We manage 241 firewalls via Central for our customers. We have management from the internet locked down. When performing a packet capture in the WebUI, there is a "Display Filter" button. If I want to filter on a specific rule, I have entered the Rule…

We have a sophos xgs with several ipsecn vpns site to site running. the Sophos XGS is responding to some VPNs that are without fixed public ipv4 adresses. One VPN incoming has no fixed static ip adress, but i need to enter that ip-adress at xgs to…

SFOS 19.5.1 I have wireless protection enabled in SFOS using a Sophos AP. I recently created an MAC host group with a whitelist of MAC addresses of devices that can connect to the wireless network. Recently an Android device that was previously authenticated…

Where can I find a description of the messages I find in the networkd.log? I'm looking for how to tell what might be going wrong with the wan dhcp request on my port2 on one of my XGS107's that is unable to renew an ip address. Can I disable the GuestAP…

I have used WinSCP with my XG firewall to read the logfiles because I'm not a linux propeller-head guru. Now I'm having an odd WAN dhcp problem on my new XGS firewall, when I go to the logs up pops a dialog box saying /logs/tslog is empty. What's up with…

Hello, We have received the alert notification "Reports disk Usage reached 90% exceeding the higher watermark of 90%". Kindly guide me before doing purge how I can download that data and then purge.

How does one enable logging (so one can see it in the Log Viewer in the management web interface) of IPS events. Every time I have a IPS problem, I get email notifications but the IPS Log Viewer tab is empty - how can i get it to populate? Regards…

I have a firewall rule (rule 20) which is a "log and drop" rule at the bottom of the IPv6 rules. But I'm seeing something very weird: some of the time it says "Denied" and some of the time it says "Allowed". There are no exceptions in the rule. Not only…

I have an XG125w (SFOS 18.5.2 MR-2-Build380). A while back, I had a website that needed a web exception for SSL/TLS decryption and scan. The domain needed did not appear in the SSL/TLS log viewer. I opened a ticket with support and they gave me some…

I am very disappointed in the error reporting functionality of the XG v18 firewall. Actually, the error reporting just isn't useful at all. Today I have a bounced message due to certificate issue on the recipient end. But the only way I know that is a…

Hi I have noticed weird logging and reporting behavior on the XG when transfering more than 4GB during one connection session. I tried to reboot the firewall, but no difference. You can see results of some of my tests below. Reports and policy counters…

Hi, I have tried opening a support ticket as well as searching on these forums but I cannot seem to get a straight answer. I'm using an XG450. With Covid making work from home mandatory for a lot of employees, management is now asking me to produce…

How can i see if and where a Host- or Group-Definition ist used in XG Konfiguration? With UTM every Entry had a Button for this. why is it not realized in actual Software Release

Hello, I have been testing the use of clietless access VPN with a customer and we found that there's not info on the reports for this VPN. We are using those bookmarks to give access through RDP to some servers. Alls the bookmarks works and the users…

I created and deleted some local users on XG. Logging for creation is OK - I can see who created a user and see the username of the new user. When deleting, the user name field is empty and the usernames that had been deleted are not logged. It just…

I am unable to find the logs for the remote SSL vpn users on the reports dashboard. I am able to find only the username and internal ip the sophos xg has issued to the user. I cant see time, date of connection including what public ip address from where…

Hi all, I trying integrate sophos XG with iView (SIVOS 03.01.2) , but nothing is sent to iView by XG ( SFOS 17.1.0 GA) . My configuation: iView: XG: what happened?

Wow....I have a much faster internet connection that I could possible imagine...and one that would have 99.9% of the worlds population in envy! Never even knew I had a connection that was 214TB :) Joking aside - is there anyway to be able to fix the…

Hello, I am looking for a way to dump all of the admin logs. If I am in the GUI log viewer, the section titled 'Admin' is what I am looking for, but I want those logs going back further than the GUI provides. I have looked in the /log directory from…

Hi Guys, I am new to Sophos XG Firewall and currently i am working to integrate Sophos XG with OSSIM for security event monitoring (SIEM). I am able to forward all logs to the OSSIM but there is one more logs that i can not send to the SIEM, yes it…

Hey Guys I've enabled outbound spam filtering on my XG 115W firewall as I was ending up on email blacklists. I've also got an Exchange 2010 server running behind the firewall. I'm getting some weird outgoing email traffic in my XG firewall. In the…

Hello, Since the 17th of March, I have an issue with iView. Before the 17th March the "Allowed Traffic Overview" was working well and the "App Risks & Usage" report too. But since the 17th March, the "Allowed Traffic Overview" is empty, and the "App…

XG SFVH (SFOS 17.0.6 MR-6) Win10 Hyper-V (1709) XG guest has 2 vCPU, 4GB RAM, 127GB vHDD, 2 vNICs in XG1 guest mapped to separate physical NICs on host. WiFi includes 2@ AP15, running main and guest networks, both registered and working fine. In System…

XG230 running 17.5 MR5. I want to be able to see traffic aimed at our 2 external IPs. In a previous position I had installed an ASA5508 and would see traffic on the external interface that was denied. Everything from login attempts to IP spoofing. I would…

Hello guys, i builded an new active - active cluster with my two XGs. Now I have one question: The Network traffic is going through both devices. But now I want to see the reports of my Network traffic from both Appliances. In the Reports Tab of the appliance…