Important note about SSL VPN compatibility for 20.0 MR1 with EoL SFOS versions and UTM9 OS. Learn more in the release notes.

  • 3rd DHCP Server - Sophos XG

    Hello people. I am configuring the DHCP server for my client machines through Sophos XG. However, via the web, I can only assign primary DNS and Suncadario through DHCP Server. I would like to assign a 3rd DHCP. Any tips? Thanks.
  • NAT DNS Service to LAN address

    I want IoT devices to use my internal DNS server. I setup a NAT rule to translate inbound DMZ interface to destination internal DNS server and I have a matching firewall rule but the traffic is getting dropped. IoT device calls to 8.8.8.8 on Port 53…
  • XG initiated traffic being sent to ipsec0

    I'm having a few issues with an XG in place at the moment. Various things are failing such as checking for firmware/pattern updates, being able to use the web filtering feature and also using the inbuilt FTP backup feature. I have discovered that the…
  • Connecting to VPN via Sophos Connect uses remote DNS rather than local

    I configured my local DNS server (pfSense) to block access to certain domains. But, when I connect to my office's VPN with Sophos Connect, the domains are not blocked and nslookup shows that the default DNS is the remote server. Is there something in…
  • Custom DNS host entry for the client is not working as needed? XG17.5.14 and XG18.0.3

    I have an office A using 192.168.30.0/24 network. Office A LAN gateway IP is 192.168.30.170. And i have an office B using 192.168.22.0/24 network. Both office A and B has IPsec VPN connection. I added DNS host entry for Web-server01(192.168.22…
  • Can ping DNS Server but can't resolve any name

    I have a XG Firewall with an active SSL VPN. I'm now trying out Sophos Connect as an alternative / replacement and so far I was able to connect from my client to the firewall and access the resources as long as I access everything via the IP address.…
  • Firewall flood request to google

    Hi community, i am trouble finding the source of these google request's how do i stop this. 22:05:46.858375 lo, IN: IP 127.0.0.1.38637 > 127.0.0.1.53: 62194+ A? www.google.com.ar. (35) 22:05:46.958721 lo, IN: IP 127.0.0.1.38637 > 127.0.0.1.53: 62194…
  • Wild Card Blocking/Filtering?

    Hi everyone, How and where do I enable wildcard blocking? I want to block all the stupid, ",io" TLD's among others. Something like this; https?://[A-Za-z0-9.-]*\.io/ just not sure where to put it. Thanks in advance!
  • XG v18: Reverse lookup DNS request route in-addr.arpa.

    Is it possible to create a DNS reverse lookup DNS request route for internal network ranges? It is mandatory for a mail gateway but does not seem to work when I set it up like in the screenshot and help button is no help. It can be done in UTM / SG…
  • xg dns logging

    Either locally or through Central is there a way to perform 24/7 dns logging from multiple sfos 18 xg's that doesnt require tcpdump packet capture?
  • How can I create an IPSec connection with a domain as listenting interface?

    Hi! Currently I'm planning a deployment of an XG system at a customer site. We have to do a "soft switch" from the old firewall to the new one, because of the remote access VPN, which are already deployed. For the most part I don't see any major problems…
  • Turning off Sophos XG DNS server stops resolution of hostname (using external DNS server)?

    I'm using Sophos XG as my DHCP server but a separate device (Pi-hole) as my DNS server. Everything works fine and Pi-hole is functioning as expected. However, if I shut down the Sophos XG DNS service, I can no longer access any websites (i.e. no longer…
  • Add DNS to separate SSL VPN profile

    I have a SSL vpn profile (PROFILE 1) through which majority of my users login remotely if required to access the LAN For a small group of contractors i have created a separate SSL VPN profile (PROFILE 2), so they have access only to 1 resource (SERVER…
  • DNS Forwarding

    Hi, i have a VPN with two XG Firewalls. One Branch Office and a Headoffice. At the Headoffice side i have the Domain DC). Now i want to join Clients in the Branch Office to the Domain. For this an working DNS with forwarding to the DC is needed. …
  • How to clear DNS cache ?

    We are using XG230 firewall with latest firmware. We are web development company, we frequently update pages and DNS for our clients. But these changes not update for the users under firewall proxy rules. At same time, it is working fine with users without…
  • DNS / Name Resolution Timeouts on Clients

    I have a home network and I'm using the Sopohs XG Firewall to try to secure my home network. It works very well, but I've noticed something fairly annoying for the past several months. When I navigate to a web page after turning on my PC, it takes a while…
  • XG DNS best practices with AD/DNS environment

    Hello, I have read some KB and threads about DNS best practices for XG in an AD/DNS environment but they don't say all the same things... In the most of the environment I manage for my custommers, there are AD/DNS servers and XG, actually the XG don…
  • 2 ISP WAN and DNS configure

    Hi all, I configured a second WAN today. It looks good. Now I have two ISP’s. If WAN1 goes down. WAN2 will take over. Thats what I wanted. Now I do have an external domain registrar. For example hostgator.com. I have my external IP of my WAN1 in…
  • How to fix an Internet Lost Connection

    Hi, good day to everybody. I need some help to fix this problem: i have a router that bring internet and network service to my sophos firewall xg, this firewall has DHCP relay to the main router. The router has bandwidht manager and load balancing…
  • DNS - Static Entires nslookup funktioniert aber ping nicht

    Hallo Zusammen, vielleicht könnt ihr mir helfen. Wir haben uns Sophos UTM-9 Model: SG135 angeschafft. Nun haben wir soweit alles konfiguriert. Im Betrieb nutzen wir überwiegend Linux als OS. Wir haben keinen WINS, AD oder DNS Server. Aber wir haben…
  • XG Blocking DNS Lookup - DNS Request Timeout Error

    Hi all, I recently tried to point our DNS servers to our XG230 but when I run an nslookup I'm receiving the error "dns request timed out. timeout was 2 seconds". Our setup is pretty simple. We have 2 x Windows 2012 DNS servers. Each server points…
  • UTM9 - VPN - Namensauflösung

    Hallo, zwischen unserer Domäne und dem Modem sitzt eine Sophos UTM9. Seit einer Woche versuche ich das VPN so aufzubauen, daß ich mit einem iPhone von außen per Fernzugriff auf einen Filemaker-Server in der Domäne zugreifen kann. Den Datenbankzugriff…
  • DNS Host Entries over L2TP VPN

    Hello, I've added a small number of static DNS host entries to a XG125w and they work within the local LAN. However, the hosts do not resolve when a user remotely connects through VPN (L2TP). Any idea of how to resolve this? I found this similar…
  • Server-Lastverteilung

    Ich habe zwei Exchange 2013 Email Server intern. Nun möchte ich, dass alle Anfragen die von Intern kommen, auf diese zwei Server aufgeteilt werden. Dafür muss ich die Server Lastverteilung einrichten und einen DNS Eintrag in der Sophos UTM erstellen.…
  • How to setup DNS so local DNS resolves.

    Hello community, I'm a bit confused as to how to go about settings up DNS/DHCP so that I can resolve local addresses such as myserver.local I'm just wondering if there is a simple guide anyone can point me to, or give me a quick rundown, I'd much…