I'm a home user, and I'm trying to configure my Foundry VTT server. via my XG v19. When I try to http to it via the WAN, I get a violation error (as you can see in the logs). I can HTTP to it using my fqdn ( http://titanbananabefore.online/) via my…

Hello, Starting to get a bit frustrated with the Sophos web certificates - think I am going around in circles. I have both the Default Appliance certificate and the Security SSL Certificate installed into the Trusted Certificates store on a Windows…

Hello, I have a strange behaviour with Sophos XG. It is happening now on 2 sites. On one site I Have HA (A/P) XG2300 with v19 MR-1. On second I have HA (A/A) XG2100 with v19. I tried 18.5 MR-3 with the same issues. Most of the traffic seems…

I went away over the weekend and on login on Monday I now get the following error and the CAA exits, nothing should have changed from when it was last working on Friday. Error: "Could not validate certificate! CAA will now close error" XG Firewall…

Hi, Is there a way to set the MTU for the IPSec Remote Access VPN on an XGS2300 v19? I'd like to se if tweaking it improves performance for my remote users. Thanks, Jeff

Hello, We have a Sophos firewall (SFOS 19.0.0 GA-Build317 ) behind a NAT router, and there is an issue with dynamic DNS on the firewall that shows a failed/unknown update when the NATed public IP option is selected. It already checked with two different…

Hi Guys, This is after 2 months of troubleshooting, escalations, helplessness from Sophos support, i'm writing this. I have this issue since we deployed the new XGS 4500 firewalls and still not able to resolve this. One of our core application is hosted…

In SFOS 18 or 19 other than comparing the Central firewall management policy levels against each XG, is there any way to distinguish firewall rules, hosts, services that are managed from Central policies (and which policy) vs those only present locally…

Hi, after I changed port type from dhcp (using firewall behind ips router) to pppoe (using fw to establish connection). I cannot register with Sophos Central using email and OTP or enable Red service. Internet works but quite slow (will open another…

We have two lease line links configured on Sophos XGS 3100 firewall out of which the link of one of the lease line link goes down automatically after every 3-4 hours that too after changing weight of lease lines or changing fail over rules. Looking for…

Hi, We're getting one-side of calls randomly going silent. The default values of my XG2300 are UDP Timeout 30 UDP Timeout Stream 150 I read I should increase the timeout to 150, but should I make them match? increase both 5x? I don't understand…

Dear all, a customer of mine has 2 XG210 in HA mode (Active/Passive) that are running with the firmware version 18.5. I have to upgrade the HA to the version 19.0 and I'd like to know if I can upgrade/migrate the firmware without un-mounting the HA…

Hello, i create a firewall rule with this manuel https://docs.sophos.com/nsg/sophos-firewall/19.0/Help/en-us/webhelp/onlinehelp/AdministratorHelp/RulesAndPolicies/FirewallRules/FirewallRulesCountryBasedRuleCreate/index.html but they doesn´t work…

Hallo Community, i am working on some powershell scripts against the XG APi, when i came across this strange behaviour i do not understand. I am trying to setup a DHCP Server via the API, everything is nicely wrapped in powershell class that's why…

XGS107 (SFOS 19.0.0 GA-Build317 I have OSPF configured and working on another XGS 107. I have dynamic routing enabled in ADMIN>Device Access.> LAN, I am using Port 2, which I have changed to LAN. Under Information OSFP > Interface it shows…

Hi, I'm having some trouble with a medical device uploading its results to a web server where it seems the 'return' traffic that should match the HTTPS session to the website is being dropped by the firewall. Basically the device gets plugged in, then…

Hello, I'd like to install SFOS 19 (Home Edition) on a no longer used in production XG86W firewall. Burning SW-19.0.0_GA-317.iso to a DVD and booting into it leaves me with Sophos FIRMWARE INSTALLER Created on: #Sun Apr 3 03:05:46 UTC 2022 Firmware…

Hey folks, I have 2 XG 310 in an active-active HA. When failover occurs (Primary goes down), the RED tunnel goes down and there is no failover for the RED tunnel. I need to disable and re-enable the RED tunnel... Is it the correct behavior in…

Hello, I have problems updating to v19. As soon as I install the v19 update, my AP100 (3 pieces) remain inactive (1 ROOT 2 MESH). Only the ROOT emits WiFi despite the inactive message. As soon as I go back down to 17.5, everything is active again and…

Hi, I have a question about Web content filtering using either Web proxy or DPI-SSL and DNS requests/resolution. I have Sophos firewall set up in bridge mode with Netgear router as the gateway and for DNS. The Netgear router handles DHCP and DNS…

Hi Everyone, I have a sophos XG 330 (SFOS 19.0.0 GA-Build317), every afternoon almost always at 4 in the afternoon my sophos lan, wan and dmz ports shuts down, no blinking lights on all ports then suddenly it opens again. what seems to be the reason…

Good morning / Day / Evening all, I am trying to set up the Sophos home version V19 at home. I have created a VLAN 10 with PPPoE and it shows that it is connected and I have my static IP as I would expect but I am not getting any traffic. Back in…

My HA XGS136 cluster is experiencing this issue with heartbeats: I get an error alert in Sophos Central The renewal of your Heartbeat intermediate certificate has failed Looking in the heartbeat log I can see failures. tail /var/tslog/heartbeatd…

Hi all, My Sophos XG 310 running on 17.5 need an upgrade to 19.0, is it safe to do so? As I read comments on Sophos community I have seen a lot of issues faced including configuration flush out and device brick by other users. Thanks in advance…

Hi, I got a Remote Access IPSEC working on an XGS2300 (v19). It worked but was unusably slow. Sophos support suggested I disable "Use as default gateway" and explicitely add resources VPN clients could see. I want them to see the entire LAN, and the…