We just had a PCI compliance scan and we failed because HTST wasn't enabled. Looking through everything HTST is enabled on all of our Web Server Protection rules including the default one. The PCI scanning company said the server replying is using apache…

Hello All, Yesterday my Firewall start trigger IPS alerts, 8 in totals. I see a specific WAN IP address in the rapport i want to completely block. I have read couple older disscution but nothing fully help me. I have already do this firewall rule: …

Good afternoon I have a problem that when I create a policy for firewalls and it is activated, it does not work. My goal is that I want to block access to the Internet, that is, so that when I go to some web page, my access is blocked, so that a message…

I am facing a very unique scenario where I simply want to disable the one ISP which in going in through Physical port in Firewall when that particular ISP goes down, don't want it as backup or primary, just want that port to turn itself off when ISP goes…

Dear Sophos Support Team XG135 sophos firewall port forwarding not working properly on our customer ..he has remote access on IPPBX branch..how can i solve this issue

We have remote users to connect to a Sophos SSLVPN. We then create the following filewall rule between them and the servers to ensure that they have Sophos AV installed and that there are no issues on either side. Unfortunately, when we do this, no-one…

I would like to get an opinion on firewalled subnets for security. This would be LAN subnets only. Subnet A is servers and subnet B is desktops. Subnets A and B have outbound internet access only. Subnet B (desktops) need to access Subnet A (Servers)…

I have an IKEV2 vpn server with internal IP 10.83.185.200. I am attempting to portforward traffic from my WAN port to to LAN port. For some reason, I am able to access the vpn server from the LAN side using my public IP. However, when I attempt to access…

Hello all We have 2 different NVR devices integrated to the Sophos XG firewall Lan zone via regular network switch. Is this type of integration without any VLAN definitions and different Ports is preferable ? This screens are latest situation…

How to block malicious IP or IPs on Sophos firewall ?

Hello. We had 2 XG330 firewalls in our environment that failed within a week of each other. I was able to back up the configuration from the working firewall before it failed. We installed 2 new XGS3300 firewalls and restored the configuration to those…

We have a main HA firewall XG210 pair, currently in 19.0 latest MR release, connecting to various XG and XGS units in the field. We have dedicated links to the far end locations, and on the XG210 at the head office it is configured as being over LAN…

I would like to allow access to our IPSec VPN from our guest Wi-Fi for testing purposes. I have created a simple rule that allows internet access. Unfortunately, I always get an error when setting up the VPN connection. Anyone know a solution…

In Sophos XGS 136 firewall , we have four internet providers. Is there any possible to configure specific network to specific user

hello, i have two ip subnet on port-1 Lan interface (Vlan), the host pc can able to ping the Firewall Gw ip but from FIrewall to Host ping not work, i checked the Local windows firewall its already turned off. Now 100.0/22 subnet not reach to 15.0…

I have two internet connections from two different ISPs. Let one be called X and the other be called Y. X and Y are separately connected to a firewall. I use X actively. I want Y to be active when X loses internet connection. Then, when X internet connection…

My XG 125 is blocking me from reaching hulu.com, and also blocking google shopping when it redirects me to googleadservice.com. As a test, I temporarily bypassed the XG, and I could get to those sites. So I know that the XG is blocking those sites. Then…

we configured Sophos XG in MTA mode. We need to restrict access to Port 25 for SMTP traffic to specific terminals only. Currently Port 25 is accessible from all LAN networks

I am creating a new firewall rule and want to add a linked NAT rule to it, but the fields for adding source, destination and other parameters are greyed out: That warning which is visible in the printscreen does not make sense to me - can someone…

Servus liebe Leute, mich würde interessieren warum diese (siehe Screenshot) Firewall Regel ausgegraut ist bzw. was diese bewirkt!? Über Antworten würde ich mich sehr freuen.

good mornig i have a problem with mi firewall cgs3100 in my institucion, the development area made an apk service and my firewall block the conection with this apk, actually we try everything change rules of conection, made news rules en webs without…

Does the order of Sophos UTM "Network Protection" firewall rules matter at all?!?!?! On my sophos utm, the "Network Protection" firewall rules are as follows (summarizing) Top Rule = deny PrivateIP#1... any protocol... to any external ip (block…

I have a couple of UTM clusters that each has more than 200 firewall rules, and I want to load them in excel to make a traffic matrix. The firewalls are managed by SUM but I didn’t find a way to export the rules to a file. While it's possible to do…

Hello everyone, we have sophos utm 9. We want to do white-box testing with a dedicated kali host. we want to give all access permission for the host to scan all port and ip of internal network. What should I do for this purpose? Any help would…

Hello, So I'm running SFVH (SFOS 19.5.3 MR-3-Build652). The firewall is running on a VP2410 mini PC. My Asus router is 'bridged' to this unit and everthing works fine with one exception: The WiFi on the Asus is somehow being blocked by my Firewall and…