Important note about SSL VPN compatibility for 20.0 MR1 with EoL SFOS versions and UTM9 OS. Learn more in the release notes.

  • Custom reports odd behavior

    Hi to all, In custom reports I have a odd behavior. Hope I can explain well, english is not my native language. Firewall version: SFVH (SFOS 18.5.1 MR-1-Build326) Local reports: on. Log is activated in the rule #Default_Network_Policy If…
  • XG Home Edition v18 - ReportDB Dead?

    Hi, When I logged into my XG Home Edition tonight I noticed the console had flagged the ReportDB service as dead. I havent logged on since I did the upgrade from SFOS 18.0.4 MR-4 to SFOS 18.0.5 MR-5-Build586 a few weeks ago - at the time of the upgrade…
  • XG V18 log files and how to use them?

    What happened to log files? Did someone decide they contained useless information and we don't need them anymore? I have been trying to stand up an XG 210 V18 with a mail server and things aren't working. I haven't found any useful log files like I am…
  • Log retention

    Hello. I have an Xg with the SFOS 18.0.5 MR-5-Build586 version. I need to check the access log by the ssl vpn, and it only shows me a week. In the configuration I have established that it shows me a year, but I cannot see it from the log section.…
  • View XG Firewall configuration changes

    Good day everyone, I am trying to figure out how to view all configuration changes to an XG Firewall over a 30 day period. We are trying to troubleshoot some network issues and application problems that stem from a time frame we updated configuration…
  • IP LOG Shutdown/Reboot

    Hello everyone, I have a Sophos Firewall XG 115 V.18, in the GUI, the messages that are written in the appropriate window during Shutdown / Reboot, where are they written in the LOG files? Also, which LOG records the IP with which the shutdown / reboot…
  • Shutdown LOG Sophos XG Firewall

    Hello everyone, I am a happy system of a Sophos Firewall XG 18 X-Stream, which some nice bumblebee on Friday 08 August decided to brutally shut it down. I would like to know on which LOG the Sophos Firewall writes the shutdown, and with which wording…
  • Actual usage of our XG throughput

    hello, We want to get reports about our actual traffic and performance of our XG: - Firewall throughput usage - Concurrent connections - RAM usage - CPU usage - IPS throughput usage - etc .. For example I know that XG 330 has Firewall throughput…
  • Export email log

    I have been trying to export email log to a host. We set up Sophos XG's mail relay to scan and monitor the mail activities between two mail servers. But in log setting there is no option for email. All I need from the log is the sender, receiver and the…
  • Could somebody post a sample firewall log?

    I'm in the process of evaluating firewalls for a few, small businesses I do support for on the side. I tried pfSense, OPNsense and Untangle and now it's Sophos XG's turn. I'm no firewall guru but was able to get one of my clients up and running with Untangle…
  • XG stopped logging

    Hello everyone, I am currently using a virtual XG appliance for testing. Initially I thought it ran out of disk space, but although plenty disk space is left, the XG stopped logging. Is there any way to restart the logging process?
  • Extract complete Log Viewer Firewall Log

    Hey there, I am currently struggling to extract all entrys from the Log Viewers Firewall Section. Is there a way to find this log in the CLI? I wasnt able to find a log with all that information, and the log viewer doesnt export all the entrys.…
  • Logs and reports

    I have an XG230 appliance. I am relatively new to the product. I have been testing policies and the like and I see that I am considered the biggest threat on the network as I download exe's and I also test policies to make sure sites are blocked. Is there…
  • Custom Port / Application Classification

    Hello, I am trying to find a way to name custom ports for applications we use. For example, one piece of software we use talks to remote endpoints on TCP Port 6180. When viewing reports, unless that person happens to know what's on port 6180, they have…
  • without a captive portal Login All web surfing Reports Generate ?

    I want to log in without a captive portal and all my host information reports please let me know
  • System Log Empty

    Hello, we have several devices running (SFOS 17.5.15 MR-15) that are with Log viewer / System log empty. Doe someone has ideia about fix it ? is it a know issue!? regards Carlos
  • Strange behaviour with Windows Clients in Sophos XG Protected network

    Hi, we are running a site with a XG210 Cluster with SFOS 18.0.1 MR-1-Build396. On top of this there is an Aruba WLAN. There are also some other Client LAN networks. I try to ping google or any website. If I connect to the WLAN in the beginning I can…
  • SFOS 18.0.4 - Could not generate reports after activating subscription

    Good day everyone, I have just activated a subscription. I've noticed I could not generate reports anymore. I already checked traffic logging and other settings in reports settings, they were all in place. I also tried restarting the firewall, but…
  • Where are the firewall logs?

    Running Sophos XG firewall SFOS 18.0.4 MR-4. Cannot find where the firewall logs are. If I use log viewer option, it displays only a handful of lines in the browser.If I want to download even for 4 hours, it would take forever to scroll to the end. …
  • Home XG 18 MR4 - Incorrect usage reported for sessions over 4GB

    Hi I have noticed weird logging and reporting behavior on the XG when transfering more than 4GB during one connection session. I tried to reboot the firewall, but no difference. You can see results of some of my tests below. Reports and policy counters…
  • LogginDaemo Dead or Stopped

    Hello. This monday (2 days ago) i noticed that i had no logs on firewall and it was saying "loggindaemon dead". So i restarted my firewall, surprisely, it did not failover and i had to hard reboot both of my firewalls here. So today, again,…
  • identify the ip of the object sending DNS requests to XG

    Our XG firewall is also running as a DNS server. We have a device sending DNS requests to our firewall trying to get the ip for a malicious domain, and we are trying to identify the ip of the device sending the requests. From what I can see XG…
  • IPS and Application

    I have notice that the IPS and Application seem to not be working their is nothing listed in the logs of IPS and Application for the pass week no activity. I have tried nmap to try and trigger the rules of the ids and tried some of the applications…