Hi Community,
Sophos XG adds a few default web filter exceptions with all of them enabled except legacy, see screenshot below
When you add an appliance to a central group every exception will be cloned with a name suffix "Original" which could be…
Hello,
I have some users on my LAN trying to update their MacBooks pro (everyone with the HTTPS decrypt enabled), but they are having troubles.
Can someone tell which https decryption exception should I add, so they can update their MacBooks? And…
Hi community,
I'm not an expert, therefore, please bear with me. :)
I'm using SFOS 18.5.2 MR-2-Build380 I hope this is the latest firmware.
"www.ebay.com" was falling under the " Auctions & Classified Ads " category in the web filter option in Sophos…
After I migrated from an XG85 to XGS87, I can no longer download Adobe Creative Cloud updates. I get error 113 which is a vague error that indicates the problem is on my end. My XGS87 is set up primarily with the defaults. I'm using XGS87 (SFOS 18.5.2…
Currently we have to create exceptions for Office 365 in the web filter by following the guide here: Sophos Firewall: Configure web exceptions for Office 365
It would be nice if the exceptions could auto-update the list of IP's and URLS from http:/…
We have a URL Filtering Exception for all apple.com traffic. See below.
^([A-Za-z0-9.-]*\.)?apple\.com\.?/
Is it possible to craft/recreate the above to apply the exception to all apple.com traffic except music.apple.com ?
Therefore blocking music…
Hello,
Once that a policy checks exception has been created, can I ignore this same exception for a specific group by a firewall rule (it can be by a IP Range, IP list, networks, Host Group, by selecting an entire in interface... it doesnt 'matter)…
Hi everyone, I'm new to the XG and I'm running into an issue allowing an EXE download without any browser warnings.
I first created an exception using under "web" --> "exceptions" that included a regex: ^([A-Za-z0-9.-]*\.)?lumension\.com/
However…
So does anyone know if Sophos keeps this list updated when you download it ?
Also , what happens if you have already uploaded it ? Does it only import the news ones if there are or does it duplicate it ?
https://support.sophos.com/support/s/article…
Hi All,
I try to add subnet network in Web exception, but it (example: 203.104.150.0/24 ) didn't work.
So I have to bypass the subnet network in top firewall rule.
Is there any way to bypass subnet network in Web exception?
Shunze
In my home LAN I have an XG-125w with SFOS 18.5. My MacBook Pro had a corrupted disk so I had to erase it and do an internet reinstall of MacOS. This procedure downloads a new copy of the operating system and then installs it. To get started, I made a…
Hi.
I have a rule for cut the acces on the internet for some pc's, but I need to configure my sophos to upgrade operating system and Windosw defender.
I tried whith this list, but doesn't work, any idea or sugestion, please?
^.*windowsupdate\.microsoft…
SFVH (SFOS 18.5.1 MR-1-Build326)
I found an old post that listed things to add to the web content exceptions.
I noticed the third one in their list was missing from the exception that was apparently included in the appliance defaults, so I cloned…
Hello Everyone,
We've had requests to block websites that contain Cyrillic characters, however whenever I attempt to do so in the Sophos interface it states it's an invalid URL.
To avoid posting the full domain of the malicious site, an excerpt…
hi, i want to block all web sites to my users and allow certain website. for this i created allowed URL list in URL Group, called that URL group in web policy and then called that policy in Firewall policy. how can i allow anydesk and skype using web…
After implementing SFOS 18.5.1 I discovered Microsoft QUick Assist would not complete a connection, it just showed a rotating dots image.
SFOS Log Viewer showed the Firewall blocked the application with Invalid Traffic. Sharing the Web Exceptions for…
Is there a recommend practice here to whitelist ?
In the same way as you would add Hosts/subnets to make it easy to add/update, which would apply to any changes made in Firewall/SSLVPN etc.... does it make sense to create "exceptions" to websites, rather…
Hello,
We use a Sophos XG 210 with SFOS 18.5.1 MR1 Build 326
For a couple of days now, I have gotten complaints that emails are blocked from hosts we never had issues with.
So I dug around the extremely limited logs (it used to be much easier…
Hi,
After having all kinds of problems with various Microsoft 365 systems, I finally found the KB article KB-000038173 "Sophos Firewall: Configure web exceptions for Office 365". After setting up these exception templates and activating them everything…
Under Web -> Exceptions the default Microsoft Windows Update exception is enabled. We have added a second one with some additional websites as per the Sophos KB.
We have an allow firewall rule that allows traffic from any LAN source to the FQDN host…
Hey, I cannot test our XG with the test site, you are providing: https://sophostest.com/
I've asked this once but forgot. Today I wanted to verify something but could'nt even find the request in the web filter log.
Of course, I could browse all the…
I have created a web rule to just blocking Sexual Explicit, Games and Advertisements.
This prevents seeing comments in YouTube because devices (Android) put YouTube into Restricted mode saying administrator has blocked it.
How do I allow the user…
I need information regarding Sophos endpoint firewall configuration .
Currently I have a central firewall policy that will block all incoming connections on the domain, private and public network.
However I want certain pc's to have only RDP port…
Good morning,
we have a SG450 cluster with Sophos UTM 9.705-7 installed.
Yesterday we added some Webfiltering Exceptions to allow some sites of oOfice 365 and MS Teams.
1. We copied the Exceptions listed in this Sophos KB article for XG Firewall…