I am configuring some IPsec vpn between my client's main office and 10 branch offices. In the main office I installed a Sophos xgs116 (SFOS 19.0.1 MR-1-Build365) to replace an old Zyxel Usg 300 and in the peripheral offices there are 8 Sophos XG85 (SFOS…
XG310 (SFOS 19.0.1 MR-1-Build365)
All documentation examples for MTA RBL show usage with hostname only. Is it allowed to add information on the types of answers to consider? Background: spamhaus.org has blocklists in 127.0.0.0/24, but returns error…
XGS4500 (SFOS 19.0.1 MR-1-Build365)
Our SSL VPN stopped allowing two-way communications. We can ping the VPN Client IP from inside the network. Once the client connects, the client cannot communicate to anything (full tunnel). NSLOOKUP, PING, etc. …
Hi,
I had an issue in this scenario:
XGS with SFOS 19.0.1 MR-1-Build365 + 2 RED60, Server W2012R2. The REDs operation mode is set Standard/unified; REDs are in a RED Zone. Each RED as it's own DHCP range (set in Network|DHCP (to be able to add static…
Since yesterday, all incoming external mails are rejected due to "RBL listing". However like outbound.protection.outlook.com they are not on any RBL if I check.
This happens on both independent XG 19.0.1 I am using (Home Edition)
Could the reason…
Hi all,
I would want to make the sophos connect vpn client *not to* store the vpn profile, and download it every time. I've checked the documentation at
https://docs.sophos.com/nsg/sophos-firewall/17.5/Help/en-us/webhelp/onlinehelp/nsg/sfos/concepts…
I can't make sense of this issue, any help / ideas would be much appreciated because i feel like I'm taking crazy pills <insert Mugatu>
I have the following setup:
XGS 2100 Site 1 (Latest Firmware)
SG 115 Site 2
The sites are connected via…
Hi to all,
Let me tell about the config that I'm testing:
- Site A: XG 135 Rev 3 with Home Edition license. FTTH connection 1 Gbps symetrical. Network: 192.168.21.0/24
- Site B: XG 230 Rev 2 with Home Edition license. FTTH connection 300 Mbps…
Hey Guys,
I installed the Home Version of the Firewall yesterday on my ProxMox Server and it seems to run fine for now. What i noticed today, the Antispam Service is dead:
When trying to start it from the Services menu i get the message " Couldn…
Hi folks,
over the last week or so I have noticed previously fixed issues with applications being incorrectly classified returning in my daily reports.
Manual proxy surfing and thunder VPN.
Why are these previously resolved issues appearing, does…
Hello
We have 2 Sophos XGS 116 and one website is not displayed correctly. The main.css file does not download or can't be encoded.
I have created a ticket and already had a troubleshooting session with someone from Sophos. So far, we can't workaround…
Running into an issue and I'm at a loss to find the answer. Essentially when I first set up my XG firewall (Home User) I was able to successfully configure CAA access for all my endpoints and everything was working fine. About 2 weeks ago the firewall…
Hello Dear Partners!
I configured an SD-WAN Scenario with Two VPN Tunnels and then created an SD-WAN Profiles. as the image below:
I did the following Test I dropped the Main Link VPN_MTZ_1 and Sophos Quickly switched the Route to the Backup…
Hello,
from one day to another I cant connect to XQ (latest Firmware). Opebn VPN sayes (I wil post only RED sections here):
Fri Sep 2 15:43:48 2022 WARNING: Compression for receiving enabled. Compression has been used in the past to break encryption…
Hey all :),
our XG just notified us, that the disk is full. After a little search on Google I purged all available reports. Sadly it did not help. Is there something else i could do. Our Firewall is runnning the latest Firmware that is available 19…
XG Firewall version 19.0.1 MR1 build 365 and Sophos Connect 2.2.75 client are affected.
After a successful IPSec connection, after a few hours, the user is unexpectedly logged out of the firewall. The IPSec connection itself continues to work, but any…
There is an issue present is SFOS since 18.5 MR4 and still in SFOS 19.0.1 MR-1-Build365.
We have a firewall rule that allows the required traffic from our AP and APX devices to Sophos Central.
The Rule has *.prod.hydra.sophos.com as Wildcard FQDN…
Hi,
Not sure if this is a cosmetic issue, or something that needs further investigation - the IPS signatures are being reported in one part of the GUI as being old, but yet updated in another screen.
Here it's showing Aug 26th
But in this…
Updated Updated from
SFOS 18.5.4 MR-4-Build418
to
SFOS 19.0.1 MR-1-Build365
Captive portal is not using my uploaded signed certificate, Admin portal and user portal are using correct certificate.
Same…
Dear all, We have recently upgraded firmware version v19.01 in our XGS2300 High Availability setup. After that we couldn't able to login into Firewall through Client Authentication Agent in particularly windows 8 devices and there is no problem in windows10…
Hi, I am using this script from user burton
https://community.sophos.com/sophos-xg-firewall/f/discussions/129768/letsencrypt-api-update-script---dynamically-handles-multiple-certs-multiple-rules-including-re-grouping-of-policies-rules
However since…
Hello Community,
I have an IPsec Tunnel with the Firewall IP (192.168.0.1) on local site and a Webserver (192.168.100.100) on remote site. The Tunnel is established. On local site I have a 2nd system (192.168.0.2), that should have access to the Webserver…
I have created an ACL to allow myself access to my Sophos XG when I connect in using remote SSL VPN. It has always worked fine, but after enabling the use of a static IP, I can no longer access the sophos XG over HTTPS. I can access other devices on my…
Hi,
Using XGS 6500 with Sophos connect client (2.1/2.2). If someone mistypes their password just once whilst logging in to the VPN it locks the AD account. AD logs suggest 4 failed attempts by the firewall to authenticate against 2 domain controllers…
Have a strange issue where anyone connected via the SSL VPN (Sophos Connect) will disconnect right at 8 hours. I've already checked the settings under Authentication > Services and they are set past 8 hours. Under Maximum Session time-out it is at "Unlimited…