1 with EoL SFOS versions and UTM9 OS. Learn more in the release notes.

  • Sanity Check: Cabling dual ISPs

    Sanity Check: Cabling dual ISPs into separate VLANs and then plugging each one into the Sophos WAN port. Hey All, How are you doing? I wanted to reach out and ask my fellow network engineers at Sophos for a sanity check on my setup. I have a cluster…
  • Server on Different Interface not Reachable from LAN

    I have a server on interface A with its own zone and a static IPv4. It is not reachable from the LAN zone on interface B, even though I have a firewall rule with logging on top of any other rule that says allow from LAN, Any host to Server_Zone, Any host…
  • Configure and Test Best Practice

    Hi, (First, apologies. If this question makes more sense in the UTM forums I'll start there, but I imagine doing it wrong would cause problems with my XGS too before I even get started.) After many years, and some trepidation, I'm moving from a UTM…
  • Sophos XG v18.5.1 - Disable an Interface

    I read in several forum posts that the ability to disable and enable an interface was slated for a v18 feature set, but I do not see it - so I suspect it was not implemented? That would be a pretty big step back to still be missing after 4 years of planned…
  • 2 WAN interfaces to 2 LAN interfaces

    Good day all, I am running Sophos XGS3100 Firewall SFOS 18.5.2 MR-2-Build380 I'm trying to get lan 1 to wan 1 and lan 2 to wan 2, and in the future it will be lan 3 to wan 3. I tried to do this via SD-WAN and Static route but after about 10 minutes…
  • How do I assign certain routes to each of my interface ?

    Hello everyone, Sorry for being a noob here. I have the following network map layout: I use a dual-WAN bandwidth aggregation configuration rather than a failover one for most of the interfaces. However, I look forward to: Assign my TrueNAS server…
  • Help with dual WAN config and second router

    Dear community- I have a scenario I would like to achieve with XG330 and a Synology router. Background story: We have a small office setup with a Synology router, that handles our WAN, LAN, Wifi and VPN (IPSec to GCP as well as L2TP for road warriors…
  • Conection between two sophos - cannot ping

    Hello I have two sophos connect together. Sophos1 - switch - Sophos2 I have multiple VLANS between them. All vlans have owen subnet. Phisical interface has also owen subnet. I cant ping betwen vlan interface. Whatever i use. But Phisical interface…
  • Sophos XG Home: Select interfaces or allow > 5 ?

    The server I have in my lab has 4x10G SFP+ and 4x1gbit ethernet built into the board. Sophos is detecting the 4xSFP+ and only 1x1gbit. Is there anyway to force Sophos to see all 8 or have it ignore the 4x10G SFP+? It looks like Linux under the hood but…
  • Traffic between two interfaces (LAN to LAN) only works one way.

    Hello everyone, I am trying to connect two LAN's that I setup on two separate interfaces (Port 1 and Port 5). I also created a new zone for the LAN on port 5 called TEST_LAN. Here are my rules. RULE 1: LAN to TEST LAN Source Zone: LAN …
  • XG configuration with Optimum and Arris TG1672G

    Hi Can someone help set up Arris and XG firewall? I just got cable internet form Optimum but wish to use my own cable modem. It is Arris TG1672G which I am able to configure fine until I plug in coax form cable company and it gets provider's config…
  • Failover strategy for unstable wireless WAN connections

    I've got our XG firewall set up for 3 WAN connections as we are in quite a rural area and internet connectivity can be spotty. I have the primary connection, which is a wireless system up to 100mbit up and down. I have a secondary connection which…
  • XG 135 internet loss, every after 20 minutes

    I am using my Sophos XG135 as a DHCP server and configured in gateway mode, Running firmware version SFOS 18.5.2 MR-2-Build380. Internet connection is only active for a period of a bout 20 minutes and then it is lost but the WAN interface shows it is…
  • XG Home Edition Issue

    I have a device with 3 ports, Port 1 is 172.16.16.16 and works, hands out IP addresses OK. Subnet is 255.255.255.0 Port 2 is WAN, working OK Port 3 in LAN, tried Static IP, DHCP but it will not hand out IP addresses. Tried adding DHCP, but…
  • Anyone have Starlink working with an XG/XGS?

    There was a previous thread around a year ago where Casey Luchsinger was having issues getting a Starlink device working on an XG. The thread showed no resolution. One of our customers has ordered a Starlink service (to our surprise). Has anyone successfully…
  • Issue with ALIAS ip's op WAN interface

    Hi, We are in a migration traject from barracuda firewalls to a Sophos 2300 A/P cluster. Our cluster is running: SFOS 18.5.2 MR-2-Build380. Yesterday evenening we tried to implement our new firewalls but we have hit a issue where we were not able…
  • Cellular WAN SSL VPN??

    Hi Community. So I have 2 questions. Both overlap, so answering one may do the other. I have a client with a Cellular WAN as their only WAN connection. 1. How do I expose the User Portal via the Cellular WAN connection? The internal IP and external…
  • SD WAN - can only select one interface

    hi all, under "routing > SD-WAN policy routing > add" incoming interface - you can only select one interface from the drop down menu but under "rules and policies > NAT rules > new nat rule" you can select multiple "inbound interfaces" just wondered why…
  • Multiple WAN (primary and secundary) with multiple IPs

    Hi, I have a scenario, where my ISP gives us 02 interfaces being primary (WAN1) and secondary (wan2). Above these WANs it routes some ips to them, so in case the primary fails, the secondary continues to serve these ips. That way, I can put a certain…
  • How to enable gateway on XGS 2100

    I have a small ICMS network to deploy. There are several VLANs involved. Devices in some VLANs are to be allowed talking to devices in other VLANs, but not all devices are allowed to talk to all other devices. I am expecting all routing to be done by…
  • Sophos XG "crashing" VDSL modem

    I am not sure how this is possible, but I have issues where the XG firewall causes my FTTN DSL modem to stop responding. Intended Layout (worked for years using VMware workstation edition, recently moved to Hyper-V but think it worked for a while) is…
  • Remove ip address from a physical interface with VLANs

    Hi, I have the WAN port and the LAN port with 2 VLANs on each. Since it is possible from SFOS 18 to have no IP address on physical interfaces with VLANs, I need to get rid of the "dummy" addresses, but : if I uncheck IPV4 configuration on the…
  • Heads-Up: SFOS 18.5.2 MR-2-Build380 losing PPPoE-Passwords

    Just a quick heads-up: I did the newest MR-2-Update on a few Customers-XG devices and all of them lost their PPPoE Passwords. All I needed todo was re-enter the correct password and everything was fine again. Keep in mind: Your ISP might lock your Account…
  • NaT to Bridge Mode

    Hello Will changing from NAT to Bridge Mode erase all FW rules?
  • Sophos XG and PRTG

    hello do I need PRTG to monitor Sophos XG network traffic (download , upload) for each interface or Sophos XG has all these monitoring data. thanks a lot