Important note about SSL VPN compatibility for 20.0 MR1 with EoL SFOS versions and UTM9 OS. Learn more in the release notes.

  • Alte Sophos XG als WLAN Controller für AP55

    Guten Morgen! Kurze Frage, wir haben vor kurzem unsere XG durch eine XGS ersetzt. So weit so gut. Wir haben noch ein paar AP55, die ja nicht mehr von der XGS unterstutzt werden. Jetzt kam mir die Idee, die alte XG als Basis Firewall und WLAN Controller…
  • Sophos Firewall: SSL VPN - Auto Connect Client On Start-Up Using Provisioning File

    Disclaimer: This information is provided as-is for the benefit of the Community. Please contact Sophos Professional Services if you require assistance with your specific environment. Table of Contents: Overview Configuration Related Information…
  • Sophos Clientless SSL VPN RDP Bockmark

    Hi there, I am looking to configure a RDP Bockmark to allow our user to use the terminal servers on the road without using a VPN. Because of security reasons I want to use NLA, my question woud be is there any way to give the user the ability to change…
  • Firewall issue ping

    I recently add a new firewall for the branch office , so we have 2 firewalls one for the main office and one for the branch office, branch office can ping our ip's, but we from Main branch we can not ping any of their ip's, not even 1, it's really strange…
  • Rant - SSLVPN with Duo RADIUS Proxy Change after SFOS 20.0.0

    So, I wanted to post a bit of a rant here regarding an undocumented change to RADIUS authentication after SFOS 20.0.0 that has broken my DUO MFA implementation. For years I have had my users added from AD and I was able to pull multiple groups through…
  • Problem with URL Filtering

    Hello everyone!! I have a problem accessing a certain GitHub URL. For example, when I try to update Pi-hole the address objects.githubusercontent.com cannot be resolved: At first, I thought it was an issue with Pi-hole itself or with openDNS…
  • Frage Sophos SD-RED20

    Hallo ihr lieben, vielleicht hat jemand einen Rat für mich. Bis her haben wir eine Arzt-Praxis betreut, die eine Nebenbetriebsstätte hatte. Am Hauptstandort ist eine Sophos 107, die Nebenbetriebsstätte hatte eine SD-RED20. Die beiden Praxen teilen sich…
  • Sophos connect_2.3.2- installation issue.

    hi, i am trying to install SOPHOS connect but it is not being installed. detail is given below: Sophos connect_2.3.2-VPN.msi Microsoft Surface Laptop, 7th Edition Processor: Snapdragon(R) x 12 Core X1E80100 @ 3.40 GHz 3.42 GHz installed RAM: 16GB
  • HA

    Hi, we are using xgs3300 that is connected with Sophos central existing device is fully configured and in production we are planning to add one more device for ha. 1.if i will add one more device in ha the existing configuration backup i need to…
  • Site-To-Site Sophos <-> AWS VPC: BGP Issues

    Hi, we have a site-to-site tunnel from Sophos Firewall to AWS. Several local (sophos side) networks are appearing in AWS routing tables correctly. However, the SSL-VPN network will not appear in AWS routing tables. When I check bgp information…
  • XGS 136 rev2 Hardware Project Z136- 0.07 / 0.08 x64

    Just for my own curiosity, what is the difference between those two hardware models? Project Z136- 0.07 x64 Project Z136- 0.08 x64 faulty rma The faulty device has no network connectivity on Port 10,11,12
  • Site to Site VPN Authentication on reboots - Change PSK works

    I have multiple Sophos site to site VPN's back to a central router. Whenever any of the sites losing connection they all re-connect except for 1. The Sophos VPN logs show "Couldn't authenticate the local gateway. Check the authentication settings on both…
  • v21 Third Party Feeds

    Hey all With v21 accepting third party feeds I was hoping toi ingest the CTIS data from the ACSC but its in STIX format and the v21 only supports IoC one per line format. I have found a couple of IP Lists to pull threat data from to add. TorNodes…
  • Sophos SFOS v21 WAF

    Dear all, I have Installed the Sophos SFOS 21 on a VM on Hyper V, and I am facing Issues with the WAF. I have a internal WebServer where you can gain access over Port 8080, I want to know if it is possible to access the WEB-Server over Public…
  • Maximizing DLP using ONLY Sophos Firewall: Has anyone done it?

    Hey everyone, I'm aiming to achieve the highest possible standard of Data Loss Prevention (DLP) using only the Sophos Firewall, without integrating any additional systems or solutions. I don't have any specific requirements; my goal is simply to experiment…
  • Bloqueio conecxão App itau Desktop

    Olá Pessoal tudo bem? Me Chamo Marcos, estou fazendo a primeira implantaçao de um Firewall Sophos em um ambiente, o equipamento é um (XGS 107 Security Appliance). Fiz toda configuração inicial e ele ainda esta em modo padrão sem nenhum filtrou ou…
  • Firewall behind ISP Router

    Is there a way to check if the ISP router doesn't supports IKE2 causing IKE2 IPSEC tunnel to fail. A troubleshoot method or guide ? This is to proof to Service Providers that the problem lies in their end and not firewall.
  • AD SSO operations

    Hi, I’m struggling to find documentation about how Active Directory SSO operates (as opposed to how to set it up). The kind of questions I have are… Is the initial browser authentication transparent, or does the captive portal appear for login? …
  • XG firewall - Local ID for traffic

    Hello all, I currently have a XG firewall (FW-1), connected through IPSEC tunnel with another (FW-2). FW-1 has two LAN zones (LAN-A and LAN-B), both allowed through the IPSEC tunnel. FW-1 sends log messages (originated from the firewall itself…
  • ssl vpn query

    I have a question about SSL VPN auto connect. Can the user receive an automatic connection to the SSL VPN after restarting their computer and connecting to the internet?
  • Sophos Red 20 General Internet Access

    Hi, We have a RED 20 device that we recently purchased as a test device before looking to set multiple up across different sites, however we have found that our organisation's manual proxy blocks any internet access to anything not included in the proxy…
  • query related to sophos xgs wireless firewall.

    I have configured sophos xgs 107w firewall but i want to view users which are connected through wireless ssid
  • High availability upgrade to a different firmware version

    I have a question regarding updating a HA setup from Firmware SFOS 19.5.3 MR-3-Build652 to SFOS 20.0.2 MR2-Build378. Since this is an update to a different version, does the same principle apply here where the Auxiliary is updated first, followed by the…
  • SW-21.0.0_GA-169 and asrock b650d4u

    hi i disabled secure boot and then did a fresh install on an nvme drive it stucks on boot "booting 21_0_0_169" any info or help appreciated thanks
  • IPsec Remote Access not Receiving traffic

    I need some assistance please. Also i am new here, in the community. My ipsec remote access sends traffic but does not receive. See the screenshots of my configuration: