Important note about SSL VPN compatibility for 20.0 MR1 with EoL SFOS versions and UTM9 OS. Learn more in the release notes.

  • smtp quarantine items cannot be deleted from web console

    Hi, and thanks in advance for any help. we have some items in the smtp quarantine that cannot be deleted from the console. Can we ssh into the firewall and delete form the file level? I have found a directory /var/quarantine but not not sure if I…
  • Block Nudity Images in searching.

    Hello Good Day, Im using Sophos XG 135 and web policy roles are working well but after a while when I search for sex images they appear but do not open the website. So please how to not appear in searching engine. I tried the article that closes…
  • SSL Inspection - Websites showing up as Insecure despite having added Appliance Root CA

    Hello, I am setting up a new firewall, and feel like I am missing something. The default settings are currently applied for SSL Inspection. I have downloaded the Appliance Root CA from the Web > General Settings, as well as the resigning certificate…
  • Can't get ESO updater to work as exception, any ideas?

    I play a game called elder scrolls online. Everything works other than the updater will fail to update with error code 102. This usually is a server side error however I know it's my XG becasue I can use a different router (Netgear) and it will work.…
  • EMAIL scanning - IMAPS marks messages as possible spam

    Hi folks, I am trying to understand why my XG115W tags my daily reports from the XG as being possible spam? Below is the mail scanning rule that causes there issue. The mail rule is a XG default rule and has recently started the action.
  • Web Filter Leak websites and block undesired sites

    Hi I have a SFVUNL (SFOS 19.5.2 MR-2-Build624 i made a web filter with application filter for social media.. after than i found facebook not- block twitter some times blocked some times works Yahoo blocked msn blocked in general i found…
  • Scan inncoming POP emails

    Is it possible to set up the XGS126 to scan incomming pop mail attachments on mailware?
  • How to config waf without domain

    I want to set up a WAF on the firewall, but a domain needs to be set in the WAF rules. My server does not have a corresponding domain, how should I set it? I checked the official website manual, but I don't quite understand the statement in the manual…
  • Url filtering in guest wifi

    Good morning, i installed sophos firewall to use it as wifi guest access, through the hotspot feature. I also bought the standard subscription, so with web Protection the possibility of doing url filtering. I then loaded the CA of my public domain, to…
  • SMTP SSL/TLS on Port 465/587 Local_ACL Violation?

    Is the firewall (MTA mode) not accepting SMTP with SSL/TLS also on port 465/587? My Epson printer is not able to connect on 465/587 with the firewall: /log/smtpd_main.log -> nothing in log /log/smtpd_reject.log -> nothing in log ACL violation? Source…
  • XGS webserver protection on port 8080

    Hi y'all, I am struggling with the following scenario: Webserver protection works fine for several sites. Now I would like to protect an internal web service that should be available via https (yes, http S ) on port 8080 (I know...). Webserver Protection…
  • Possible to implement site by URL?

    Hello Sophos Community! I've got an XGS126 running 19.5.2, and I would like to be able to block Youtube Shorts, which are hosted at `www. youtube.com/shorts`, while conversely not blocking youtube.com on the whole (lots of learning/training available…
  • XGS - Mail Security

    Hey Sophos experts, We are about to switch our UTM SG against XGS soon. Currently our reseller is not really advertising the Mail Gateway in XGS and is proposing to get another mail solution. The reason: according to them, the XGS has an open mail relay…
  • Can I release mails by content type in xgs 19+?

    If an email with the MIME type content (image/png) is blocked by the previous UTM solution I could release it in the "Mail Manager" in the tab "SMTP Quarantine". Can I achive the same in the XGS solution? regards
  • Web policy XG Home SFOS 19.5.2 MR-2-Build624

    Web policy set up for a time quota is not working. Policy quota status never shows anything active. How is this set up to work properly?
  • Sophos XG, Mail Protection, multiple external IP addresses and DNAT. Mail Protection listens on all WAN IPs we need it only on 1.

    Dear Sophos Community, we are facing the following situation: - 2 WAN IP addresses - 2 Interfaces each holding one of those IPs - we need one WAN IP address on the Mail Protection feature (incoming mail from the Internet) - we need the 2. WAN…
  • SFOS MTA: SPAM-Quarantine: cant whitelist newsletter bounce (false positive)

    Dear Community, my name is david lorenz from germany. We have a problem with many of our customers. They get mails from newletters. The probel is that the sender does not send with the correct domain. So I cant whitelist the domain as wildcard in…
  • Bug: downloading webproxy CA results in admin logout

    Hi, when downloading the Proxy CA here: this logs you out of webadmin immediately. SFOS 19.5.2 MR-2-Build624 XG and XGS
  • One Specific Image set not loading in the Website

    Hi, One of our customers facing a weird problem, when they access their official website (Hosted in the AWS) through the firewall one specific image set is shown as a corrupted image. But when we access the website using a dongle or router, photos are…
  • MS365 install through XGS136

    XGS136 wearing SFOS 19.5.2 MR-2-Build624. Planning an MS365 deployment which will take place through execution of the MS Deployment Tool with a configuration file, as per Deploy Microsoft 365 Apps from the cloud - Deploy Office | Microsoft Learn . …
  • Block Facebook and WhatsApp Web

    Hello Everyone, I want to block Facebook website and WhatsApp Web using the Sophos XGS107 Firewall. It is running on latest firmware. Can someone guide me on how I can block these websites using Web Policy. Any help would be appreciated. Thanks…
  • No longer receiving Sophos XG emails (Such as daily reports or Password of the day)

    I'm not sure if i should be posting in this section or the XG Firewall section. Long story short, we have implemented DKIM,DMARC, SPF and TLS for our emails. (Google Workspace). Everything is working as expected with the exception of emails sent…
  • web policy block url is no work

    Hello Im try to block a url used sophos firewall (Ver. 19.5.1) according to this KB my config step is 1. Create a Web Categroy and add the url 2. Create a Web Policy and active block the category http / https 3. Create a Firewall Policy…
  • HTTPS scanning certificate authority (CA) cert from settings not in use

    - Web -> HTTPS decryption and scanning -> HTTPS scanning certificate authority (CA) -> "Default" cert in settings - Profiles -> Decryption profiles -> Block insecure SSL -> "Default" cert in booth Re-sign settings - what is in use -> "SecurityAppliance_SSL_CA…
  • problem after installation SFOS 19.5.2 MR-2-Build624

    Hi, after our installation of the firmware SFOS 19.5.2 MR-2-Build624 we have problems with sides with the follow error: Dropped due to TLS engine error: messageid="19006" log_type="Content Filtering" log_component="SSL" log_subtype="Error" severity…