• How to create a network object / host / rule which allows access to WAN but not LAN (RFC RFC 1918)

    Matjaz Lorber
    Matjaz Lorber
    Hi! I am a proud owner of XGS 107 and pretty happy with it. I am running a homelab with a few vlans, really nothing special. But there is something, that is bothering me: I am also using Barracuda Firewalls where i work, and there i really like the…
    • 6 months ago
    • Sophos Firewall
    • Discussions
  • Multiple NICs on same LAN Subnet

    ml17
    ml17
    I have recently switched to a new ISP who allows me a blistering 3GB connection of which I wish to take some advantage. To do this, I rebuilt a new firewall from scratch with a 1Gb onboard NIC, plus a 2x10Gb NIC. This gives me 3 ports, which are in order…
    • Answered
    • 6 months ago
    • Sophos Firewall
    • Discussions
  • Bandwidth report for the policy

    Firewall Monitoring
    Firewall Monitoring
    Hi, I have configured the Policy in the Sophos firewall for the AV devices with traffic shaping (QOS) We need to monitor the bandwidth utilization of the policy, and need to know how much bandwidth its utilized, Is there any way to do this ?
    • Answered
    • 6 months ago
    • Sophos Firewall
    • Discussions
  • ENABLING INTERNAL USERS TO ACCESS INTERNAL SERVICES OVER EXTERNAL INTERFACE

    TimothyWanume
    TimothyWanume
    Hello, I am using XGS2300 Version 20 When users are on LAN, they cannot access servers on the same network while using their public IP, they can only access the server over the public IP when they move out of the network. How do I solve that
    • Answered
    • 7 months ago
    • Sophos Firewall
    • Discussions
  • DAHUA CCTV NOT STREAMING ON DMSS APP ON REMOTE PHONE

    TimothyWanume
    TimothyWanume
    After installing Sophos XGS2300, our client stopped viewing his Dahua CCTV remotely on his smartphone, the NVR is online in the AP but CCTV footage is not I dstreaming. I did all the necessary port foward and ports are open RTSP: 554 TCP: 37777 HTTP…
    • 7 months ago
    • Sophos Firewall
    • Discussions
  • Unreachable websites

    err
    err
    Using xg 135 model. Updated to the latest firmware however, some sites provider.cignaenvoy.com are unreachable. I am able to get a reply when I ping the site.
    • 7 months ago
    • Sophos Firewall
    • Discussions
  • configure PPPoE XG86 with router with built in GPON ONT (Nokia FTTH Modem)

    Sofos network
    Sofos network
    Hi all, Today I have a new problem which dates back more than 3 months to configure the firewall with the Nokia FTTH modem in bridge mode. -Sophos XG86w -FTTH modem Nokia: G-1425G-B The Device is a router with built in GPON ONT - it is for broadband…
    • 7 months ago
    • Sophos Firewall
    • Discussions
  • Getting lost with Traffic Shaping / QoS

    Nez_Pottage
    Nez_Pottage
    Hi all, We have a very busy site, with a 1Gb leased line connected to an XGS2100. I'm reading the Sophos literature on traffic shaping and wanted to check really how to get a simple approach fixed. Note, half our users are mac based, so we don't…
    • 7 months ago
    • Sophos Firewall
    • Discussions
  • Problems with IP Geolocation

    TW98
    TW98
    Hello Sophos, As an Internet provider, we have had extreme problems with geolocation in recent weeks. As we have now found out, this mainly affects services and applications that use a Sophos firewall. Our IP addresses are probably recognised here as…
    • 7 months ago
    • Sophos Firewall
    • Discussions
  • WAN Port Issue

    Niranjan Kumar
    Niranjan Kumar
    Hello Team, We are using the Sophose XG firewall, I would like to raise the concern regarding WAN Ports are not working, can you please help on it
    • 7 months ago
    • Sophos Firewall
    • Discussions
  • Firewall policy unable to deploy to some customers: Host \{hostname}\ could not be updated

    Alex Simpson1
    Alex Simpson1
    Hi guys, We have been deploying a firewall policy for a few months now and have noticed that there are a few customer firewalls that are unable to deploy the configuration. They all appear to be getting a similar error to the one pictured below. Can…
    • Answered
    • 7 months ago
    • Sophos Firewall
    • Discussions
  • mirror rule sets of existing ip/host to new ip/host

    Sophos User1175
    Sophos User1175
    hi all, we have a xgs 4300 v20 i want to give a new ip/host the same rule sets as an existing ip/host how can i do this please? thanks, rob
    • Answered
    • 7 months ago
    • Sophos Firewall
    • Discussions
  • wrong domain resolves to vpn page

