Hallo Gemeinde, bis jetzt hatte ich immer einer SG230 in dieser Konstallation. Diese habe ich nun gegen eine XG136 getauscht und die Firmware SFOS 20.0.0 GA-Build222 ist installiert und die Konfiguration so von der SG230 übernommen Die Reds und…

Good morning, I currently have a server in an on-premise datacenter that responds to TCP port 12233. So there is a very normal DNAT on the XGS firewall of the public ip 80.80.80.80:12233 towards the private server ip 192.168.1.10:12233 This service is…

hello , i'll try a simple port forwarding when i setup this like below , it works when i change the source port to 7887 then it dont forward. why o why ?

Hallo Zusammen, unglücklicherweise wurde ein Update der XG125 von 19.5. auf 20.0 durchgeführt und anschließend war die gesamte Konfiguration zurückgesetzt. Nachdem ich nun die meisten Einstellungen mühsam wieder eingerichtet habe, scheint mir entweder…

Hallo Zusammen, ich beschäftige mich neu mit der XGS 107 und betreibe diese aktuell neu im eigenen Netzwerk. Aufbau: Fritzbox --> XGS 107 --> Netzwerk Jetzt komme ich schon zur ersten Herausforderung. Zusätzlich hätte ich noch allgemeine Fragen…

Hello. I wonder if Sophos Firewall could be set up to have each VLAN having different WAN gateways ? For example, VLAN 1 will go to WAN 1 and VLAN 2 will go to WAN 2, so that there will virtually be two networks. Originally, I was thinking to set…

Hi, I have been given an iptables command and I would like to create the same rule on my XG. Could anyone confirm if I have "translated" the rule correctly, please? iptables -t nat -I PREROUTING -s 10.100.20.19 -d www.riscocloud.com -p tcp --dport…

Hello everyone! I have 2 SOPHOS firewalls in two different buildings, connected by Long Range Aerials (point to point). FIREWALL 1 is configured like this: LAN 192.168.122.X (Aerial 1 is part of this DHCP pool) WAN public IPs (static) then…

Hi, I am wanting to block the IOT network (xxx.xxx.5.xx/24) from pinging the default gateway of other networks so created a firewall rule to do so however when testing, devices in the IOT network are still able to ping the default gateway of other networks…

Hi! I am a proud owner of XGS 107 and pretty happy with it. I am running a homelab with a few vlans, really nothing special. But there is something, that is bothering me: I am also using Barracuda Firewalls where i work, and there i really like the…

Hello, We have a protection Policy for the NextCloud on Sophos, unfortunetly we have many issues with uploading Photo (many times the upload not working at all what ever is the Photo size or extantion ), every time we must connct to SSH to check the…

After installing Sophos XGS2300, our client stopped viewing his Dahua CCTV remotely on his smartphone, the NVR is online in the AP but CCTV footage is not I dstreaming. I did all the necessary port foward and ports are open RTSP: 554 TCP: 37777 HTTP…

Hi guys, We have been deploying a firewall policy for a few months now and have noticed that there are a few customer firewalls that are unable to deploy the configuration. They all appear to be getting a similar error to the one pictured below. Can…

Hi Sophos community, I'm having a issue for my Wireless router. I have created two rules: 1. Rule 1 for AD users to WAN In the above rule internet is allowed once user is authenticated via AD. Everything is working fine. 2. Rule 2 for Wifi router…

Hi community, I'm trying to connect two different Subnets. This is the environment: Subnet A 192.168.1.0 /24 Gateway: 192.168.1.1 Port 4: Company with DHCP address 192.168.1.55 Device: FritzBox Subnet B 10.0.100.0 /24 Gateway 10.0.100.1 Port…

Hello guys Fiber Interlink Network 1 should be able to communicate to network 2 through the fiber link Please assist in configuring

Hi everyone, Firstly let me explain the setup i have for my home network Have WAN plugged into a mini PC which runs Sophos XG. On Interface 4 of Mini PC i have plugged in ubiquiti AP from which other devices get wifi connection ( mobile phone , laptop…

Hi, I read this forum discussion (10 months ago) and it was said that this will be a new feature request. Has it available right now ? xg / xgs - allow ip from specific asn number only Thanks.

Can anyone please tell me (A) How to block all QUIC traffic in and out ,and (B) will that then give me better log reports of url's visited ?. Thanks

Hallo zusammen, ich bin sehr gerne jemand, der Sophos benutzt. Früher UTM nun XG. Wir sind von WatchGuard gerade umgestiegen und nutzen nun eine XGS2100. Soweit sind wir auch zufrieden, nur die alten Sekundären Netze sind ein Problem. Wir haben…

I am completely stumped by this. I am sure its something obvious that I am overlooking. Lan Port 1 - 192.168.1.254/24 MGMT port 5 - 172.16.0.254/24 I already had a rule saying mgmt subnet source 172.16.0.0 could access lan subnet destination 192…

What did I do wrong?

Hi I have a linux server in the DMZ, and I want to manually patch it from time to time. so I want to open access only during patches then close access to WAN. what are all the rules to put in place. well I'm going to choose the scheduled time tab.

Port forwarding rule I have an external ip address (PortB:8) currently used for a production website on port 443. I would like to be able to access a test web server via the same public IP via port 65443 and translate to port 443 at the server.…

Hi all, # XG330 I have a project to set up an SFTP server to transfer data securely from a remote station to the SFTP server located in the DMZ.(Head Ofice) the server is installed, configured and integrated into the dmz. the remote client uses an…