Important note about SSL VPN compatibility for 20.0 MR1 with EoL SFOS versions and UTM9 OS. Learn more in the release notes.

  • When fixed ip in a vlan does not deliver ip in another vlan

    hello , I am encountering the following problem: to simplify I have vlan A and vlan B Both have active dhcp server in sophos. Both work normally. However, if I set an ip/mac for a device in vlan A, sophos, vlan B does not deliver any more IP for this…
  • Apply firewall rule by DSCP Setting

    I am wondering if it is possible to apply a firewall rule by the dscp setting. We have an iCafe and want to introduce a tiered system where different levels allows you to more things. We can have traffer in the different tiers marked with a unique DSCP…
  • Windows Update

    Hello, I am not able to implement the following scenario, all users have to login to the capitative portal to be able to browse the internet. (OK) But I want computers to be able to update themselves Windows Update, Google Crome update, Eset update without…
  • Sophos XG Firewall - update AD DNS

    Curious if anyone's done this or sees value in it. Our current scenario is we have our AD and integrated DNS hosted in an IaaS provider where no "end users" live. We have migrated all of the remaining Windows servers we have to this location. As part…
  • SOPHOS XG DHCP BOOT FILE PXE/SCCM

    Hello everyone . I have a problem with the configuration of the PXE/SCCM taking the XG as DHCP . Here is my config - next server: ip address of my TFTP server (SCCM) - Boot file location: SMSBootPM100003\x64\wdsnbp.com I get this error ( TFTP time out…
  • Sophos XG slowing down Internet Speed

    I'm using a SG135 rev2 with Sophos XG Home installed on it. I am using 4 Interfaces 1 WAN, 2 LAN and 1 DMZ. For accessing the Internet, I am using a 5g Router (Xiaomi AX5400) with 500mbit/s download and 50mbit/s upload. Now I am having a strange Issue…
  • Use WAN IP other than firewall for SSL VPN?

    XGS136/SFOS 19.5.2 Is it possible to use an alias WAN IP other than the firewall's IP with the SSL VPN? I'm setting up the XGS to replace an existing production firewall, and using an unused LAN and WAN IP to do it. My plan is that on migration day…
  • Bridge with 2 lan and connection problem between 2 hosts on same vlan

    Hi all, i installed Sophos on hyper-v (vm) with 3 NIC: - NIC-A “LAN” (physical nic on server) - NIC-B “WAN” (physical nic on server) - NIC-C “LAN” (private virtual switch hyper-v) I’ve created Bridge with NIC-A and NIC-C, with "enable routing…
  • SFP ports/interfaces issue during Firmware Upgrade

    Hey Team, One of my end customer having issue in FW while upgraded SFOS 19.5.1 --> SFP ports/interfaces couldn't respond or stopped working and ethernet ports are working fine. XGS3100 (SFOS 19.5.1 MR-1-Build278) Expecting usual support from my…
  • How to add a FleXi module to an existing HA pair without Turn off both firewalls

    Hi all, Is there a possibility to install a Flexi port module to an existing HA Pair without switching off both firewalls at the same time ?
  • Guest Wi-Fi not receiving DHCP from Sophos XG with Unifi

    Good day Members, I trust you are well. We are trying to setup a guest Wi-Fi with Sophos and Unifi. We have it currently working but with the DHCP server on the DC, We would like to move the Guest Wi-Fi DHCP to the Sophos XG. Main issue is device are…
  • Sophos fire wall Dual stack Control Center/system interfaces WAN link manager is red why not green?

