Hello,
The Reports Dashoboards show me lot of P2P and X-VPN between SSL VPN Clients and local servers, thing that i found it weird
When i tried to find the port used between the user and server, it show me only the category.
This is an example.…
Hey guys.
I went to look for web browsing logs and no record was found.
It has marked in my firewall rules as well as the web filter to do logging.
I do the policy test and see that it matches the correct firewall and web rule for browsing.
Notice…
Hi everyone
i'm asking about the difference between web authentication and client authentication regarding reports because my senior says it's necessary to use client authentication to get a clear report for users while i see that both are the same…
Hej,
Is there a way to create a report in Web Protection that shows all the user agents of the network devices on the network? I would like to make an evaluation of all systems of the last month.
Thanks a lot.
We have 2x XGS2100 (SFOS 18.5.2 MR-2-Build380) in High availablity in (Active-Passive)
They have a Dedicated HA link
Dedicated peer HA link IPv4 address 192.168.10.2
Dedicated peer HA link IPv4 address 192.168.10.1
When I look in Log viewer…
Hello,
About three months ago, I scheduled two security audit reports to be emailed to me. They have been fine up until about a month ago. I'm not sure what happened, but the reports now have no results. All the sections are now blank / empty with …
Hi,
I've got two isp's and a site to site RB Tunnel to our branch office. I've configured two vpn tunnels and routing rules with differed metrics, failover if the primary tunnel fails works but we get no notification of this.
The xfm interface is…
Upgrading my Sophos HyperV Firewall from SFOS 18.5.1 MR-1-Build326 to 18.5.2 MR2-Build380
posted this error during update routine.
All works fine but trying to restart on-box-reports show this prompt Sophos Firmware Version SFOS 18.5.2 MR-2-Build380…
I am very disappointed in the error reporting functionality of the XG v18 firewall. Actually, the error reporting just isn't useful at all. Today I have a bounced message due to certificate issue on the recipient end. But the only way I know that is a…
Hello, I have a problem with the Sophos XG (SFOS 18.5.1 MR-1-Build326). It's about the search engine log. I have set everything in the policy as described in the instructions.( https://support.sophos.com/support/s/article/KB-000035785?language=en_US …
www.elastic.co/.../filebeat-module-sophos.html
I am trying to use the sophos module that you seems to have contributed in elk stack. I followed the documentation at www.elastic.co/.../filebeat-module-sophos.html and was able to get the data into ES…
Hi all,
every firewall rule has an easily readable summary on the right hand side for audits and the like. Is there a way to export all of these summaries in some kind of report? Are you aware of any other reports that could be useful for 3rd party…
i've got a deeplink to Messages (sophos.com) but i would like to get my hands on the current (18.5) version so i can find messages that our firewalls are logging right now so i can parse them for our siem.
and while i'm asking this, it would be so…
Log Viewer --> Authentication. I went to search for a user to find out when the last time they connected to the VPN. When I enter the username, nothing comes up. I enter my username, and I do see about 4 entries only. It seems I only have logs for about…
Hi guys, this is the question, i've created a rule with an ip list as source that need to block all traffic to wan. i went inside logs... and the rule seem to let the traffic pass ... how is it possible.
I'm getting crazy... from client seems to…
Hi,
where can I find the firewall logs in the filesystem?
In UTM these logs are called packetfilter.log.
No success with /var/fwlog.log and similar logfiles in XG. They doesn't contain the wanted traffic.
So in which location is the firewall traffic…
Hello from Germany,
I am trying to wrap my brain aroud the following situation:
I have a rule that allows access to an NTP server to anybody (# 61, rule says ACCEPT, see below)
I have IP Cameras which should not be allowed to reach outside…
Hi,
The report section of my UTM that shows the applications used by users on the Internet shows as sockets (ie TCP and port numbers). It use to display the actual applications before. What could have changed and how do I resolve it?
See the screenshot…
Hi folks,
My part of Australia moved to daylight savings at 0200 on the 3rd October 2021 the reports still show GMT +10. The failure to fix this simple issue is really very poor programming.
Please fix.
Ian
Hi to all,
In custom reports I have a odd behavior. Hope I can explain well, english is not my native language.
Firewall version: SFVH (SFOS 18.5.1 MR-1-Build326)
Local reports: on.
Log is activated in the rule #Default_Network_Policy
If…
What happened to log files? Did someone decide they contained useless information and we don't need them anymore? I have been trying to stand up an XG 210 V18 with a mail server and things aren't working. I haven't found any useful log files like I am…
Hello.
I have an Xg with the SFOS 18.0.5 MR-5-Build586 version.
I need to check the access log by the ssl vpn, and it only shows me a week. In the configuration I have established that it shows me a year, but I cannot see it from the log section.…