Important note about SSL VPN compatibility for 20.0 MR1 with EoL SFOS versions and UTM9 OS. Learn more in the release notes.

  • cannot login to UI after a while

    I am running XG at home (v21) and after a few days I am unable to login to the firewall via any method. SSH, web UI, and local console. The login simply fails. I know the password is correct since it does accept it when things are working. During the…
  • IPSec not trusting self signed Root CA

    I created a certificate based IPSec/IKEv2 Site-to-Site-VPN using the Sophos guides between two Sophos SG135 firewalls. One firewall runs on home edition (SFVH with firmware SFOS 21.0.0 GA-Build169 ) one runs on trial (SG135 with firmware SFOS 20.0.2 MR…
  • Failed to upgrade home appliance

    Hi, I tried to upgrade my home appliance (home license) from 21.0 EAP1 to 21.0 GA with the following error: 2024-11-18 11:16:20.459 GMT starting old version corporate db Starting conf database 1 2024-11-18 11:16:21.852 GMTLOG: starting PostgreSQL…
  • IPv6 Country Block WAN to LAN strangeness

    Hello, Since the XG Firewall does not have countries for IPv6, I have created my own countries based on published IPv6 address ranges which can be found here https://www.ipdeny.com/ I created a LAN to WAN rule to block access to a country and a WAN…
  • DNS over TLS

    Apologies I know it's been mentioned before, but I'm in the process of moving from pfsense + to XG Home. Got a variety of loose ends to sort out and DNS over TLS is one of them. Is this forthcoming within the v21 release cycle? I'm sorting Wireguard…
  • Intel X710 10GbE SFP+ (virtual passthrough) not detected - ReOpen

    Hello Sophos-Support, Can you please check the problem? Unfortunately the problem still in v21 GM exists. Intel X710 10GbE SFP+ (passthrough) not detected PCIe passthrough works smoothly with the software installer. Hypervisor: Proxmox 8.2…
  • v21 XG Home VPN Hardware acceleration

    Good evening, Back testing XG Home, does v21 support hardware acceleration for IPsec and SSL VPN tunnels? I have XG Home installed on a XG230 R2 at mo, I have a XG135 R3 that has pfsense + on it atm, so pending successful testing, planning on dropping…
  • Sophos 21 Home Lets Encrypt Secondary Validation Fetch Timeout

    Certificate request fails with secondary validation time out. I can see in the web server protection log viewer that the well known url is being requested with the unique value. I also briefly see that the temporary waf rule is created. Only thing to…
  • Site to Site OpenVPN / client

    Hi is it possible yet for Sophos XG V21 Home to be an openvpn client connection? Expect to cancel Virgin internet in December as they want to go from £23pm to £59pm. So I was considering using my 4G backup, but it’s CGNAT. I have tested openvpn cloud…
  • Sophos XG Home V21 GA Lets Encrypt Certs not shown for Administration

    I successfully obtained 5 certificates from Lets Encrypt with th new V21 feature. I can use these in my web application firewall rules and they work fine. But in "Administration/Admin console and end-user interaction" only an uploaded wildcard certificate…
  • Sophos XG Home ver 21 Intel QAT support

    Hi, I am trying to get QAT support information on the current XG Home v21. The last document that mentioned QAT was version 18. Is QAT still supported? If so, what can be offloaded to it?
  • X-Ops seems not to be working on V21 GA?

    Hi, I moved to Version 21.0 GA (Home Edition) recently. I noticed that in control panel, no events in the log or counters are logged that X-Ops is doing anything: A configured third party threat list (abuseipdb.com) is working properly and blocks…
  • Radius Authentication over SD-WAN

    I have radius authentication working locally from the Sophos Firewall to the local radius server for both VPN and for WiFi authentication, however I am unable to get the authentication working from the Sophos Firewall to another radius server at a remote…