Browse By Tags

  • Web Proxy vs DPI

    hi, if in firewall rule i use DPI instead of web proxy then if user configure proxy in his browser then that will also go through DPI or via web proxy??? please advise.
  • Create a schedule on a policy that allows a specific user to access certain website at a certain time.

    We blocked a website category but want a certain IP to have access to the category at a certain scheduled time. How can I achieve this?
  • Anyone know how to make exceptions for Splashtop?

    Hello, At work I have a situation that Sophos Support has been unable to resolve. We use Addigy as our RMM for Apple devices, to have remote connections it uses Splashtop. We have not able able to add sufficient exceptions or maybe I am doing…
  • XGS Firewall - Application Sync - SSL-Inspection - Rules?

    Hello Sophos Community, I got a Question about designing specific Rules for Applications that are very untransparent how they handle SSL Fingerprinting. Example: From: LAN Zone - From: Specific Host - With Application A (Application RULE 1) - To…
  • Sophos Firewall: How to optimize Windows updates and solve performance issues

    Disclaimer : This information is provided as-is for the benefit of the Community. Please contact Sophos Professional Services if you require assistance with your specific environment. Table of Contents Overview What to do Non-Domain computers…
  • "Allow All" web filter policy blocks request allowed when there is no web filter policy

    Hi all I am having difficulty troubleshooting a problem with a request from a mobile phone 2-factor authentication app being blocked by our XG firewall (XG125 SFOS 19.0.0 GA-Build317). To test this, I have created a new top-most firewall rule for…
  • Invalid Traffic for NoSpamProxy/Cyren Antivirus

    Hello, we are using NoSpamProxy to filter spam/malicious emails and this software uses Cryen Antivirus to check the mail content. Every email triggers a webrequest to the Cyren Server ( 84.39.152.31 ) on Port 80 but these request are blocked by the…
  • TCP Retransmission / RST, ACK - some websites not answering

    Hello, I have a strange behaviour with Sophos XG. It is happening now on 2 sites. On one site I Have HA (A/P) XG2300 with v19 MR-1. On second I have HA (A/A) XG2100 with v19. I tried 18.5 MR-3 with the same issues. Most of the traffic seems…
  • Certificate Office365

    I have a problem with Sophos XG and Office365. some computers pop up a warning like the following when opening Ms. Outlook.
  • Sophos v19 - Web Proxy or DPI-SSL web filtering & DNS requests

    Hi, I have a question about Web content filtering using either Web proxy or DPI-SSL and DNS requests/resolution. I have Sophos firewall set up in bridge mode with Netgear router as the gateway and for DNS. The Netgear router handles DHCP and DNS…
  • DPI / TLS Scanning exception issue with d1. d2 d3.sophosupd.com when installing Intercept-X for Mac

    Hi, today we're facing something new: issues when rolling out the Sophos Endpoint to Mac Books. Windows Endpoints: no problem. They fail to install. Workarounds like https://support.sophos.com/support/s/article/KB-000044045?language=en_US were unsuccessful…
  • How to block Tiktok App

    Hi I'am unable to block Tiktok application and can't even find it in application control. Please help... Thanks...
  • TLS handshake fatal alert: certificate unknown(46).

    Hi, I am seeing these errors in the log for some websites which tend to utilise tracking information, particularly those which utilise a CNAME record to point to another address. For example, the website t.myrenews.com.au is a CNAME that resolves…
  • PDF generate from our web server behind firewall alwasy blocked

    i have server that run code javascript or something that generate pdf file for download or view but alwasy faild or error my server using local addres nat behind the sophos xg. What shoud i have to do to white list this action
  • Internet pages suddenly no longer work 502

    Hello, since today suddenly several internet pages do not work anymore. The browser gives the error message: HTTP ERROR 502 The page is e.g. https://www.ista.com/de/ Firewall is a XG115w (SFOS 19.0.0 GA-Build317 Do you have a solution? Thanks…
  • SEC_ERROR_EXPIRED_CERTIFICATE for web proxied sites

    Hello, I am a home user of the Sophos XG firewall - SFVH (SFOS 19.0.0 GA-Build317) - and use it to proxy specific sites... one of those things I proxy is google and youtube. Recently, it seems that the certificates that my appliance creates have expired…
  • XG550 (SFOS 19.0.0 GA-Build317) : problem with Web filter, RDP connection block after upgrade

    Hi, after upgrade from SFOS 18.5.3 MR-3-Build408 to SFOS 19.0.0 GA-Build317, without changes to the policy, we have a problem with connections in vpn ssl, RDP connections (tcp 3389) are blocked. T he logs indicate that RDP connections are blocked by…
  • XG FW - Some users have "Not Secure" notification in browser even though all sites are HTTPS

    XG FW - Some users have "Not Secure" notification even though all sites are HTTPS Users are authenticated and internet is working, however, no matter which site they go to it always says "Not Secure" "This site has a valid certificate, issued by…
  • Web Proxy vs DPI

    Hi Everyone, I finally moved our XG over to version 18 yesterday and no hiccups. My question is I am wanting to get SSL/TLS Inspection setup correctly for our environment and I noticed when I toggled of SSL/TLS inspection->ON, it must automatically…
  • How often does Sophos check the accuracy of the geoip database?

    DHi folks, I was investigating an unknown country ip address and found that it belongs to cloudflase in the US. Cloudflare being like AWS etc as a large supplier is cloud servers I would think that the geoip database should be easily updated. If the…
  • Why when blocking https does that stop access to the XG GUI?

    Hi folks, due to a little accident I added https to a drop firewall rule, that stopped the vpn from working and also all other devices using https on that network. I was connected to the GUI at the time and lost the connection. Why did the connection…
  • Parallels Access for Mac

    I've continued this post in "Looking at awarrenhttp_access.log for FQDNs" as I was having problems doing that, and through that post I found a domain that pointed me in the right direction, but is still ongoing in trying to fix the issue with Parallels…
  • Allowing Whatsapp Calls in Sophos XG

    Hi all. I'm running Sophos XG Home Edition ( SFOS 19.0.0 GA-Build317). Whatsapp Calls are being blocked, I have no Web Policy or Application Control being used by Firewall rule. Any services are allowed from LAN to WAN. Can't see that anything…
  • HTTPS-Scanning some Website-Certs unvalid (expired)

    have a strange problem here with an XG cluster. On 07.06.22 there was a problem with the onsite NTP service. After the failure, which lasted about 5 minutes, some websites such as google.com can no longer be accessed in a browser because the certificate…
  • Suggestions for how to enable SSL decryption to enable additional protection

    Hello, I would like to enable SSL decryption and I am hoping to have this rolled out before July. There is a mix of all kinds of devices: I think I handle certificate installation on most devices. I know I won't be able to do that on some devices…