As I had the same problem like in DPI issue with AnyDesk Software described I built up a new IP list for use from Germany. Maybe someone can need it... 212.102.40.164,138.199.14.83,138.199.4.67,177.54.145.75,136.243.81.155,143.244.33.97,216.245.193…

Dear Sir or Madam, my name is David Lorenz from AAIC Soft Systems GmbH. We have serious web traffic problems with one of our customers with an XGS2100. It's not easy to describe. The customer previously had an SG and did not have these problems. Now to…

Disclaimer : This information is provided as-is for the benefit of the Community. Please contact Sophos Professional Services if you require assistance with your specific environment. Table of Contents Overview General settings: IoT devices…

hi, if in firewall rule i use DPI instead of web proxy then if user configure proxy in his browser then that will also go through DPI or via web proxy??? please advise.

Hello, Starting to get a bit frustrated with the Sophos web certificates - think I am going around in circles. I have both the Default Appliance certificate and the Security SSL Certificate installed into the Trusted Certificates store on a Windows…

Hi, I have a question about Web content filtering using either Web proxy or DPI-SSL and DNS requests/resolution. I have Sophos firewall set up in bridge mode with Netgear router as the gateway and for DNS. The Netgear router handles DHCP and DNS…

Hi Everyone, I finally moved our XG over to version 18 yesterday and no hiccups. My question is I am wanting to get SSL/TLS Inspection setup correctly for our environment and I noticed when I toggled of SSL/TLS inspection->ON, it must automatically…

I'm not sure we might face a similar problem to https://community.sophos.com/sophos-xg-firewall/f/discussions/131346/sophos-xg-firewalls-printer-delay-or-not-printing-at-all We implemented a new Sophos XGS 3100 running SFOS V19. Basic firewall-rules…

We're having an issue with anydesk beeing blocked in DPI due to invalid Certificates. Anydesk uses own certificates, not trusted anywhere but in their software. CN = AnyNet Root CA CN = AnyNet Relay Both seem to have the same fingerprint: 9e:08…

Hello, we have the problem that in general all websites load slowly and many others do not load at all. We use version 19 (SFV4C6 / 19.0.0-B317) as VM in Hyper-V. Here are some examples of websites that cannot be accessed at all: https://icloud…

Hi. I am looking for some advise around the best practise for Web Filtering for a BYOD network. We have a seperate network setup on our XG for residents who connect their own devices which are mainly mobile devices. We have a firewall rule crated…

Hello, how can i disable the Capture Code on the User Portal Site and add our Company Logo? Regards, Jan

Hello everyone, I was trying to enable DPI feature inside of the existing rule, however Malware scanning section is missing in my case. Please see screenshots attached for comparison.

Hello to all.. Seems like roblox got me into a rabbit hole Since I don't want to confuse you with a lot of stuff, long story short: Roblox is not working if "Use web proxy instead of DPI engine" is active.. The roblox website is being accesed without…

Hello! I set a web category (Games) to be accessible only for 1 hour per day. I run a policy test and I get the correct result: If I go to the firewall rule that has this policy and check the option "Use web proxy instead of DPI engine", all seem…

Hi, Since I was learning API for Sophos, I came across the below link, Kindly advise as if the link is OK ? https://www.sophos.com/en-us/medialibrary/PDFs/documentation/UTMonAWS/Sophos-UTM-RESTful-API.pdf Manish

Hello, Is there a way to block a sites having a specific string in the HTML they render in a page when DPI is enabled? I know this is possible already on anything in the Url of a site, but what about the contents of a page? (within the HTML) Thanks…

I would not expect this on a Sophos machine: 2021-11-25 16:32:12SSL/TLS inspectionmessageid="19017" log_type="SSL" log_component="SSL" log_subtype="Error" severity="Information" user="me" src_ip="xxxxxxxx" dst_ip="23.36.239.66" user_group="xxxxxx…

I have set up Web Default Filtering rule on XGS136 with HTTP/S scanning and IDS is active. If I turn off the Default Rule it works but then it stops working. I added three domains related to Bloomberg as an exclusion. Is there a better way for the…

Hello, If I have a firewall rule that has a web policy set to none, so why does the DPI engine still scan the traffic? I thought this was fixed. Still seeing the traffic in the SSL inspection logs. I would really like to reduce the CPU load for traffic…

hello, if we are using the dpi engine instead of the web proxy and in a firewall rule we have set a web policy to block gambling for example and someone hits a gambling site if using the dpi engine will they they be redirected to the custom block…

our customer has a production machine, which tries to connect via proprietary SSLVPN to a remote server via IP Address. there is no webfiler enabled on the firewall rule and the following exceptions are in place: excluded ip address via…

Hello Community, I have an interesting problem with an HP Pro 477dw printer and sending email via Office 365. When SSL Inspection is turned on on the firewall, it takes about 5 minutes for mail to be sent via smtp.office365.com (port 587 SSL/TLS). SSL…

Hello, I've no idea what to do about INTERNAL_CRYPTO_ERROR[195] ? dst_country="DEU" src_port="54512" dst_port="443" app_name="" app_id="0" category="Social Networking" category_id="67" con_id="813219008" rule_id="7" profile_id…

Hi, I try to get anydesk running with TLS Inspection. I´ve read this post: https://community.sophos.com/sophos-xg-firewall/f/discussions/123967/how-to-allow-or-block-anydesk-when-using-tls-scanning I created a IP List with all the anydesk Servers…