Added a new firewall rule. It does not show in the Rules and Policies. I thought maybe I didn't click 'Save'.
So I went back in to add a new rule. This time when I try to add the rule, it says 'Rule already exists.'
Ummm, okay. Where is it?
I would like to block access to and from certain countries with the MTA enabled. This was really simple on the UTM, but seems much more complicated in Sophos Firewall. I have created a black hole NAT rule as suggested in the documentation, but can’t work…
Hi,
here is my setup, i have 2 VLAN ( 20 and 30 ) and both have DHCP enabled, and both have similar setting.
VLAN is supposed to be used for Administration purposes and VLAN 30 for production traffic.
VLAN 20 does not have access to Internet…
Hello Everyone,
We encountered an issue with Sophos firewall XG. The issue simply is when we try to open the Banking website to do transactions or online banking, we authenticate normally. However, when we try to access anything in the bank website…
Guten Morgen ,
ich habe einige XGS die ich verwalte. Komme ursprünglich aus der Pfsense und OPnsene Richtung und bin nun bei Sophos und bin begeistert was die XGS doch alles so können. Jetzt ist mir aufgefallen das die XGS selbst keinen NTP Server…
Hello,
I'm new to Sophos, and am deploying my first firewall to a very basic client, and just want to check what I have configured is a reasonable balance between security and functionality? I am just looking for opinions and whether I have missed anything…
Hello Team,
I've successfully configured the Sophos XGS in my security account and routed internal traffic via the Sophos LAN ENI instead of using a NAT gateway, which is functioning well. Now, I have another workload VPC in a separate account that…
What is the best way to block users from using any version of Team viewer and Any desk and what ports have you used if we need to block ports? How to do that on Sophos?
Moin! Wir haben folgende Konstellation, an welcher ich aktuell scheitere, vielleicht habt ihr noch eine Idee: Client: 192.168.0.19 nutzt Praxissoftware von Server 192.168.0.200 Einsatz eines Ti-Konnektors 172.16.10.220 mit GW 172.16.10.200 Route in die…
Hello,
I'm reconfiguring my fw (latest OS version), changing the zone and IP of my reverse proxy, from LAN to DMZ.
Externally I'm able to reach my web sites with the RP on LAN, but if I change the zone and internal IP in firewall rule and NAT rules…
I noticed a strange mixing of DHCP settings when having 2 reservations for one client MAC address.
console> system dhcp static-entry-scope show global
I have a VLAN on the XGS lets say VLAN10 Net: 10.1.2.0/24 GW: 10.1.2.1
On that VLAN is a XGS DHCP…
Hii Community,
I configured a firewall rule for VPN to LAN connection and another for LAN to WAN connection, attaching a NAT rule with MASQ for internet access. Despite this, I could establish a VPN connection with the Sophos Connect client but couldn…
Hallo Gemeinde,
bis jetzt hatte ich immer einer SG230 in dieser Konstallation. Diese habe ich nun gegen eine XG136 getauscht und die Firmware SFOS 20.0.0 GA-Build222 ist installiert und die Konfiguration so von der SG230 übernommen
Die Reds und…
Hello,
I have a situation where my ISP installed a router and gave me a subnet ( 10.1.1.0/24 ) with the gateway being the router(10.1.1.1).
My understanding is that I need to configure an internal network (i.e 10.1.2.0/24) on the LAN side of the firewall…
We have some customers who use quite sensitive software. We have had repeated session drops with one customer (always at noon on Tuesdays -GMT-) The IPS patterns are said to have been updated at this time today. IPS is only active for some external connections…
Good morning, I currently have a server in an on-premise datacenter that responds to TCP port 12233. So there is a very normal DNAT on the XGS firewall of the public ip 80.80.80.80:12233 towards the private server ip 192.168.1.10:12233 This service is…
Hi,
I am really confused about how to do this on XG. I can go to Traffic Shaping and create my policy and attach it to my rule or service - but then in Traffic Shaping Service there is a setting "Optimize for real-time (VoIP)" that is Enabled by default…
Moin !
Habe hier einen XGS 2300 Cluster mit einem WAN Anschluss.
Dieser ist auch in Benutzung und funktioniert. Trotzdem wird er im WAN Link Manager als ROT angezeigt. Das Gateway ist generell von der Firewall anpingbar, trotzdem habe ich die Failover…
I've got a Site connected with RED60
The RED itself uses a single IP Subnet /31 IP Address and has 4 VLAN with /26 Subnets attached.
In the Mgmt VLAN are Sophos APX Accesspoints connecting to Central.
That setup was running up and fine for years…
We are using BGP as the routing protocol to our ISP who provides us with two indepent WAN links and gateways which we can use as active/active or active/backup as we like.
It seems that any setting in the Routing -> Gateway section of SFOS and the corresponding…
Hi I have XGS4300 (SFOS 19.5.4 MR-4-Build71),DNS change Automatically in Sophos Firewall it can possible or not
can you please guide how to resolve this issue.
Hello All,
I am a newbee to XG, but have been using UTM9 for some years. In UTM9, I could see a number of attacks being dropped every day. After I changed to XG (version SFVH [SFOS 20.0.0 GA-Build222]) I do no longer see any attacks.
I have activated…