    Hi All, I recently added IPv6 support to XG FW and something says not right. I have pubic v6 address on WAN link, 2 private ranges on LAN and DMZ . I am using router advertisement for IPv6. The FW rules show traffic on v6 both directions, The v6 test…
  • DNS Host Entry SSL VPN DFS Sharing Problem

    Hi; I have 3 DCs for domain in my network. 111.local 192.168.1.11 PDC 192.168.1.12 ADC 192.168.1.13 ADC 192.168.1.1 is a SOPHOS LAN interface ip address Under the DNS host entry, I entered these fields with the DC server ip addresses. (Network…
  • Inter-VLAN/Subnet DHCP Relay not working, getting Violation / Local_ACL

    XG210, SFOS 19.5.2 MR-2-Build624 So, I have two VLANs, VLAN 70 - 192.168.70.0/28 and VLAN 100 - 10.0.0.0/24. DHCP server is on VLAN100, I want to relay DHCP requests from VLAN70 to VLAN100 for service. I have a relay set up like so: Name …
  • XGS116w use 3G/4G Module For Redundancy Issue

    XGS116w (SFOS 19.5.1 MR-1-Build278) I want to use 3G/4G moduel as backup Wan and try to test the failover. However, it doesn't work! The log show the traffic still go to the Primary Interface, but it is down status~ Unless I add a route "0.0.0…
  • WAN failover configuration

    Dear Team, I have 2 Internet link WAN 1 is leased line 200 MBPS 2nd is Broadband its connect against router so 2nd wan DHCP ip is 192.168.X.X and it work . Now i have configured failover active backup now ,i want to configure active active but my…
  • Sophos XG IPV6 Support timeline

    Is there a timeline or any plans to add support for IPV6 PPPoE and Prefix Delegation on the Sophos XG? Dual Stack is becoming more and more ubiquitous quite simply Sophos XG cannot handle it, even having some other router in front of it doesn't really…
  • XG430 blocks VoIP from PBX

    Hello everyone, last Friday we set up an XG 430 in bridge mode. (Port 1 + 2, same zone) So far everything works perfectly, but now suddenly all IP phones have no connection to the PBX. Also it is not possible to access the web interface of the PBX…
  • RED Anomaly?? Or a case of a weird ARP Proxy?

    FormerMember
    FormerMember
    I think I've come across an anomaly that I simply cannot explain. It caught it because a user complained. I remoted into their laptop and ipconfig showed me the ipconfig that I wasn't expecting. I need help untangling this. So I have 2 buildings A and…
  • After adding a second WAN link, Internet goes down

    Hi everybody! Now we have a second WAN link (DHCP) and I‘m following the instructions: https://doc.sophos.com/nsg/sophos-firewall/18.5/Help/en-us/webhelp/onlinehelp/AdministratorHelp/Routing/Gateways/RoutingConfigureGatewayBalancing/index.html …
  • mikrotik + sophos home vlan

    I have a small problem, I have a mikrotik router set up wlan10 (10.10.10.1/24) on port 2 everything works, I connect directly to the router, I have access to the network via vlan10, and when I connect sophos home (in bridge mode), I have an address assigned…
  • how to configure multiple ip range should be connect with single domain server

    i have dns domain server 10.0.0.1 mask 255.0.0.0 gateway 10.0.0.2 & and ip range is 10.0.0.1 to 10.0.0.254 but now i want to give different ip range to different department like 10.0.1.1 to 10.0.1.254 to support department and 10.0.2.1 to 10.0.2.254 for…
  • 3CX using Sophos Loopback Not working

    Hi There, I'm learning my way around Sophos FW and have decided to learn 3CX systems and to see if I can get a IP Phone to provision via the internet. So far the system works and I have checked the ports and they open. I know this because I've tested…
  • VoIP-"Allow"-Rule randomly blocks traffic

    Hello, this is my first time on here so please be patient. I´ve been experiencing some problems with our current VoIP configuration on out XGS2300 that i can´t seem to find an explanation for: I´ve built a bidirectional rule as follows: Any Zone…
  • Assign DDNS to host behind firewall

    Hello everyone, how do I publish an host or service behind XG thought DDNS? In my case, I have 4 Dyn hostnames and I need to assign a service for each of them and publish them though XG using DYNDNS NATed IP each service has different port, ISP…