Important note about SSL VPN compatibility for 20.0 MR1 with EoL SFOS versions and UTM9 OS. Learn more in the release notes.

  • XGS116: Website does not load correctly

    Hello We have 2 Sophos XGS 116 and one website is not displayed correctly. The main.css file does not download or can't be encoded. I have created a ticket and already had a troubleshooting session with someone from Sophos. So far, we can't workaround…
  • Multiple CAA Clients Not Able To Connect At The Same Time

    Running into an issue and I'm at a loss to find the answer. Essentially when I first set up my XG firewall (Home User) I was able to successfully configure CAA access for all my endpoints and everything was working fine. About 2 weeks ago the firewall…
  • SD-WAN Profile failback with VPN Does not work.

    Hello Dear Partners! I configured an SD-WAN Scenario with Two VPN Tunnels and then created an SD-WAN Profiles. as the image below: I did the following Test I dropped the Main Link VPN_MTZ_1 and Sophos Quickly switched the Route to the Backup…
  • Open VPN cant connect to Sophos XG

    Hello, from one day to another I cant connect to XQ (latest Firmware). Opebn VPN sayes (I wil post only RED sections here): Fri Sep 2 15:43:48 2022 WARNING: Compression for receiving enabled. Compression has been used in the past to break encryption…
  • Sophos XG 450 - /var/newdb/base/16386 full

    Hey all :), our XG just notified us, that the disk is full. After a little search on Google I purged all available reports. Sadly it did not help. Is there something else i could do. Our Firewall is runnning the latest Firmware that is available 19…
  • Sophos Connect client unexpectedly logged out of the firewall

    XG Firewall version 19.0.1 MR1 build 365 and Sophos Connect 2.2.75 client are affected. After a successful IPSec connection, after a few hours, the user is unexpectedly logged out of the firewall. The IPSec connection itself continues to work, but any…
  • Central Accesspoints offline due to *.prod.hydra.sophos.com FQDN Host issue since 18.5 MR4 and also in 19.0 MR1

    There is an issue present is SFOS since 18.5 MR4 and still in SFOS 19.0.1 MR-1-Build365. We have a firewall rule that allows the required traffic from our AP and APX devices to Sophos Central. The Rule has *.prod.hydra.sophos.com as Wildcard FQDN…
  • Sophos Firewall: v19.0 MR1: IPS Update Question

    Hi, Not sure if this is a cosmetic issue, or something that needs further investigation - the IPS signatures are being reported in one part of the GUI as being old, but yet updated in another screen. Here it's showing Aug 26th But in this…
  • SFOS 19.0.1 Captive Portal not using singed certificate

    Updated Updated from SFOS 18.5.4 MR-4-Build418 to SFOS 19.0.1 MR-1-Build365 Captive portal is not using my uploaded signed certificate, Admin portal and user portal are using correct certificate. Same…
  • Client Authentication Agent not able to Login in Windows 8

    Dear all, We have recently upgraded firmware version v19.01 in our XGS2300 High Availability setup. After that we couldn't able to login into Firewall through Client Authentication Agent in particularly windows 8 devices and there is no problem in windows10…
  • PHP script for uploading Lets Encrypt certs is broken since 19.0 MR1

    Hi, I am using this script from user burton https://community.sophos.com/sophos-xg-firewall/f/discussions/129768/letsencrypt-api-update-script---dynamically-handles-multiple-certs-multiple-rules-including-re-grouping-of-policies-rules However since…
  • SNAT Rule for IPSec Tunnel not working

    Hello Community, I have an IPsec Tunnel with the Firewall IP (192.168.0.1) on local site and a Webserver (192.168.100.100) on remote site. The Tunnel is established. On local site I have a 2nd system (192.168.0.2), that should have access to the Webserver…
  • Unable to access Sophos XG when over remote SSL VPN with static IP

    I have created an ACL to allow myself access to my Sophos XG when I connect in using remote SSL VPN. It has always worked fine, but after enabling the use of a static IP, I can no longer access the sophos XG over HTTPS. I can access other devices on my…
  • SSL VPN locks user on failed password

    Hi, Using XGS 6500 with Sophos connect client (2.1/2.2). If someone mistypes their password just once whilst logging in to the VPN it locks the AD account. AD logs suggest 4 failed attempts by the firewall to authenticate against 2 domain controllers…
  • SSL VPN clients disconnecting right at 8 hours.

    Have a strange issue where anyone connected via the SSL VPN (Sophos Connect) will disconnect right at 8 hours. I've already checked the settings under Authentication > Services and they are set past 8 hours. Under Maximum Session time-out it is at "Unlimited…
  • Help routing specific device traffic across layer 2 connection

    Hello there, I’m trying and failing to route all internet traffic from device 10.5.15.20 at SITE B across the layer 2 MAN and out ISP1 WAN at SITE A. I’m trying not to impact any other traffic at SITE B with this configuration, only internet bound…
  • Received drops

    Hi guys There is one thing that caught my attention, What does Received drops mean? Thank you
  • Xg115w failure to reconnect automatically

    Hi folks, early this morning my Australian nbn connection failed. When restored the internal networks were not able to access the internet even though the wan status up. The issue being the XG did not request a new a new address. I restarted the nbn…
  • AntiSpam Service died-v19

    Hi After Upgrade Sophos SW-19MR-1, the AntiSpam Service died and I Can't Start Service. ApplianceCertificate was also regenerated, but it didn't work. Please, guide me Tanks
  • Too many inbound emails blocked by RBL check

    Hello Community, in the meantime, we are receiving more and more complaints from our customers that too many emails are no longer arriving. I have noticed that many previously problem-free and unblocked emails are blocked by RBLs. After I removed the…
  • XGS2100 does not synchronize with Sophos Central

    Hello Community, I have added a new XGS2100 (SFOS 19.0.1-365) to Sophos Central. When I move the firewall to a group, the synchronization of objects starts briefly and stops after a few seconds with the message "Error needs attention". On the firewall…
  • Can't register SFV4C6 to Central nor via OTP neither via account

    After problems with VI-19.0.0_GA.VMW-317.zip I deployed new SFV4C6 from VI-18.5.4_MR-4.VMW-418.zip, updated with VI-19.0.1_MR-1.VMW-365.sig, deregistered old SFV4C6 from Central, made a backup and stopped it and upload backup to new SFV4C6. I am repeatedly…
  • 19.0.1 - apple captive portal issues

    Before I throw up a load of detail, I was just interested if anyone else has had any issues with captive portal displaying on apple devices since the 19.0.1 upgrade?
  • Repeated "Cannot establish NTLM authentication channel with [domain]" messages in Authentication

    Hi All, I have an XGS2300 and just updated from 19.0 to 19.0.1. Everything authenticates. Users can access remote access IPSEC, WiFi (through Radius), and User Portal. But I keep getting the message "Cannot establish NTLM authentication channel…
  • Protection Policies - "Save" Button not Working

    Hello all. I'm trying to add a new "Protection Policy". When I fill in everything and press "Save"... nothing happens. I think the "Save" button goes from a dark blue to a lighter blue, but nothing saves, no messages, no refreshes, nothing. No feedback…