Hey everybody, actually I have a couple of Applications I Host behind the Sophos. When I need the BigBlueButton Server I change my HTTPS access from OWA to BBB. How can I use all of them (NextCloud, OWA, BigBlueButton, Wordpress) at the same time…

I noticed this just recently when a client's servers were down for maintenance. If you set up a WAF rule with a target of an FQDN host, and if this host can't be resolved, the error message contains the name of the internal server, eg: The proxy server…

I am on 18.5 MR2 Build 380. Every time I reboot the firewall, the WAF is not starting. In reversproxy.log these same lines appear every couple of seconds: [Fri Jan 28 16:02:27.194845 2022] [core:warn] [pid 17313:tid 139992993545088] AH00111: Config…

I have a nginx web server, Sophos XG and websites goes through cloudflare. I am trying to configure the WAF so I tried 2 different things with the same result One was to create the certificate as explained here https://community.sophos.com/sophos…

When updating a Cert from year to year. Why does the "Domains" in a waf rule reset to default. This is annoying. If the coverage of the cert is the same it shouldn't reset the field.

Hi, We've a XG230 running SFOS 18.5.2 MR-2-Build380 Under Web Server -> General Settings -> TLS version settings I have three options. TLS v1 or later TLS v1.1 or later TLS v1.2 We have TLS v1.2 selected. I've checked and can confirm…

Hi! I've bought an Alpha SSL wildcard certificate. I've imported it i my XG 125 But when I go to the WAF firewall rules, I don't see it What stem am I missing? I've done it some years ago, but...I can't remember! Thanks!

Hello, I am trying to set up a WAF rule on an XGS. Basically the setup is clear, but I can't get a connection from the WAN to the webserver. I tried to find out by log why it does not work. but I do not get further. I use : SFOS 18.5.1 MR-1-Build326…

If you try to clone a WAF rule in your XG 18.5-MR1. They don't work. I was scratching my head getting a forbidden message after cloning an existing WAF rule. Destroyed it and recreated and it works.

We have many WAFs configured in Azure and they seem to modify the content of CSS files even though there is no logging of such event. Is there a way to turn on debugging, etc.? Now it seems to be doing something to OIDC calls after IPS pattern updates…

Good morning: I have a Sophos xg230 with the SFOS version 18.5.2 MR-2-Build380. I would like to configure the Waf with the following scenario: 1 public ip address 2 different domains 2 different servers I configure the waf rule with the web1.sophos.com…

Hi, Any one can help my to share the documents / tutorials regarding the WAF configuration in XG. Thanks and regards, KS Ghosh

Hi, does somebody successfully pblished Windows Terminalserver 2019 with Sophos XG? If yes: Any hints how to? I am able to get the rdweb page available from outside. But when starting an app the comes user credentials pop up from internal server…

We have an issue trying to configure additional ISP for publishing the Exchange's OWA to internet. At the moment the publishing is working for the active ISP and is configured as follows. - User Portal configured to use port 443 and to use xg public…

Hi All, I have a web server running behind a WAF rule. I cannot find a way block traffic from outside North America inbound. I used to run these behind a DNAT and I could specify this, but cannot in WAF (unless I am missing something). Thanks in advance…

Hello, I am new to the concept of WAFs. One of the reasons we went with the Sophos is because it has WAF capabilities. When the WAF was originally set up by our cloud provider, basic settings were configured and it was put in "Monitor" mode so we could…

Hi, actually i fail with installing a Remotedesktogateway and the Webserver Protection. Reverseproxy Error when try to login to RDGW. [Sat Dec 11 13:02:04.941531 2021] [proxy_http:error] [pid 3252:tid 139836996437760] (104)Connection reset by peer…

Hi there. When i moved my web server from standard dnat to waf rule all incoming packets in server have scr address = wan interface. Is it possible to set up WAF without changing source addresses of incoming packets? I need to see on the web server…

We are running a WAF on a virtual appliance with SFOS 18.0 installed. In the firewall rules created for WAF forwarding, two Exceptions are set. In the first exception, two Advanced items are checked for "Any IPv4". In the second exception, all security…

Hello, since version 18.0 MR5 it should be possible to share port 443 between User Portal, SSL VPN and WAF. I have configured WAF rules for Exchange Server (TCP 443), which is working fine. SSL VPN is configured to use UDP 443, which is working as well…

Hi. I recently decided to put my Emby server behind Sophos WAF, rather than opening port directly that points to the Emby server docker container. I believe this is safer? I was able to set up http. How do I set up https for this? I noticed playback…

I have WAF on two web servers. One Exchange and one private cloud site. When I turn on any Common threat filter, it cannot be upload attachments larger than 1 MB.

Hi, Running an XG310. I have a web server running behind this device and also have a WAF rule for protection. I want to specify which URL's are accessable to the outside world. For example, if I was running www..123.com behind WAF. www.123.com/everyone…

Hello Community. Im hosting some assets on Synology box. one of it is Synology Drive. Its accessible from WAN - mainly it works as "One Drive". I have been create a discussion asking for help https://community.sophos.com/sophos-xg-firewall/f/discussions…

Hello Community. Is there any information that Sophos XG appliance is inspecting traffic between Sophos ----> Server ? Simple scenerio: [WAN INTERNET] --------> (SophosXG_WAF Rule) -------> "Synology Server with a few services on non standard ports…