Hi
I have a linux server in the DMZ, and I want to manually patch it from time to time. so I want to open access only during patches then close access to WAN. what are all the rules to put in place. well I'm going to choose the scheduled time tab.
Port forwarding rule
I have an external ip address (PortB:8) currently used for a production website on port 443.
I would like to be able to access a test web server via the same public IP via port 65443 and translate to port 443 at the server.…
Hi all,
# XG330
I have a project to set up an SFTP server to transfer data securely from a remote station to the SFTP server located in the DMZ.(Head Ofice) the server is installed, configured and integrated into the dmz. the remote client uses an…
We have an XGS 3100 which approx. every 1-2 weeks becomes unresponsive and requires a hard restart as it completely stops functioning. We have a smart plug connected now, which automatically powers it off and on again if the network goes down to mitigate…
Does anyone experienced the same thing? Messenger app chats with End to End Encryption enabled cannot send messages behind Sophos XG Firewall. There's also a lot of ISAKMP VPN hits in the traffic insights recently. I'm also thinking my XG instance is…
“Our penetration testing team has discovered that our servers are responding to client requests with the server software name and its version. For instance, the responses include identifiers like “openssh_for_windows_9.2” or “nginx 1.22.1”. Does anyone…
We have 1 WAN IP from our ISP
18 LAN IPs from the ISP
Current setup is one CAT6 from ISP to Sophos Firewall. Firewall has the 1 WAN IP interface setup for internet
We need a port enabled for on the firewall for a Vendor router to use one of the…
Good Eve.
Trying to connect to a network switch via https.
Error page : The trust status of this website's certificate could not be securely established.
About this request
URL: https://somePublicIP
Certificate details:
Valid From: Feb…
Hello Everyone. I have my Sophos XG Virtualized in proxmox on a Dell PowerEdge R430, and it is working beautifully, except that my management network doesn't seem to be able to contact the internet, and I'm not sure why. I believe it's because the devices…
I created a new rule which allows traffic originating from VPN subnet to the external IP address.
I verified in the logs that the traffic passes by unobstructed. Also verified in SSL VPN settings that the particular VPN profile contains that IP address…
CPU Consumption is very high some time it is going up to 98 %
I Stopped Below Highlighted service after that CPU is under control but the AV & IPS Services are Required for Firewall. stop the required services is not a good practice
Hi guys,
I'm having a problem with my firewall's memory. According to the screenshots below, the memory increases gradually over the days, until it reaches a point where the firewall freezes, making it necessary to physically restart.
Would anyone…
Hallo,
gestern abend ist eine XG230 "eingfrohren". Zum Glück funktionierte durch HA alles weiterhin.
Die Netzwerk LEDs haben nicht mehr geblinkt, das Display war aber noch an. Nach einem Neustart funktioniert alles wieder.
In welcher log wird denn…
Hello there,
I have 2 Sophos Firewall connecting to Networks with IPSeC Site-to-Site VPN 1 Public IP for each network.
XGS107 ( SFOS 19.5.3 MR-3-Build652)
XG135 ( SFOS 18.5.2 MR-2-Build380)
Network A 192.168.1.0/24
IPSeC gateway 172.16.21…
Ich habe da ein kleines Problem.
Habe eine SSL-VPN Verbindung zu einer XGS Firewall (SFOS 20.0.0.222) die auch wunderbar funktioniert.
Allerdings wenn ich von ein paar älteren Netgear Switchen (zum Beispiel GS752TPP) mir die Konfiguration, also ein…
Good day
We want to configure network quota surfing on users .. but we want to exclude emails from being accounted for .. like when the users has depleted his or her data for the day, but we want email to continue flowing.
Is there a way to achieve…
Migrating our sites, and my brain, to sophos XGS from UTM
In the UTM when I setup multiple WAN interfaces for uplink balancing, the object Uplink Interfaces was created. I could then use this object for things like the masquerade rules
I do not…
Hallo,
kann mir jemand helfen, denn ich bekomme es nicht hin. Ich habe auf einer Sophos XG ein Netzwerk 192.168.101.xx auf Port1 und ein Netzwerk 192.168.102.xx auf Port 5 eingerichtet. Jetzt möchte ich vom Netzwerk auf Port1 auf das Netzwerk von Port5…
Hello,
We use several networks and several public IP addresses, which are stored as aliases on the WAN interface. How do I configure the NAT rule so that, for example, the public IP address xxx.xxx.xxx.xxx is used for network A and the address yyy.yyy…
Hello!
I searched the forum but didn't find any relevant information. It's about a Sophos XG210, connected to a few RED boxes.
A hardware terminal at a branch office, connected via RED, communicates with the software in the HQ via port 8015. Unfortunately…
Hallo zusammen,
ich habe eine Frage bzgl. der Statischen Routen. Ich möchte eine SG auf eine XGs migrieren und möchte Dienst für Dienst umziehen. Ich möchte in diesem Zuge mit Statischen Routen arbeiten. Nun stellt sich mir die Frage, wenn ich auf der…
Hello Sophos Team,
is there a Documentation on what URLs / IPs need to be in a Firewall Rule for Destination Host?
I know the Ports that are needed: HTTPS / NTP / DNS -> Forwarded to Firewall IP and Uplink to DNS Protection
Just found a List for…
Good afternoon I work at Virtual Box. I have three virtual machines. The first is the Sophos firewall, the second is the Windows 10 client. And on the third I have an Ubuntu server.
The task is to block traffic from the Windows 10 client to the Ubunu…