Important note about SSL VPN compatibility for 20.0 MR1 with EoL SFOS versions and UTM9 OS. Learn more in the release notes.

  • Sophos XGS 136 - VLAN Problems

    I am newbie currently testing a Sophos XGS 136 Firewall, The basic setup is working. We have a Cisco 3850 Core Switch with 4 VLANS and only the VLAN that the firewall is connected to is working. Traffic from other VLANS is not working and can not ping…
  • Bridge Wireless Network on Sophos REDW to lag VLAN. Possible?

    Hi all, is it possible to bridge a Wireless Network to a vlan interface from the firewall itself? The traffic should not leave the RED itself in their lan interfaces. Can this only be done with using separate zone and bridge this separate zone with…
  • Sophos Firewall - Gateway down but Interface Connected

    Hi all, I rarely work with Sophos Firewalls and haven't ever had to do much on them before, but having recently logged in to one I found that on the 'Control Centre' page that 'Interfaces' is highlighted orange. When I then select 'Interfaces' it…
  • Phones behind XGS lose connection to Cloud PBX every hour

    Hello all, we have a problem with a new XGS126 and connecting phones to a cloud PBX. Yesterday we have exchanged a UTM for a XGS. Until then the telephony worked without problems. Since the swap, the phones (Yealink) lose connection to the PBX (Starface…
  • Connecting CISCO CBS350 Switch to Sophos XG 125 firewall

    Currently I have a Cisco SG300 connected to my Sophos XG125 Firewall and everything is working well. SG300 is running as a L3 switch and its connecting to the firewall using a trunk port. I have VLANS as well and intervlan routing is working well. The…
  • Slow/Freezing SMB Traffic over Sophos XG Gateway Opening

    Hello, since adding the Sophos XG as man in the middle / gatway to our network, we have speed issues more or less, specially over SMB. At moment the XG is connectet over 1 gig port to the main switch, the main switch has sub switches, at main switch…
  • Why is required bridge interface

    Hi All, Can anyone explain in layman's term what is the use of bridge interface/Mode in Sophos XG firewall. In which scenario do we use bridge mode also what is the benefits of it. Thanks
  • No Namecheap service provider available when adding new Dynamic DNS

    There is no option for namecheap. Why is this?
  • Sophos XGS 107 firewall - do not relay ICMPv6 RA with global prefix to LAN

    Hi, I was investigating problem in RE: Sophos XGS 107 firewall - do not relay IPv6 DHCP to LAN now I analyzed network traffic and have some insights. I see ICMPv6 packets with Router Advertisement (134) with Prefix information coming into my LAN from…
  • Sophos XGS 107 firewall - do not relay IPv6 DHCP to LAN

    Hello, I have XGS 107 running in my setup. WAN is external network not managed by me. It looks like devices in the LAN network acquire Global IPv6 addresses instead of Link-Local addresses , which messes up a bit internet in my LAN network. Same setup…
  • Local admin services available on WAN port despite ACL not reflecting that

    So i'm a bit confused and could use some help. After running NMAP on my public IP for a sanity check i was greeted with ports showing open that shouldn't be available to the WAN port. I don't have any services checked on my local service ACL for WAN Starting…
  • Allow Port in Sophos Firewall

    Hi Everyone, I am new to Sophos firewall and I dont know much about this. Can any one tell me how to allow following port in Sophos XG135 (C1B0Cxxxxxxxxxx) CLOUC uses the following Ports HTTP, HTTPS and 9443 for the web console 5060 and 5061 TCP…
  • Error querying FQDN host in XGS firewall. There are multiple IPs for FQDN hosts in the internal network, and the firewall can only find one

    I am currently migrating the SG firewall configuration to XGS. After completing the configuration migration, it appears that the XGS firewall cannot query FQDNs properly. The same FQDN can be queried for two IPs in the SG firewall, but only one can be…
  • DNS over TLS / HTTPS with TLS Inspection

    Hello everyone, today the first occurences of DNS over TLS showed up in one of our customers logs. We have TLS Inspection rolled out at the company and are asking ourselves if the TLS Inspection also inspects DNS over TLS traffic and DNS over HTTPS…
  • Sophos XGS Firewall and Sonos in different VLAN - Multicast setup

    Has someone managed to get Sonos devices to work when they are on a different VLAN than the Sonos App? Would be great to share some information. Especially about routing Multicast through the firewall. I found a great article about this matter in…
  • Unable to add new service XG310 running 19.5.2 MR-2

    When going under Hosts and Services, and then under the Services tab, if I try to add a new service regardless of the name the save button does nothing. For example trying to add a service for ManageEngine Endpoint Central which requires TCP ports…
  • L3 VLANS not routing past gateway.

    Hope someone can help figure out what I am missing. I am pretty sure the issue is on the Sophos XG. I am setting up several VLANS on my Cisco 9500 L3 switch and the issue I am having is I cannot get passed the gateway when trying to access another VLAN…
  • XGS - DHCP String option 128 Vlan Polycom

    We were doing DHCP via Windows Server but decided to use Sophos XGS. DHCP to assign VLAN to Polycom phones via OPTION 128 String VLAN-A=20; - NOTE the ; (semicolon) MUST be at the end of the string for it to work with Polycom. XGS will not allow me…
  • IP phones are not connecting

    Hi, IP Phones are connected to the firewall on WiFi VLAN, then redirected to the router via SIP trunk. SNAT is enabled to establish the VoIP service. My problem is, in the firewall rule, if we choose source devices using IP host group, it only connects…
  • load balancing feature is not working and my users are Nat from the same ISP whenever they connected

    Dear Sir I have configured two ISP on two different ports of firewall providing the internet facility through Sophos Firewall. I am using the firewall load balancing features by assigning the weightage of 2:1 to both the ISP's. But load balancing feature…
  • MS Teams meeting drop 2-3 s : Protocol switch from TLS to SSL

    Hi All XG330 (SFOS 19.5.2 MR-2-Build624) I have the problem of connectivity lost, in MS Teams while meeting as picture below. According to analyse packet between incoming and outgoing when we use MS Team, I found that in the time of connectivity…
  • Unable to access VLAN networks from data networks

    I have 3 VLANS, 1 for CCTV, 1 for wifi controller, and the other for IP phones. data network - port 1 192.168.0.0/24 port1.12 - 192.168.2.0/24 - wifi. (VLAN) port1.13 - 192.168.1.0/24 - CCTV (VLAN) We want to manage the CCTV and the access…
  • Internet slow on XG firewall

    Hi, Got a client that has got a XG125 firewall. Users are complaining about internet speed. Internet line has been upgraded from 10/2 to 20/10 but there has not been a change in the speed. Changed the weight of the line from 1 to 50 but this…
  • Multiple WAN/LAN bridges on XGS 126

    Dear community members! We are planning to insert an XGS firewall into our existing network infrastructure with multiple WANs. This is the current setup: Three WAN routers from different ISPs with fixed public IPs are connected to a multi-WAN router…
  • cannot access yahoo web mail sites

    Hi all, I have a Sophos xg87 and a strange problem with accessing yahoo webmail sites from any computer on the lan. the site just does not open but also no error message appears and I can find nothing in the log files. It does not matter whether I…