Important note about SSL VPN compatibility for 20.0 MR1 with EoL SFOS versions and UTM9 OS. Learn more in the release notes.

  • Sophos XG Reports : Show the used port

    Hello, The Reports Dashoboards show me lot of P2P and X-VPN between SSL VPN Clients and local servers, thing that i found it weird When i tried to find the port used between the user and server, it show me only the category. This is an example.…
  • No Record Found on Web Report

    Hey guys. I went to look for web browsing logs and no record was found. It has marked in my firewall rules as well as the web filter to do logging. I do the policy test and see that it matches the correct firewall and web rule for browsing. Notice…
  • Reporting

    Hi everyone i'm asking about the difference between web authentication and client authentication regarding reports because my senior says it's necessary to use client authentication to get a clear report for users while i see that both are the same…
  • Web Protection - Report User-Agents

    Hej, Is there a way to create a report in Web Protection that shows all the user agents of the network devices on the network? I would like to make an evaluation of all systems of the last month. Thanks a lot.
  • High availablity TCP port 2600

    We have 2x XGS2100 (SFOS 18.5.2 MR-2-Build380) in High availablity in (Active-Passive) They have a Dedicated HA link Dedicated peer HA link IPv4 address 192.168.10.2 Dedicated peer HA link IPv4 address 192.168.10.1 When I look in Log viewer…
  • My reports on dashboard disappear

    Please how can i get them back.
  • Security audit report - "No record found"

    Hello, About three months ago, I scheduled two security audit reports to be emailed to me. They have been fine up until about a month ago. I'm not sure what happened, but the reports now have no results. All the sections are now blank / empty with …
  • Missing option for interface up/down email notifications

    Hi, I've got two isp's and a site to site RB Tunnel to our branch office. I've configured two vpn tunnels and routing rules with differed metrics, failover if the primary tunnel fails works but we get no notification of this. The xfm interface is…
  • 18.5.2 MR2-Build380 ERROR(0x03): Failed to migrate reportdb. Disabling On-box reporting.

    Upgrading my Sophos HyperV Firewall from SFOS 18.5.1 MR-1-Build326 to 18.5.2 MR2-Build380 posted this error during update routine. All works fine but trying to restart on-box-reports show this prompt Sophos Firmware Version SFOS 18.5.2 MR-2-Build380…
  • Bounced message errors, where are they, why are they unavailable

    I am very disappointed in the error reporting functionality of the XG v18 firewall. Actually, the error reporting just isn't useful at all. Today I have a bounced message due to certificate issue on the recipient end. But the only way I know that is a…
  • Sophos XG Search Engine Log

    Hello, I have a problem with the Sophos XG (SFOS 18.5.1 MR-1-Build326). It's about the search engine log. I have set everything in the policy as described in the instructions.( https://support.sophos.com/support/s/article/KB-000035785?language=en_US …
  • SophosXG elasticsearch filebeat module not importing fields

    www.elastic.co/.../filebeat-module-sophos.html I am trying to use the sophos module that you seems to have contributed in elk stack. I followed the documentation at www.elastic.co/.../filebeat-module-sophos.html and was able to get the data into ES…
  • Rule Summary Report

    Hi all, every firewall rule has an easily readable summary on the right hand side for audits and the like. Is there a way to export all of these summaries in some kind of report? Are you aware of any other reports that could be useful for 3rd party…
  • Sophos XG syslog messages id's v18.5

    i've got a deeplink to Messages (sophos.com) but i would like to get my hands on the current (18.5) version so i can find messages that our firewalls are logging right now so i can parse them for our siem. and while i'm asking this, it would be so…
  • Log Viewer history

    Log Viewer --> Authentication. I went to search for a user to find out when the last time they connected to the VPN. When I enter the username, nothing comes up. I enter my username, and I do see about 4 entries only. It seems I only have logs for about…
  • Drop Rule Accept Traffic

    Hi guys, this is the question, i've created a rule with an ip list as source that need to block all traffic to wan. i went inside logs... and the rule seem to let the traffic pass ... how is it possible. I'm getting crazy... from client seems to…
  • Sophos XG v18.5 Firewall logs

    Hi, where can I find the firewall logs in the filesystem? In UTM these logs are called packetfilter.log. No success with /var/fwlog.log and similar logfiles in XG. They doesn't contain the wanted traffic. So in which location is the firewall traffic…
  • app repoting is working but web reporting not working

    Hi , I have sophos xg125 I have only basic firewall subscription. I Can't see any web surfing or web domains reports
  • Traffic allowed although rule specifies "drop" - or log entry is incorrect / misleading ?

    Hello from Germany, I am trying to wrap my brain aroud the following situation: I have a rule that allows access to an NTP server to anybody (# 61, rule says ACCEPT, see below) I have IP Cameras which should not be allowed to reach outside…
  • log viewer

    how to delete all log viewer in sopho s xg 330 ( web filter -application filter - firewall ) not Reports
  • Sophos UTM Report

    Hi, The report section of my UTM that shows the applications used by users on the Internet shows as sockets (ie TCP and port numbers). It use to display the actual applications before. What could have changed and how do I resolve it? See the screenshot…
  • Reports still do not adjust to daylight savings

    Hi folks, My part of Australia moved to daylight savings at 0200 on the 3rd October 2021 the reports still show GMT +10. The failure to fix this simple issue is really very poor programming. Please fix. Ian
  • Custom reports odd behavior

    Hi to all, In custom reports I have a odd behavior. Hope I can explain well, english is not my native language. Firewall version: SFVH (SFOS 18.5.1 MR-1-Build326) Local reports: on. Log is activated in the rule #Default_Network_Policy If…
  • XG V18 log files and how to use them?

    What happened to log files? Did someone decide they contained useless information and we don't need them anymore? I have been trying to stand up an XG 210 V18 with a mail server and things aren't working. I haven't found any useful log files like I am…
  • Log retention

    Hello. I have an Xg with the SFOS 18.0.5 MR-5-Build586 version. I need to check the access log by the ssl vpn, and it only shows me a week. In the configuration I have established that it shows me a year, but I cannot see it from the log section.…