    IT Manager23
    IT Manager23
    I have a handful of domains and one of them is resolving to the Sophos VPN page instead of the appropriate server. I just added a new internet connection and correlated IP to DNS. What am I missing
    • 7 months ago
    • Sophos Firewall
    • Discussions
  • Connection between two different subnets

    Qbitter
    Qbitter
    Hi community, I'm trying to connect two different Subnets. This is the environment: Subnet A 192.168.1.0 /24 Gateway: 192.168.1.1 Port 4: Company with DHCP address 192.168.1.55 Device: FritzBox Subnet B 10.0.100.0 /24 Gateway 10.0.100.1 Port…
    • Answered
    • 7 months ago
    • Sophos Firewall
    • Discussions
  • NAT Rule appears not to be going through VPN

    Sophos User6134
    Sophos User6134
    Hi, Any advice would be appreciated for the following please. We have a number of devices that have been configured to communicate with an internal server by IP address. This server is now being migrated to the cloud on a unique subnet. We are not…
    • Answered
    • 7 months ago
    • Sophos Firewall
    • Discussions
  • Sophos Firewall Interface Not Connecting with Correct Subnet

    Gavin Gnanapragasam
    Gavin Gnanapragasam
    Dear All, I have observed a strange behaviour from Sophos XGS3100 firewall. My LAN network is 172.20.52.0/23 network. When I connect the Sophos firewall to my LAN, the Firewall gets an IP 172.20.52.145/23. After that I cannot ping or access the interface…
    • 7 months ago
    • Sophos Firewall
    • Discussions
  • How to block youtube for a particular IP range in Sophos XG

    Ruka
    Ruka
    Hi everyone, Firstly let me explain the setup i have for my home network Have WAN plugged into a mini PC which runs Sophos XG. On Interface 4 of Mini PC i have plugged in ubiquiti AP from which other devices get wifi connection ( mobile phone , laptop…
    • 7 months ago
    • Sophos Firewall
    • Discussions
  • FQDN Host automatisch aktualisieren

    Ameisenbär
    Ameisenbär
    Hallo zusammen, wie stelle ich ein das der Host FQDN sich aktualisiert sobald eine neue IP vorhanden ist? Aktuell muss ich auf den FQDN gehen und auf speichern drücken um die aktuelle IP zu bekommen. Firmware: SFOS 20.0.0 GA-Build222 console> show…
    • 7 months ago
    • Sophos Firewall
    • German Forum
  • Need to Allow trafic from specific AS Number

    Trio Fandi
    Trio Fandi
    Hi, I read this forum discussion (10 months ago) and it was said that this will be a new feature request. Has it available right now ? xg / xgs - allow ip from specific asn number only Thanks.
    • Answered
    • 7 months ago
    • Sophos Firewall
    • Discussions
  • How can I block QUIC without.......

    JohnMMM
    JohnMMM
    Can anyone please tell me (A) How to block all QUIC traffic in and out ,and (B) will that then give me better log reports of url's visited ?. Thanks
    • Answered
    • 7 months ago
    • Sophos Firewall
    • Discussions
  • Firewall in front of Router ?

    JohnMMM
    JohnMMM
    Can someone please tell me whether it is possible, and if so how, to put the Sophos Firewall between the connecting clients and my ASUS Router ?. The reason I ask is I want to have better logging of what sites are being being visited . Thanks
    • Answered
    • 7 months ago
    • Sophos Firewall
    • Discussions
  • Loopback Management interface

    mohammed kassouat
    mohammed kassouat
    Hi, I'm reaching out because I'm interested in configuring a loopback interface to manage Sophos. I prefer not to use the IP from our management network for this purpose. I attempted to create an alias on port A, and while I can successfully ping it…
    • 7 months ago
    • Sophos Firewall
    • Discussions
  • IPs outside our range ips.

    Fernando Pablo
    Fernando Pablo
    We have 3 IPs outside our IP range. These IPs are in the range 192.168.10.1 and our IPs range are in the range 192.168.1.1, what can I do in our Sophos model FW firewall? Thaks in advande
    • 7 months ago
    • Sophos Firewall
    • Discussions
  • Sophos PPPoE wrong credentials

    admin_idl
    admin_idl
    Hello, We have switched from an XG to an XGS with backup/restore. A WAN connection works via PPPoE. This runs smoothly on the old XG. However, after we put the XGS into operation, the Internet connection did not come online and there was an error message…
    • 7 months ago
    • Sophos Firewall
    • Discussions
  • Cant get a simple directly connected network firewall rule working. XGS126

    PeteH
    PeteH
    I am completely stumped by this. I am sure its something obvious that I am overlooking. Lan Port 1 - 192.168.1.254/24 MGMT port 5 - 172.16.0.254/24 I already had a rule saying mgmt subnet source 172.16.0.0 could access lan subnet destination 192…
    • Answered
    • 8 months ago
    • Sophos Firewall
    • Discussions
<>