Hello all,
I've been messing around with the certificate distribution using GPO.
After create the default domain policy, adding the cert and force the gpo update I got the cert installed on my browsers (Firefox and Chrome) but I'm still getting the…
Hi!
I've tried to change the appliance's certificate but whenever I click on Apply, my XG complains about the Console / User Portal ports:
" You cannot update the default Admin Console Port as it is used in Business Application Policy "
That's quite…
One of my certificates expired that's in use in several places.
When I go to edit the certificate and upload the new, it fails with the following error at the top center of the screen:
Certificate could not be updated as it is already used by HTTP…
Hi All,
Hope all of you are doing well. I am just trying to secure my user portal by assigning a url and applying a SSL Wildcard Certificate on the Sophos XG 330. I was able to convert the PFX and private key that the RAPID SSL gave me and applied…
Hi community,
Recently a client migrated their mail services into gmail cloud servers, but now some of the workstations that are using Outlook are facing certificate errors.
Anyone know how to import the appliance certificates into outlook or what…
I will preface this by saying I had a UTM120 for three years with the UTM9 OS and right now thinking boy I miss those days. I was told that my appliance was nearing end-of-life so to renew licensing I went with the XG115. I had configured UTM9 on my own…
Hi all,
Does anyone have a decent walk-through explaining how to get a server cert onto an XG? I'm in MTA mode but using the appliance CA. I have a GoDaddy cert for my 2016 exchange server and I'm assuming that can be imported somehow, maybe. I see…
Dear All
I recently upgraded my MacBooks to OS X 10.13. Since I do not connect to my XG every day (or even week), I am not absolutely sure, if the issues at hand are related to OS X 10.13.
Safari now reports: This connection is not private
The Sophos_CA_…
Hi there,
Just been nmap'in the WAN port of an XG, with pretty much the default configuration and no DNAT/SNAT or any services in the protected zone opened at all. The scan reveals the port 8094/tcp and further reveals that the service SSL certificate…
I was not getting these issues until Chrome updated to version 60. It seems that it now requires a S.A.N. to be set.
Will this be addressed in the next firmware update?
Is there anything I can do to stop getting these warnings?
In trying to sort…
Hi,
I created a free StartSSL certificate and I succesfully uploaded it in the Sophos XG. I did the same for the CA, but still my certificate is untrusted by my XG. I think I got the wrong CA but im not sure.
Greets,
Jeffrey
I haven't been at this company long and I've never managed a Sophos UTM before but every user here is plagued by certificate errors in Outlook.
We use Office 365 and Outlook 2016 and users are constantly presented with this prompt...
Of course many…
Hi friends,
I am struggling with certificates on my XG firewall. I want to request a certificate with Lets Encrypt, and install it on my XG firewall. But I just don't understand hoe it works in total. I'm not to familier with certificates, but I know…
Hello everyone
I have a problem with my Sophos XG210.
I have a Exchange 2010 Server, before we had a self-signed certificate. We activated the email protection (because of spam), it worked perfectly.
Yesterday we have changed the certificate to…
hello,
i have an XG 16.5 MR4 and we bought a commercial wildcard certificate for the entire company domain and i can't select it for use.
first i uploaded the cert, it processes OK(the only thing is that the authority column marks a fail with "expected…
I am having a problem configuring the SMTPS scanning certificate for my appliance. It seems as though the feature is not properly implemented! Let me explain:
Currently, I have a virtual host firewall rule permitting traffic from the WAN zone (public…
Hi gents,
is there a way to reencrypt HTTPS traffic with own CA? I have imported both public and private keys to XG, but I am not able to choose which one to use. This is really needed feature, like it works in UTM.
Thank you so much!
Jakub
I am having issues which consist of an inability to save SSL VPN settings (They always revert to default) and downloading the SSL client for windows. After doing some research it seems my Default CA may be the issue, and when I check the Default CA it…
Hello,
I come to you because I have a small problem of configuration / use of my version of sophos firewall XG home edition.
I activated the scan of the incoming and outgoing emails. Since. My mail client shows me a window indicating that the certificate…
Hi,
I want to install SSL Certificate for userPotal and SSL VPN.
Please advise me which SSL certificate sophos XG support( Wildcard, etc)?
How can I enable it when some one browse it via public ip address.
Thanks
Iffi
The Quarantine Digest Email settings only let you select an IP address based on Port/Alias, instead of allowing you to specify a hostname. This causes a certificate error when clicking the "My Account" or "Release" links in the email.
The admin console…
Hi all,
As I am getting more familiar with my new XG firewall, I am naturally wanting to do more and more things. I've started looking at the deep-packet inspection/HTTPS Decrypt and Scan functionality. I've seen the discussions on this board about…
I have a question about the certificate screen in the XG. I uploaded a certificate generated by a legitimate 3rd party issuer (Comodo). I am a little confused by why I have a red X under the "Authority" column. Does this mean there is something wrong…