Hi All Ive spent some time on the Sophos documentation but I'm unable to get to an answer via the available online resources. I have a firewall with a few basic rules. Unrestricted internet policy - less web and app filter restrictions based on…

Hello everybody, I would have a question to the firewall rules and DSCP marking under "Other security features"... My Sophos instance is running in bridge mode in front of my router's WAN interface (with only one public IP). I apply the function " Scan…

Guten Tag, ich habe ein Business LAN und ein Private VLAN aufgebaut. Der Drucker steht im Business LAN, ich möchte aus dem Privaten VLAN über iPhone "AirPrint" "Bonjour" auf dem Drucker drucken. Die FW Regel habe ich erstell, über die IP-Adresse…

Added a new firewall rule. It does not show in the Rules and Policies. I thought maybe I didn't click 'Save'. So I went back in to add a new rule. This time when I try to add the rule, it says 'Rule already exists.' Ummm, okay. Where is it?

I would like to block access to and from certain countries with the MTA enabled. This was really simple on the UTM, but seems much more complicated in Sophos Firewall. I have created a black hole NAT rule as suggested in the documentation, but can’t work…

Hallo, how is it possible to control the IPSEC Remote VPN Access time-based on the XGS, so that the users can only establish a connection at certain times? Thank You!

I had our Sophos XG87 configured by our reseller when we bought it, since I knew nothing about how to do it properly. I've learned a lot and have changed quite a few things, but want to make a foundational change that will require destroying several things…

Hello, I'm new to Sophos, and am deploying my first firewall to a very basic client, and just want to check what I have configured is a reasonable balance between security and functionality? I am just looking for opinions and whether I have missed anything…

Moin! Wir haben folgende Konstellation, an welcher ich aktuell scheitere, vielleicht habt ihr noch eine Idee: Client: 192.168.0.19 nutzt Praxissoftware von Server 192.168.0.200 Einsatz eines Ti-Konnektors 172.16.10.220 mit GW 172.16.10.200 Route in die…

I have a new xgs ( SFOS 20.0.0 ) and would like for the guest wifi users to be able to connect to our vpn. How can I achive that?

Hii Community, I configured a firewall rule for VPN to LAN connection and another for LAN to WAN connection, attaching a NAT rule with MASQ for internet access. Despite this, I could establish a VPN connection with the Sophos Connect client but couldn…

Hallo Gemeinde, bis jetzt hatte ich immer einer SG230 in dieser Konstallation. Diese habe ich nun gegen eine XG136 getauscht und die Firmware SFOS 20.0.0 GA-Build222 ist installiert und die Konfiguration so von der SG230 übernommen Die Reds und…

Good morning, I currently have a server in an on-premise datacenter that responds to TCP port 12233. So there is a very normal DNAT on the XGS firewall of the public ip 80.80.80.80:12233 towards the private server ip 192.168.1.10:12233 This service is…

hello , i'll try a simple port forwarding when i setup this like below , it works when i change the source port to 7887 then it dont forward. why o why ?

Hallo Zusammen, unglücklicherweise wurde ein Update der XG125 von 19.5. auf 20.0 durchgeführt und anschließend war die gesamte Konfiguration zurückgesetzt. Nachdem ich nun die meisten Einstellungen mühsam wieder eingerichtet habe, scheint mir entweder…

Hallo Zusammen, ich beschäftige mich neu mit der XGS 107 und betreibe diese aktuell neu im eigenen Netzwerk. Aufbau: Fritzbox --> XGS 107 --> Netzwerk Jetzt komme ich schon zur ersten Herausforderung. Zusätzlich hätte ich noch allgemeine Fragen…

Hello. I wonder if Sophos Firewall could be set up to have each VLAN having different WAN gateways ? For example, VLAN 1 will go to WAN 1 and VLAN 2 will go to WAN 2, so that there will virtually be two networks. Originally, I was thinking to set…

Hi, I have been given an iptables command and I would like to create the same rule on my XG. Could anyone confirm if I have "translated" the rule correctly, please? iptables -t nat -I PREROUTING -s 10.100.20.19 -d www.riscocloud.com -p tcp --dport…

Hello everyone! I have 2 SOPHOS firewalls in two different buildings, connected by Long Range Aerials (point to point). FIREWALL 1 is configured like this: LAN 192.168.122.X (Aerial 1 is part of this DHCP pool) WAN public IPs (static) then…

Hi, I am wanting to block the IOT network (xxx.xxx.5.xx/24) from pinging the default gateway of other networks so created a firewall rule to do so however when testing, devices in the IOT network are still able to ping the default gateway of other networks…

Hi! I am a proud owner of XGS 107 and pretty happy with it. I am running a homelab with a few vlans, really nothing special. But there is something, that is bothering me: I am also using Barracuda Firewalls where i work, and there i really like the…

Hello, We have a protection Policy for the NextCloud on Sophos, unfortunetly we have many issues with uploading Photo (many times the upload not working at all what ever is the Photo size or extantion ), every time we must connct to SSH to check the…

After installing Sophos XGS2300, our client stopped viewing his Dahua CCTV remotely on his smartphone, the NVR is online in the AP but CCTV footage is not I dstreaming. I did all the necessary port foward and ports are open RTSP: 554 TCP: 37777 HTTP…

Hi guys, We have been deploying a firewall policy for a few months now and have noticed that there are a few customer firewalls that are unable to deploy the configuration. They all appear to be getting a similar error to the one pictured below. Can…

Hi Sophos community, I'm having a issue for my Wireless router. I have created two rules: 1. Rule 1 for AD users to WAN In the above rule internet is allowed once user is authenticated via AD. Everything is working fine. 2. Rule 2 for Wifi router…