Browse By Tags

  • Log viewer suggestion

    I have a suggestion for the Sophos Firewall. I would like to have a switch where I can hide entries that are empty or have a 0. Example: messageid="00002" log_type="Firewall" log_component="Firewall Rule" log_subtype="Denied" status="Deny" con_duration…
  • Cannot claim firewall after rebuild - errors._dynamic_.code.404 from SCMP

    Hi All, I'm stuck trying to re-register my firewall. I rebuilt it onto new hardware and gave it the original serial number (Home edition). I had removed it from my SC account, which was perhaps a mistake, assuming that I'd need to do a fresh registration…
  • Home License for a Sophos SG

    Hello, I can get a Sophos SG refurbished for a good price. Is it possible to use a Sophos SG/XG with a Home License or only the new XGS, which is overpowered for my home lab. Is ist also possible to use the Sophos SG / XG in a fiber uplink, carrier…
  • CA WebConsole not secure / https

    Dear collegues! When we access the Webconsole through the internal network https://xxx.xxx.xxx.xxx:port, the browser recognizes the certificate for https access as not secure. We are using the default Sophos certificate. How should I fix this problem…
  • Firewall HA, Active -Active Setup

    A firewall is configured in HA, Active-Active mode, can it cater double the size of users it is designed for? Ex. XGS3100 (2nos) configured in HA, Active-Active load balancing mode. Can it Cater 1000 concurrent users?
  • What's Not Included in an SFOS Restore?

    Before I completely decommission a bunch of XG firewalls, what is still sitting on these old firewalls that wasn't transferred in a backup/restore to newer XGS hardware? Hoping someone has some info they can share to save me a few hours in working it…
  • branch office VPN on brand new firewall

    Hello, this is not question. Just one experience which surprised me. I got new firewall for customer which used XG platform. Made migration of configuration and due to terms of old licence I was in hurry with implementation. I noticed that new firewall…
  • What does the file in "16386" /var/newdb/base/ actually do?

    Hi all, Just a quick question before I use the technical support for this one, hopefully somebody knows and can help me with this. We have been notified by our firewall, which is a Sophos XGS6500, that it's report disk is almost full. We check this…
  • API-Import not working with Error "Action with NOFAIL Failed."

    Hello everyone, so I created a Powershell Script to get the M365 Endpoint URLs and IP-Ranges to Import them as an Object into the Firewall. But when I try to Import it it only throws an Error that the file format is not supported. Here is the Output…
  • Can't Upgrade from 19.5.3 to 19.5.4

    Howdy, Before I engage in the time consuming and soul sucking experience of contacting Support, does anyone know why I'm getting the following when trying to upgrade 19.5.3 to 19.5.4 either though Download/Install via the Firmware page, or uploading…
  • How simulate crashes on HA to validate?

    Hi Folks I've noticed several similar issues with HA Sophos Firewall on some end customers. We use Active-Passive HA. When primary firewall crashes for some unknown reason (I'll check more information to understand at community.sophos.com/.../finding…
  • Is possible to enable FTP and email backup at the same time?

    Hi!. It's possible this? All my firewalls have email scheduled backup. But now, I want to enable FTP without disabling email. On the other hand, I have read this post and think it's an important feature for FTP backups. Thanks.
  • Update Certificates via API: Did I get it right?

    In 2018, Sophos integrated Let's Encrypt with their UTM series, leaving XG(S) users anticipating a similar feature. Many, including us, have turned to API solutions due to the lack of progress which is fine. However, the XG API feels less refined compared…
  • XG230: "snmpwalk" utility reaches the device via SNMP v2 but not via SNMP v3

    i enabled SNMP v2 agent on Sophos XG230 and successfully tested it from a remote server: snmpwalk -v2c -c mycstring 172.16.0.1 1.3.6.1.6.3.10.2.1.1.0 iso.3.6.1.6.3.10.2.1.1.0 = Hex-STRING: xxx then i enabled SNMP v3 (authentication only, no encryption…
  • Where do i find SNMP Engine ID??

    I have: XG230 (SFOS 19.5.3 MR-3-Build652) XG125 (SFOS 19.5.2 MR-2-Build624) I searched in: CONFIGURE - System services (all available tabs there) SYSTEM - Administration (all available tabs there) google searche returns NOTHING or USELESS…
  • XGS Firewall import certificate only

    Hallo zusammen, wieso kann ich bei import certificate nur "certificate only" auswählen?
  • VPN Login Bericht erstellen

    Moin, ich möchte mir gerne ein Bericht erstellen wann ein VPN User eine Verbindung aufgebaut hat. Leider gibt es keine Einträge auf unserer XGS unter: Auch bei Authentifizierungsereignisse gibt es keinerlei einträge. Gibt es noch Einstellungen…
  • VPN Portal and Login Security

    After upgrading to SFOS 20.0.0 GA i activated the new VPN portal. We use only SSLVPN. If SSLVPN is running on port 443 and the VPN Portal on port 444 (or any other), the authentication log displays the correct SRC IP. This allows "Login Security" to…
  • Unusual incorrect login attempt in the Admin Portal

    Hello, we have got a notification from the xg that a login was attempted for the admin portal. The admin portal is inaccessible from the internet. Message: The administrative access from IP Address '84.19.xxx.xxx' is blocked for '5'…
  • Firewall E-Mails über IPsec Tunnel Routen

    Hallo zusammen, ich bekomme keine E-Mail Benachrichtigungen von der XGS, weil meine Externe IP in einer geblacklisteten ISP Range ist. Als Workaround möchte ich die E-Mail Notifications von der XGS über den IPsec Tunnel an meinen Lokalen Exchange…
  • Sophos firewall backup issue.

    Sophos Firewall backup issue when we are trying to take backup from firewall it is prompting an error message "Backup could not be sent due to incorrect server configuration". We have rebooted the firewall multiple times then it is working fine also,…
  • What to do in failsafe mode

    I just had a very bad experience updating XGS126 from 19.0MR1 to 19.0MR3 to 20.0GA in active-passive HA. Node A Primary Node B Aux Update to 19.0MR3 seems to be fine. As Node B updated, restarted and became Primary and Node A updated and became Aux…
  • Forgotten Admin Password of auxilliary device (devices on HA)

    Hi all, xg330 on HA I had my HA mounted almost a year ago and I remember well that I wrote down the admin passwords for the primary and secondary device for my HA pair. Today, I just wanted to access the secondary to check a few points, but I discovered…
  • LoggingDaemon service dead or stopped

    I noticed that I had no logs on firewall and it was saying "loggindaemon dead". So I tried to restart the service with the command service garner:restart -ds nosync The resalts as shown below : XGS4300_AM02_SFOS 19.5.3 MR-3-Build652 HA-Primary#…
  • Sophos XG 125 load in failsafe mode.

    Hello, I have a problem with my firewall sophos XG 125 that loads in failsafe mode. When I write failsafe> show failure-reason I receive the following message: “Unable to apply Firewall Framework.” I have tried to reimage the firmware using SFLoader…