Hallo zusammen, seit Donnerstag bekomme ich ständig die Warnung mit folgender Nachricht: Message: Access from IP address '92.53.65.166' is blocked for '5' minutes after '5' unsuccessful login attempt. Unsere Firewall ist Alert for XGS2100…

On September 4, our Firewall VPN Portal was attacked from IP 92.53.65.166 (Russia) with hundreds of login attempts for different usernames. After bloicking this, today (September 8) we have been hammered by another attack, this time from hundreds of different…

Since today we have been experiencing massive password spraying attacks on many Sophos firewalls, especially on the VPN portal, which listens to port 443. Apparently these are attacks from Russia with the IP 92.53.65.166. How can I create a rule to prevent…

Dears, I have a two firewalls, main firewall and a secondary firewall, and there is a connection between them through a VPN, in the past, access to the remte firewall from the main headquarters was through the VPN port, but now, when I want to enable…

hi, if I scan the WAN IP from my Sophos Firewall, i can see open Ports, like: PORT STATE SERVICE 21/tcp open ftp 22/tcp filtered ssh 23/tcp filtered telnet 25/tcp filtered smtp 53/tcp filtered domain 80/tcp open http 110/tcp filtered pop3 111/tcp…

First off I understand the security implications of enabling web admin access via WAN. I've added a Local services ACL exception rule to permit one IP to the WAN interface for SSH/HTTPS access, however I still cannot enable https on the WAN interface…

So i'm a bit confused and could use some help. After running NMAP on my public IP for a sanity check i was greeted with ports showing open that shouldn't be available to the WAN port. I don't have any services checked on my local service ACL for WAN Starting…

Hello, I configured a SD-RED-20 with a wireless Module and wanted to test it. The Problem is that the wireless Module isn't showing up in the AP list. When i looked in the Logs i saw that the DHCP-Request is being blocked because of Local ACL. …

Im using the Sohpos UTM Virtual Applicance MR2 Version .. I have noticed that despite creating a drop rule for all zones, networks and services, the ACL still stands in control and firewall rules take no effect, only if the LAN Access at ACL device access…

Hi, We are trying to implement local service ACL on LAN side but it's not working. After checking on community found multiple posts but none works. Below are the Drop all rule and ACL snaps: Device Access: Added another drop management portal…

Hi, i'm working on getting the correct ICMP firewall rules on my Sophos Firewall. For doing this i've created a Local Service ACL Execption rule using the service "Ping/Ping6" for my WAN zone and allowing only some common route we use, excluding the…

Hello, I'm running web server on port 443 in DMZ zone with another service running on port 7xxx. I can browse web page because of waf rule, but I can not connect to service on port 7xxx from WAN, Packet capture show ACL Violation Show…

Hi, I set up an IPsec VPN but I am getting Local_ACL violations... I want to access it from my LAN PC 172.16.16.19 The Firewalls WAN IP is 192.168.178.50 Traffic is allowed I only added 1 Firewall-Rule. I pass everything to everything... …

So most users using the remote access vpn. My thought was now, create new ssl vpn profile and give seperate "vpn zone", and allow under Administration>Device Access the Userportal. But no, you cant. Is there anyway to make this happen for single…

Hello,MR I think I found a nice bug on Sophos firewall (XG/XGS) Version 19.0 and 19.0.1 As soon as you change the port for "User portal access" from default = 443 to something else, you can access it from any zone, no matter what you checked under…

Hi everyone, This is the ACL matrix of Sophos XG v18 firewall system. Would you please explain to me in more details about the rows and columns of this ? I would like to know more in partiular about the SSL VPN column : If I uncheck the SSL…

Hey, I don't understand why the UserPortal of my Sophos XG is still accessible from WAN. I had it activated for testing purposes weeks ago, but deactivated once we started to use the Firewall. I can still sign in when just connecting to…

I have my service ACLs ticked as follows, but I seem to be having issues with the WAN ones. Even though I have ping/ping6 and SSL VPN ticked for the WAN zone, I am unable to ping the public IP of my WAN interface, or connect using the Sophos VPN client…

Setup SNMP on the Sophos - the SNMP Server is located on our Azure VPN. Firewall rules are set to allow all, but getting Error Violation Local_ACL. In Device Access VPN has SNMP checked. Is there a ACL that need to be adjusted I do not see? SNMP is…

I would like to be able to ping our WAN interface from specific external IPs, but the only thing I am seeing I can do currently is allow Ping/Ping6 via the ACLs (Administration > Device Access > Local Service ACLs). When doing so, this seems to open it…

This is the settings for the device access. I also added the remote IP that is allowed to access the Webadmin via https on the Wan. This works. But when i try it on my phone which has a total different IP it also works. Am i forgetting something…

Hi, Is it still not possible to add an FQDN host to the Local Service ACL to limit the WAN access to the firewall? What if you have a dynamic IP and want to use dynamic dns in ACL? Thanks.

Hello, I have just received new Filrewall Sophos XG135 and Partner has configured it. We are not able to to Access WAN IP with specific port from LAN Network Sophos XG135 OS 18. Please guide with explaination of rule creation. Vikas

Hey Community, This KB article provides information about the Local Service ACL (Access Control List) and how it works on the Sophos XG Firewall. [This was suggested as part of our Knowledge Base Article Suggestion forum . To say thank you, shred…

I'm trying to understand Local Service ACLs - what do they actually do? Are they simply opening ports for a specified zone? That's what I initially thought but after some testing, I'm confused. For example, if I'm using Sophos XG as my DNS server and…