Important note about SSL VPN compatibility for 20.0 MR1 with EoL SFOS versions and UTM9 OS. Learn more in the release notes.

  • WAF & SSL Certificates

    Hello, We have a web server at the back of the Sophos firewall. We recently added a SSL certificate from Godadddy for the domain pointed to the server. The certificate seems to be installed properly in the firewal, however when we are trying to access…
  • Publishing two web server app using same IP public

    Hello, I have a client with two web server app and one Ip public, a need help. How can i publishing this two internal web server app to internet using same IP public ? The client have Sophos XG135 Amubai
  • SFOS 18 WAF for OWA Exchange 2016/2019

    Related KBA Link: Sophos Firewall: Web Application Firewall for Exchange 2016 I've tried implementing WAF for an Exchange 2016 and an Exchange 2019 on an XG with SFOS 18.0.4 I've used the configuration from Frankys Website, which is usually…
  • Web service behind WAF using directory name as parameter, how to configure on XG 18.04?

    I have a webservice that I am trying to put behind a WAF on XG 18. Internally the service is plaintext on port 10031. Externally it's available via HTTPS on port 443. Connecting to the site externally has you visiting https://webservicename.domain.com…
  • WAF Synology No Protection

    Hi, I did manage to config WAF for Synology Sync drive. But i dont have any protection. While im uploading testing file "Eicar" it gets passthru... Why i dont have AV, logs and other options turned on. Thx. #xg #synology #WAF #"web protection…
  • XG WAF stops working without error

    Hi all, we have an XG330 (SFOS 18.5). It now happens 3 times within the last 3 weeks that the WAF stops doing its job. System Service->Services-> Status of the service is "running". Stop/start the service and all is fine again. The WAF log stops…
  • Hi Is it possible to enable website to work only if a user connected to SSL VPN?

    when i remove the Any IPv4 and leave the Remote SSL VPN Subnet which is the IP range when my vpn connects, the website will not work. I've tried this under it's same... maybe i am thinking wrong. But What I wanted to do is that to allow users to be…
  • Sophos XG Firewall - WAF Rule - Multiple Domains and One Public IP

    Hi Everyone, I'm a little new to Sophos XG Firewalls and really firewalls in general. I always thought it was not possible to host multiple services (e.g. websites) on the same port and public IP address but when I started to play with Sophos XG Home…
  • WAF at XG and change of web server name related to config at IIS

    Hello, I need to make publication of server via WAF on XG, but I have complication in names of server. Its public name is something like this : webapi-srvr.company.cz Its internal name is something like this : webapi-srvr-int.cz.company.net …
  • Sophos XG 18 WAF Setup - Wiki/FAQ useless

    Good evening, I come from the SG group and wanted to convert to XG. Currently I am doing all this as a home project. Apparently not all features of the SG have been migrated to XG or have been converted to XG in a very complicated way. WAF was one of…
  • No data is Web Server Protection Log (XG v18.0 MR3)

    I created a fresh WAF rule on the firewall. The log option disappears and I am not getting any data for incoming connection in the 'firewall' or 'web server protection' logs. Here is a snippet of the reverseproxy.log if that helps. AH00112: Warning…
  • WAF with Exchange 2016, Client not sending random mails

    Hello together, I had a strange behavior with some of my clients which are working from home (outside of our company network). Problem is/was that some mails get stuck in the outbox of outlook. These mails are completly random, but once they get stuck…
  • Unable to disable WAF rule via API

    I am trying to make changes to a WAF rule via the API. This is all in relation to a larger effort to automate Let's Encrypt renewals. I have ready many posts on here and found a few smaller github repos with examples but none of them get the entire workflow…
  • XG v18 mr3 WAF bypassing any authentication policies on rule??

    Ive just setup a WAF rule for an internal WWW server and setup to use Forms with Passthrough auth policy, but to my shock no auth form of any kind was given when browsing the url meaning i hit the internal page instantly. Ive tried all sorts in attempts…
  • WAF no webserver configured - couldn't start

    Hi there, I had a WAF rule configured for month. Since update to SFOS 17.1.3-MR3 I realized I couldn't edit my previously configured WAF rule. This is due to the WAF service isn't even running. It says there are no web servers configured. I deleted…
  • XG WAF does not detect SQLi in JSON payload

    Hi, I have hosted a web service protected by XG 210 WAF feature, although related features are configured correctly, my test shows that simple sql injetion strings in JSON fields, pass through without being detected. is there any known limitation…
  • Imported certificates not listing in Business Application Rule (BAR)

    I recently performed a factor reset on my XG 85 to resolve an issue with the WAF service causing the BAR firewall rules to hang. Now when I create a new BAR (Exchange General specifically), the certificates that I imported do not appear in the HTTPS Certificate…
  • WAF Status "Unregistered"

    I've come to set up my first WAF Business Application Rule since getting started with the Sophos XG firewall, but have discovered that the WAF Service seems to not be running. From Configure -> System Services -> Services, it lists the WAF Status…
  • WAF for Plex Media Server - 401 Unauthorized

    Hello Guys, at the moment I'm strugeling with the WAF on the XG Firewall. I wan't to configure an WAF for my Plex Media Server. The Problem at the moment is, if I'm trying to access to Plex from external I get the HTTP Message: 401 Unauthorized. I…
  • WAF function doubt

    We are facing an issue with the functionality of WAF. I’ll try to explain with as much details as possible. We have a domain (zzzz.com) with two subdomains: xxx.zzzz.com and yyy.zzzz.com. Both subdomains are directed to a protected web server (rules…
  • Web Server configuration.

    Hello all, I've been looking for information about the correct way to use the web server module on XG but I couldn't find anything. Also ask to a Live support agent on chat and he didn't have any document that could help me. So, what I want to know…
  • Firewall Rule Changes disconnect all traffic

    Hi, When I make a change to an (unrelated) firewall rule, particularly a WAF rule, the firewall will disconnect all sessions for all rules/sites for a few seconds. This happens for all of our hosted websites. For example: 1. Make a change to Website…
  • Redirect domian and/or subdomain to a specific path on an internal webserver

    My objective is to combine path-specific routing with domains & subdomains. I have a web server internally that hosts two separate sites: One site at http://192.168.100.100 (or http://internal.hostname ) A second site at http://192.168.100.100…
  • Where can I find the WAF common thread filter rule ID?waf

    Hello, i use the WAF common thread filter and try to get the rule ID´s to skip spezific rules like it is described in this KB: https://community.sophos.com/kb/en-us/122833 The example in this KB: [Tue Nov 03 17:53:46.196698 2015] [security2:error…
  • Search for a rule ID for WAF common thread skip filter

    Hello, I have a issue with the Web Server -> Protection Policies on a 17.0.3 MR3 VM. I activated the common thread filter and reject mode. Now I try to find the id for "skip filter rules" in the log file. There is a Knowledge Base ( https://community…