Important note about SSL VPN compatibility for 20.0 MR1 with EoL SFOS versions and UTM9 OS. Learn more in the release notes.

  • Check type of traffic used by host and only allow to pass through main Wan connection

    I have 2 wan connections, main, and LTE. LTE is only backup, and don't want to unnecessarily use it. I have IPTV subscription, and don't want it to use the LTE when main connection goes down. I know the IP address of the TV box. Can anyone tell me find…
  • Adding Second Interface with Different Public IP for Same Internet Connection

    We have a situation that I'm not sure how to proceed correctly. This location is currently utilizing two different firewalls - a Sophos XG 310 and a Sonicwall NSA 3500. The way this was originally configured, a small switch was put in place before the…
  • RBVPN, BGP, and multiple connections to home office

    RBVPN with BGP is up and running for a couple of my locations now on their primary DIA. Each site has a cellular backup device operating in NAT mode with two carriers - a primary and secondary - and I have a second VPN (tunnel interface) connection…
  • MPLS & SD-WAN Routing - What about the incoming traffic from the other site?

    I'm working with a client that has MPLS, a Cisco router and a Sophos XG. They plan to get rid of the MPLS at some point but for now it has to work. Site B got a Sophos XG firewall and we can get MPLS working using SD-WAN Routing and LAN devices (SiteB…
  • Having lan go out different wan

    Hi all, Under interfaces I have 2 wan addresses set with there respective gateways How would I configure a lan to go out that specific wan/gateway Do I do it under outbound nat (pfsense terminology) or make a normal firewall rule ie all that lan…
  • Route Based VPN - Send traffic back to main office

    I have several sites (Sophos XG/XGS on both sides) with DIA and cellular backup. Currently, with policy-based VPN and a failover group, the failover process is clunky and usually results in a very noticable interruption for the users. To help ease…
  • How restored connection can interact with SD-WAN and active connections

    Product: 2x XG210 (HA - Active and Passive) with SFOS 18.5MR1. I have a 3 Internet Connection (WAN). One is main (web browsing) and two for backup. One of two backup connection is used only for VoIP Call. I configure in WAN Link Manager in this…
  • HOW TO CONFIGURE MULTIPLE PRIVATE NETWORK TO USE SPESIFIC WAN?

    hello everyone, i need help to make sure our network working properly as our need. here details. i have two private network 192.168.19.0/24 network servers [dmz zone] 192.168.17.0/24 network our employer [lan zone] and i have three wan WAN…
  • Sophos XG BGP dynamic routing over 2 RED tunnels (for failover)

    Hi, I'm trying to set up a reliable connection between two offices of the same company using RED tunnels instead of VPNs. There are limitations which are not relevant now, but the fact is that we can't use IPSEC VPNs and RED tunnels work fine. This…
  • XGS 18.5.1-326 SD WAN rule changing gateway takes a lot of time to be activated

    We have an issue with SD WAN routing rules. We have two routing based IPsec connections, One SD WAN rule routes certain traffic through the first tunnel. No secondary/failover gateway through the second tunnel is configured. If we manually change…