Hi I have a linux server in the DMZ, and I want to manually patch it from time to time. so I want to open access only during patches then close access to WAN. what are all the rules to put in place. well I'm going to choose the scheduled time tab.

Port forwarding rule I have an external ip address (PortB:8) currently used for a production website on port 443. I would like to be able to access a test web server via the same public IP via port 65443 and translate to port 443 at the server.…

Hi all, # XG330 I have a project to set up an SFTP server to transfer data securely from a remote station to the SFTP server located in the DMZ.(Head Ofice) the server is installed, configured and integrated into the dmz. the remote client uses an…

We have 1 WAN IP from our ISP 18 LAN IPs from the ISP Current setup is one CAT6 from ISP to Sophos Firewall. Firewall has the 1 WAN IP interface setup for internet We need a port enabled for on the firewall for a Vendor router to use one of the…

I created a new rule which allows traffic originating from VPN subnet to the external IP address. I verified in the logs that the traffic passes by unobstructed. Also verified in SSL VPN settings that the particular VPN profile contains that IP address…

Hallo, kann mir jemand helfen, denn ich bekomme es nicht hin. Ich habe auf einer Sophos XG ein Netzwerk 192.168.101.xx auf Port1 und ein Netzwerk 192.168.102.xx auf Port 5 eingerichtet. Jetzt möchte ich vom Netzwerk auf Port1 auf das Netzwerk von Port5…

Hallo zusammen, ich habe eine Frage bzgl. der Statischen Routen. Ich möchte eine SG auf eine XGs migrieren und möchte Dienst für Dienst umziehen. Ich möchte in diesem Zuge mit Statischen Routen arbeiten. Nun stellt sich mir die Frage, wenn ich auf der…

Hello Sophos Team, is there a Documentation on what URLs / IPs need to be in a Firewall Rule for Destination Host? I know the Ports that are needed: HTTPS / NTP / DNS -> Forwarded to Firewall IP and Uplink to DNS Protection Just found a List for…

Good afternoon I work at Virtual Box. I have three virtual machines. The first is the Sophos firewall, the second is the Windows 10 client. And on the third I have an Ubuntu server. The task is to block traffic from the Windows 10 client to the Ubunu…

Sooo when scanning the system i've noticed 113 is the only port showing as closed / reject. Since the other ports are Drop I've created a rule to drop 113 from all connections but SFOS isn't honoring the rule. Why? Why would they decided to reject only…

Hello dear all, I'm connected with one of my clients via LAN, without going to the internet, just a LAN to LAN connection to have access to their server. But the port open to receive SNMP traffic is blocked from time to time, and I no longer receive…

Setting up Blink Cameras and the XGS126 is blocking communication with the Blink Servers. Have updated the policy to allow 554, 443 and 80 for the camera's IP Group but still no go. Anyone else got this to work ??

Hello, we have a problem with our client where we put Sophos XG135 with latest update 20.0.0 on their network, like every day at the same time somewhere around 12:30-1pm and in the evening around 7-8pm, the internet stops but Sophos continues to work…

I'm having to restart this system to get Firewall / NAT rules enforced when changes are applied. This seems to happen with quite a few people in the community. I've found sometimes disabling the firewall rule that feeds a NAT rule loads the additions…

hi all, so on our sophos FW i have set up two SD Wans as we have 2 Wans, one for our main network (wan1) and another for our guest network (wan2) as we wanted them separated so there using different public ip addresses problem is i have a laptop going…

I like to open the internet access on the firewall. My Firewall is set up as airgap device. One laptop is connected to it to access the web console of the firewall. That laptop can access to the internet. Could you advice me how can I configured my…

We just had a PCI compliance scan and we failed because HTST wasn't enabled. Looking through everything HTST is enabled on all of our Web Server Protection rules including the default one. The PCI scanning company said the server replying is using apache…

Hello All, Yesterday my Firewall start trigger IPS alerts, 8 in totals. I see a specific WAN IP address in the rapport i want to completely block. I have read couple older disscution but nothing fully help me. I have already do this firewall rule: …

Good afternoon I have a problem that when I create a policy for firewalls and it is activated, it does not work. My goal is that I want to block access to the Internet, that is, so that when I go to some web page, my access is blocked, so that a message…

I am facing a very unique scenario where I simply want to disable the one ISP which in going in through Physical port in Firewall when that particular ISP goes down, don't want it as backup or primary, just want that port to turn itself off when ISP goes…

Dear Sophos Support Team XG135 sophos firewall port forwarding not working properly on our customer ..he has remote access on IPPBX branch..how can i solve this issue

We have remote users to connect to a Sophos SSLVPN. We then create the following filewall rule between them and the servers to ensure that they have Sophos AV installed and that there are no issues on either side. Unfortunately, when we do this, no-one…

I would like to get an opinion on firewalled subnets for security. This would be LAN subnets only. Subnet A is servers and subnet B is desktops. Subnets A and B have outbound internet access only. Subnet B (desktops) need to access Subnet A (Servers)…

I have an IKEV2 vpn server with internal IP 10.83.185.200. I am attempting to portforward traffic from my WAN port to to LAN port. For some reason, I am able to access the vpn server from the LAN side using my public IP. However, when I attempt to access…