Hello, Is there a way to update a certificate that is used in WAF Rules without touching every WAF rule?

Hello, Does the Sophos XG/XGS WAF (18.5) really work with recent Exchange and RD Gateway (2016/2019/2022) ? I have searched in community, in manuals, all over the internet, but I didn't find any "clear" answer, article or procedure with a WAF configuration…

hi, i am configuring WAF , so that server which is behind the firewall woudl be access over interner securely. i configured WAF, getting following error Proxy Error The proxy server could not handle the request. Reason: Error during SSL handshake…

Hi all, I have the exact problem as described by this member below. Basically, I have the radius and duo authentication proxy working fine for the user portal and SSL VPN but it won't work with WAF. The WAF authentication form seems to send multiple…

Hello all I need to reidrect all external HTTP traffic into HTTPS traffic before it reaches the clients. this need to be done without the need of any action needed from the clients side. is this feasible ? and do we need to purchase an SSL certificate…

Hello, We did a Pentesting for 5 days on your Website which are behind XG WAF Firewall. In the firewall rule, Advanced, Protection, We create a protection policy with is in Monitor Mode So now I would like to see if we have log of the Pentesting…

Hi, how to define a WAF rule to reach the portal via port 443? Portal is reachable via port 4443, but the WAF rule seams not to work. We use SNI to direct the WAF rules to the right server. Works that way on UTM, what did I wrong? Thanks Henri…

Hello, I would like for SOFS 18 to authenticate users on the device before granting access to a web server using WAF. I found the article below but refers to UTM 9 and I can't adapt to SOFS 18. Can anyone help please? Thanks support.sophos.com…

Hello Community, for one Web-Service we need to pass a WebSocket through the WAF. Is it possible to create a rule for " wss://" Traffic? Thanks, Ben

At a Pen Test for one of our websites behind WAF we received the message that the server was using only Default Prime Numbers. How can we change this?

I've followed KB-000041605 and the Posting from KingChris and changed the entry in the file /usr/apache/conf/httpd.conf After that I've restarted the WAF service. Still there has been no change in the reported Active Cypher Suites on the SSL LABS…

Hey Fam, dows anyone ever worked with Webserver protection and bigbluebutton? I´ve created a new webserver (https) and called everything that comes to bbb.domain.com go to my internal bbb server. So far so good, I can login, I can browse BUT when…

Hey everybody, actually I have a couple of Applications I Host behind the Sophos. When I need the BigBlueButton Server I change my HTTPS access from OWA to BBB. How can I use all of them (NextCloud, OWA, BigBlueButton, Wordpress) at the same time…

I noticed this just recently when a client's servers were down for maintenance. If you set up a WAF rule with a target of an FQDN host, and if this host can't be resolved, the error message contains the name of the internal server, eg: The proxy server…

I am on 18.5 MR2 Build 380. Every time I reboot the firewall, the WAF is not starting. In reversproxy.log these same lines appear every couple of seconds: [Fri Jan 28 16:02:27.194845 2022] [core:warn] [pid 17313:tid 139992993545088] AH00111: Config…

I have a nginx web server, Sophos XG and websites goes through cloudflare. I am trying to configure the WAF so I tried 2 different things with the same result One was to create the certificate as explained here https://community.sophos.com/sophos…

When updating a Cert from year to year. Why does the "Domains" in a waf rule reset to default. This is annoying. If the coverage of the cert is the same it shouldn't reset the field.

Hi, We've a XG230 running SFOS 18.5.2 MR-2-Build380 Under Web Server -> General Settings -> TLS version settings I have three options. TLS v1 or later TLS v1.1 or later TLS v1.2 We have TLS v1.2 selected. I've checked and can confirm…

Hi! I've bought an Alpha SSL wildcard certificate. I've imported it i my XG 125 But when I go to the WAF firewall rules, I don't see it What stem am I missing? I've done it some years ago, but...I can't remember! Thanks!

Hello, I am trying to set up a WAF rule on an XGS. Basically the setup is clear, but I can't get a connection from the WAN to the webserver. I tried to find out by log why it does not work. but I do not get further. I use : SFOS 18.5.1 MR-1-Build326…

If you try to clone a WAF rule in your XG 18.5-MR1. They don't work. I was scratching my head getting a forbidden message after cloning an existing WAF rule. Destroyed it and recreated and it works.

We have many WAFs configured in Azure and they seem to modify the content of CSS files even though there is no logging of such event. Is there a way to turn on debugging, etc.? Now it seems to be doing something to OIDC calls after IPS pattern updates…

Good morning: I have a Sophos xg230 with the SFOS version 18.5.2 MR-2-Build380. I would like to configure the Waf with the following scenario: 1 public ip address 2 different domains 2 different servers I configure the waf rule with the web1.sophos.com…

Hi, Any one can help my to share the documents / tutorials regarding the WAF configuration in XG. Thanks and regards, KS Ghosh

Hi, does somebody successfully pblished Windows Terminalserver 2019 with Sophos XG? If yes: Any hints how to? I am able to get the rdweb page available from outside. But when starting an app the comes user credentials pop up from internal server…