Important note about SSL VPN compatibility for 20.0 MR1 with EoL SFOS versions and UTM9 OS. Learn more in the release notes.

  • RED60 VLAN bridged - blocked because of invalid traffic IP SPOOF

    Hello, we have set this up for a remote location: So the same VLAN ID on both sides: behind XG and behind RED, same IP Subnet. Bridge Members, same Zone: This is already in production and working. the RED60 Users can work on internal ressources…
  • How to change device itself internet access IP to an alias IP?

    Hello all, This is my WAN link configuration: The main interface has no IP address. but I created a VLAN on WAN interface and also add 2 alias valid IP address. I created 2 NAT policies for rules. all rules working fine and users have access to…
  • VLAN tagged only interface with XG

    Hi, is it possible in SFOS 17.5.14 MR-14-1 to configure an interface with tagged VLANs only? I don't want to have an IP on the physical interface (untagged).
  • Cannot reach Gateway when VLAN in on LAN on Sophos XG

    Hi everyone, I know the question may not be clear but here it is. I have managed to get connectivity between the branch and HQ. I can ping and access devices on both sides. The issue is, when VLAN551, which is the data vlan, is on WAN, the cisco…
  • Allow Access to internal through Sophos XG

    Hi everyone, Below is a rough sketch on my network. VLANs have been set on and by the ISP on their side. VLAN1 is for data. Which means PCs on the left should communicate with those on the right and vice. From the right I can only ping upto the Sophos…
  • MPLS Configurations, VLANs Sophos xg

    Please bear with me on the explanation. We recently implemented MPLS on our network and were given the VLAN1 for the internet and VLAN2 for data. I set this up under Network-> Port 2 then VLAN1 - WAN, VLAN2 - LAN. Here is the issue. If setup as above…
  • Tunnel-Private-Group-ID

    Dear Team I am trying to configure dynamic VLAN using radius server with Sophos XG and Sophos access point and it works fine except for the VLAN id for each user I am passing the Tunnel-Private-Group-ID attribute from the radius through the firewall…
  • DHCP SCOPE GIVING IPS FROM WRONG RANGE

    Hello i just purchased this firewall and have the following setup I have 3 dhcp scopes: VLAN_500_SCOPE - 192.168.10.100 - 192.168.10.200 VLAN_600_SCOPE - 192.168.20.100 - 192.168.20.200 WFIF_SCOPE - 192.168.30.100 - 192.168.30.200 …
  • Best Practice to switch LAN Interface (LAG)

    Hi, basically I wanted to add a second LAN Uplink from my Sophos XG device to a Linksys LGS308 Switch. I configured a LAG interface on both ends and it seemed to work (LACP was activated), since the XG interface dashboard showed to me that traffic is…
  • WAN port with PPoE and VLAN configured won't connect without use of switch in front of it.

    Hi there, I have a FFTH connection from my ISP (KPN, the Netherlands), from which I get a PPoE connection with VLAN (Id 6). I am trying to set up the WAN connection on a minipc, but I won't get it done, without the use of a switch with VLAN tagged in…
  • Integrate Sophos XG transparently with current Juniper SRX

    Hi, I've playing around during the last few days with Sophos XG at home, but I can't seem to make it work the way I want and need. I have a Juniper SRX210 doing all the routing and layer3 filtering, and I want to integrate the XG transparently in…
  • Not able to pass traffic between VLANs

    I've been pulling my hair out for a while. I'm trying to pass traffic between my untagged lan and a VLAN, both in the same LAN zone. Port A: 192.168.51.2/24 Port A.60: 192.168.60.1/24 Based on others having similar issues, I created IP Network objects…
  • InterVLAN Routing

    I have just setup my XG330 and I plan to use it as my core router so I have assigned .1 for each subnet. My switches do not have any IPs configured except for their management IP which is in VLAN 10. InterVLAN routing seems to be working fine - I can…
  • ISP required VLAN Tag to connect

    Our ISP requires us to supply a VLAN TAG on the WAN connection. From other discussions I have seen that I need to create a VLAN onto the interface. This I have done and it now seems to connect ok. However I'm not sure what I need to configure for the…
  • WAN interface with VLAN TAG

    I need to that my WAN Interface on a XG 115 is consigured with a VLAN TAG ID. On the SG I manage to do it, but now in the XG i'm not finding how it can be done. Thank you.
  • Connecting a XG430 to two core switches (both are switches are managed L2/L3 HPE 1920s 24ports)

    Hi to All, I am currently having problems deploying my XG430 in my office network. My topology goal is in the attach image below: So right now, the following are already done and configured: 1.The core switches and switch .13 have their port…
  • Has Anyone Successfully Gotten VLANs Working With Sophos XG Home as a VM on Hyper-V 2012R2?

    After much investigation and testing, I've come to realize that getting VLANs to work for Sophos XG running as a VM on Hyper-V is causing me all kinds of headaches. I had another thread opened about failing to obtain an IP address even though switch and…
  • Sophos XG Home VLAN

    I am clearly missing something so I'm hoping someone here can help me out. Here is the Sophos XG config (ignore GuestAP interface, it isn't in use): Single VLAN interface using Port3. This is the VLAN interface setup: Here is the DHCP setup…
  • VLANs on single LAN interface

    Hello everybody and thank you for your support I'm deploing a new couple of XG Firewals instead of two old UTM9 but i've found many problems on VLAN configuration. This is my actual UTM9 configuration: As you can see i've the ETH1 configured with…
  • How to enable/configure multicast?

    Hi, I have the following setup: Sophos XG 85 Firewall (Wifi) DMZ Zone (VLAN 2 on Port 1)(10.0.1.0/24) Wifi Zone (10.0.2.0/24) I have the following devices: Raspberry Pi as Home Assistant Host (Smart Home) in the DMZ zone Xiaomi Smart…
  • How do I setup Slovak Telekom IPTV on Sophos XG ?

    Hello, My current router provided by my ISP is really not that good so I decided to try Sophos XG as my FW/router. So I bought an OEM production - 2550L2D-MxPC , Netgear Prosafe GS108PE and a UniFi AC Pro AP . The modem is a Zhone 6712-w1 which is in…
  • XG replacing Cisco vlan trunking router on stick

    Could anyone explain how to translate this working example config from IOS 15.x Cisco router interface to SFOS 17.0.6 MR-6 XG interface that will be replacing it for performing inter-vlan routing from an Avaya switch? I'm able to create the vlan sub interfaces…
  • How to split initial br0 interface into LANs?

    Hi, my firewall is setup in route mode. By default, it bridges the LAN port and all spare ports into an interface calls br0. I can not delete this interface since I won't be able to access it anymore. I am trying to set VLAN on Port1 and it won't…
  • Unifi AP & Switch, VLAN Guest Network

    Hi All, I am fairly new to the world of "Sophos". I need some help in setting up a guest WLAN on a VLAN through my Sophos XG 330. I have several unifi switches deployed and then connected to them are unifi access points. (I do not have unifi USG) I…
  • I need to set up a policy for my Xbox One, can anyone help me?

    I currently use the cisco rv325 router, with the following settings subnet VLAN for Xbox one: My network topology Router Settings cisco RV325 Server Settings XG Firewall This setting is not working, NAT strict appears