Important note about SSL VPN compatibility for 20.0 MR1 with EoL SFOS versions and UTM9 OS. Learn more in the release notes.

  • cannot access yahoo web mail sites

    Hi all, I have a Sophos xg87 and a strange problem with accessing yahoo webmail sites from any computer on the lan. the site just does not open but also no error message appears and I can find nothing in the log files. It does not matter whether I…
  • Vlan routing issues -XG is virtual

    Hello I am trying my head around strange VLAN issues when XG is virtualized. The setup is as follows - ESXi has VLANS created. XG has two ports - Lan and Wan. Lan is on 4095, Wan is on different switch. XG Lan has multiple VLANS created (reflecting…
  • Sophos XG when switch connected to LAN interface no Internet

    I had the same Problem with my SG-125 with XG Home and NetGear GS305E and I've googled it but found nothing useful, so I had to figure it out myself After wasting around 30m troubleshooting and testing I found the reason, which was extremely unexpected…
  • TCP SYN / retransmission

    On Sophos XG 19.01 MR1 Virtual appliance, i have for several minutes that any new TCP session outbound to the web is not connecting. while inspecting a tcpdump file, i see that existing TCP sessions work normally, just any new TCP SYN is not getting…
  • Firewall FQDN Subdomain learning different cache TTL issues with Windows DNS Server

    Hi, this issue is listed as resolved for 19.0.2 NC-111476 FQDN Subdomain learning isn't working in case of non-SFOS DNS server set for client. We're on 19.5.2 We have a server that downloads files once per day from a FQDN like files.downloadserver…
  • Odd Behavior with System Generated Traffic over IPSEC

    Hi, Encountering a weird error when trying to attempt using a server for DNS forwarding. We have a few branch offices - each connecting to DC via IPSEC (Connection Type: Site-to-Site / IKEv2) - with the DNS Forwadering Host in the DC. Now here's…
  • Cant connect to FTP

    Hello, I am not able to connect with a local FTP script to a server. This script works at another location but not here. Sophos XG latest version SFOS 19.5.2 MR-2-Build624 Here is the log: messageid="01001" log_type="Firewall" log_component="Invalid Traffic…
  • PIM-SM and IGMP on interface in the same time

    Hello, Can I have PIM-SM and IGMP on a interface in the same time? I have a problem with IGMP on interface with active PIM-SM neighbour (pim-sm router). In the presence of a PIM-SM neighbour, IGMP is inoperable for another destination. Is this behavior…
  • Selective deactivation of the SIP helper

    I have a customer with a well-functioning SIP telephony. But now he gets a problem with a door phone. This only works with deactivated SIP helper. ( system system_modules sip unload) Message: "Invalid traffic - Invalid connection helper" Possibly a dirty…
  • LAN port utilization high

    Hi, we have sophos xg-210 one LAN port utilization is high i have attached monitoring tools screenshot please check. model-XG210 Thanks satya
  • dhcp --lease Time increase

    Hi, currently we are running dhcp from firewall so some user lease time we need to increase so please help me how to extend lease time. Thanks satya
  • When fixed ip in a vlan does not deliver ip in another vlan

    hello , I am encountering the following problem: to simplify I have vlan A and vlan B Both have active dhcp server in sophos. Both work normally. However, if I set an ip/mac for a device in vlan A, sophos, vlan B does not deliver any more IP for this…
  • Apply firewall rule by DSCP Setting

    I am wondering if it is possible to apply a firewall rule by the dscp setting. We have an iCafe and want to introduce a tiered system where different levels allows you to more things. We can have traffer in the different tiers marked with a unique DSCP…
  • Windows Update

    Hello, I am not able to implement the following scenario, all users have to login to the capitative portal to be able to browse the internet. (OK) But I want computers to be able to update themselves Windows Update, Google Crome update, Eset update without…
  • Sophos XG Firewall - update AD DNS

    Curious if anyone's done this or sees value in it. Our current scenario is we have our AD and integrated DNS hosted in an IaaS provider where no "end users" live. We have migrated all of the remaining Windows servers we have to this location. As part…
  • SOPHOS XG DHCP BOOT FILE PXE/SCCM

    Hello everyone . I have a problem with the configuration of the PXE/SCCM taking the XG as DHCP . Here is my config - next server: ip address of my TFTP server (SCCM) - Boot file location: SMSBootPM100003\x64\wdsnbp.com I get this error ( TFTP time out…
  • Sophos XG slowing down Internet Speed

    I'm using a SG135 rev2 with Sophos XG Home installed on it. I am using 4 Interfaces 1 WAN, 2 LAN and 1 DMZ. For accessing the Internet, I am using a 5g Router (Xiaomi AX5400) with 500mbit/s download and 50mbit/s upload. Now I am having a strange Issue…
  • Use WAN IP other than firewall for SSL VPN?

    XGS136/SFOS 19.5.2 Is it possible to use an alias WAN IP other than the firewall's IP with the SSL VPN? I'm setting up the XGS to replace an existing production firewall, and using an unused LAN and WAN IP to do it. My plan is that on migration day…
  • Bridge with 2 lan and connection problem between 2 hosts on same vlan

    Hi all, i installed Sophos on hyper-v (vm) with 3 NIC: - NIC-A “LAN” (physical nic on server) - NIC-B “WAN” (physical nic on server) - NIC-C “LAN” (private virtual switch hyper-v) I’ve created Bridge with NIC-A and NIC-C, with "enable routing…
  • SFP ports/interfaces issue during Firmware Upgrade

    Hey Team, One of my end customer having issue in FW while upgraded SFOS 19.5.1 --> SFP ports/interfaces couldn't respond or stopped working and ethernet ports are working fine. XGS3100 (SFOS 19.5.1 MR-1-Build278) Expecting usual support from my…
  • How to add a FleXi module to an existing HA pair without Turn off both firewalls

    Hi all, Is there a possibility to install a Flexi port module to an existing HA Pair without switching off both firewalls at the same time ?
  • Guest Wi-Fi not receiving DHCP from Sophos XG with Unifi

    Good day Members, I trust you are well. We are trying to setup a guest Wi-Fi with Sophos and Unifi. We have it currently working but with the DHCP server on the DC, We would like to move the Guest Wi-Fi DHCP to the Sophos XG. Main issue is device are…
  • Sophos fire wall Dual stack Control Center/system interfaces WAN link manager is red why not green?

    Hi All, I recently added IPv6 support to XG FW and something says not right. I have pubic v6 address on WAN link, 2 private ranges on LAN and DMZ . I am using router advertisement for IPv6. The FW rules show traffic on v6 both directions, The v6 test…
  • DNS Host Entry SSL VPN DFS Sharing Problem

    Hi; I have 3 DCs for domain in my network. 111.local 192.168.1.11 PDC 192.168.1.12 ADC 192.168.1.13 ADC 192.168.1.1 is a SOPHOS LAN interface ip address Under the DNS host entry, I entered these fields with the DC server ip addresses. (Network…
  • Inter-VLAN/Subnet DHCP Relay not working, getting Violation / Local_ACL

    XG210, SFOS 19.5.2 MR-2-Build624 So, I have two VLANs, VLAN 70 - 192.168.70.0/28 and VLAN 100 - 10.0.0.0/24. DHCP server is on VLAN100, I want to relay DHCP requests from VLAN70 to VLAN100 for service. I have a relay set up like so: Name …