Important note about SSL VPN compatibility for 20.0 MR1 with EoL SFOS versions and UTM9 OS. Learn more in the release notes.

  • Subnet issue

    hello, i have two ip subnet on port-1 Lan interface (Vlan), the host pc can able to ping the Firewall Gw ip but from FIrewall to Host ping not work, i checked the Local windows firewall its already turned off. Now 100.0/22 subnet not reach to 15.0…
  • separate Company HomeOffice from internal Network

    I have to seperate two networks using the same LAN Interface running XG in natest version with 1 phyiscal NIC bound to LAN and 1 physical nic bound to wan. The need is that there is no access form Private Network IPs to Company Network IPs and Vice Versa…
  • connect router sim card to sophos xg

    Hello everyone this is my first post and i need some help i have 4 routers sim card edition In a branch of the company and i have sophos firewall in my network ,i need to let firewall connected and control it how to ?
  • WAN Link goes down Every 10 to 15 minutes

    This is Our Furewall detais Model XGS87 WAN Link goes down Every 10 to 15 minutes It is installed on a dedicated Intel Hardware Current Network Setup - 1. Airtel Fiber Link Router with Static IP lands on Fiber Link Router configured in Bridge mode…
  • XG210 NAT Port Forwarding not working

    Hello Community, Hoping for some sort of advice as I'm pulling my hair out with this one. All I want to do is forward UDP 1194 to the NAS 192.168.15.9 to get OpenVPN to work. Here is the NAT rule. Port3 is the external interface with a public IP from…
  • DNS NAT Rule slowing down browsing and load-times from websites

    Hello all, I have a specific NAT question and problem, the reason would be, that am not a native or excellent networking guy... so learning by doing and reading specific when needed. Maybe someone could help me. In my home network I use a XG as…
  • How disable firewall functions?

    My XG 125 is blocking me from reaching hulu.com, and also blocking google shopping when it redirects me to googleadservice.com. As a test, I temporarily bypassed the XG, and I could get to those sites. So I know that the XG is blocking those sites. Then…
  • I want internal traffic to an internal domain to go out through an external link and then come back in. How can I do that?

    I want internal traffic to an internal domain to go out through an external link and then come back in. How can I do that?
  • Block port 25 or SMTP port for non replay LAN IPs

    we configured Sophos XG in MTA mode. We need to restrict access to Port 25 for SMTP traffic to specific terminals only. Currently Port 25 is accessible from all LAN networks
  • I want to configure my external IP to access internal Web server IP

    I want to configure my external IP to access internal Web server IP
  • Issues with VPN Connection and Firewall Port Forwarding after XGS2300 Firmware Update

    Hi team, I wanted to bring to your attention some issues we've encountered following a recent firmware update on our XGS2300 device. After the update, we are experiencing difficulties with the VPN connection—it is not working as expected. Additionally…
  • Unable to access to internal server web from outside through DNAT firewall rule

    Hello Please be informed that i have an ERP which is accessible locally "LAN" but when i tried to access from outside im not able to, however i set up a DNAT rule please find below the screenshot it is in french language i set up port forwarder on the…
  • Server Load Balancing in Sophos XGS SFOS 19.5.3 MR-3-Build652

    I Want create Rule for Server Load Balancer use for internal LAN in Sophos XGS for Http Traffic .
  • Why it is not possible to add a linked NAT rule to a FW rule?

    I am creating a new firewall rule and want to add a linked NAT rule to it, but the fields for adding source, destination and other parameters are greyed out: That warning which is visible in the printscreen does not make sense to me - can someone…
  • problems witch conection in a apk service

    good mornig i have a problem with mi firewall cgs3100 in my institucion, the development area made an apk service and my firewall block the conection with this apk, actually we try everything change rules of conection, made news rules en webs without…
  • Port forward keeps failing after sometime

    I've created a firewall rule & NAT rule to forward port 5555 to my local server ssh server and it was working perfectly -for sometime- but it keeps failing now and i can't access, after scanning port it keeps saying that it's closed? I recreated the…
  • Bug in Server access assistant [DNAT]

    Simple test using PING Create a server on local LAN using SAA and ping to it from an outside network. (Default rules wont reply). Steps taken Add an alias to WAN with a 2nd public facing IP. - Mine (Port2:0) Ran the Server access assistant. …
  • XGS 2300

    Has anyone ran into and issue streaming Disney and peacock from Sophos XGS 2300. I have a spectrum modem / router into XGS 2300 into Unifi standard 24 PoE switch I will get an error 83 code for Disney Plus and error for peacock.
  • déblocage solidworks

    bonjour j'ai un xgs 136 qui bloque les mises à jour automatiques de solidworks; si je vais sur le site, télécharge la mise à jour et je l'installe, tout se passe bien. je n'arrive pas à trouver ce qu'il faut débloquer pour les mises à jour automatiques…
  • First time user looking to switch from another product due to it being sold and stripped

    Sophos Firewall is NOT very intuitive so far. Nothing inbound works...but the default rules to let everything outbound does. So figured id ask the community. I've reverted to the simplest test I can think of....Port forward ICMP from WAN to a LAN workstation…
  • XG310 Max number of bridge interfaces

    Hi, In doc.sophos.com/.../index.html i found that a bridge interface can configure from 2 to 64 interfaces, but i don't find how many bridges can i configure. Does anyone know the limit?
  • XG v19.5 IPv6 DNAT not Working? See Below (src-ip = dst-trans-ip)

    2023-11-28 21:19:50Firewallmessageid="00001" log_type="Firewall" log_component="Firewall Rule" log_subtype="Allowed" status="Allow" con_duration="134" fw_rule_id="62" fw_rule_name="DNAT to Spiderman (IPv6)" fw_rule_section="Local rule" nat_rule_id="4…
  • NAT session limitations on SOPHOS

    hi, if i have a firewall with one isp. if i configured port1 as lan and port2 as wAN and configure public ip over it. i configured a Firewall from LAN to WAN, and NAT MASQ rule. then all my users will start going to internet by using port2 IP. my questions…
  • Management Port and Control Centre Status

    Hi. Does anyone know if it's possible to exclude configured network interfaces from the coloured interface status icon on the home page of the firewall? Its purpose is to show at a glance of connectivity problems. However, sometimes it is normal for an…
  • System Traffic NAT

    Dear community I would like to ask a question regarding the system generated traffic. We have founf this article in order to SNAT the system generated traffic: https://support.sophos.com/support/s/article/KB-000035607?language=en_US We have…