Hello, we have a problem which with the routing over VPN. A user is connected to SSL VPN with the XGS. The XGS has a site to site IPsec VPN connection to resources in the cloud. A request from the user's client using SSL VPN for resources in the…

Hello, I work on 2 Sophos XG on 2 different sites. They communicate with each other using a Site-to-Site IPSec VPN. Site A : Sophos-XGS 33100 (SFOS 19.5.3) Site B : Sophos-XG 330 (SFOS 19.5.3) 3 subnets of Sophos A are configured to be able…

Hi, maybe a dumb question but what does the command really do? Maybe it is because of my special setup with the BO firewall tunneling all traffic to the HO firewall. But as far as I understood the - very well hidden - comparison whenever I want to do…

Hello, I have 2 branch offices that are connected to the head office via VPN , now I want to connect these 2 offices to each other using the head office as a forward node, is that possible? if so please explain how PS: The branch offices don't have…

Hallo, ich habe folgende Situation: 2x Sophos UTM 2 Standorte verbunden über einen IPsec Site2Site Tunnel, automatic firewall rules enabled Standort 1: 192.168.240.0/24, UTM IP Address 192.168.240.254 Standort 2: 192.168.0.0/24 , UTM IP Address…

Hi there. I have 3 sites, each connected to our datacenter. Location 2 has a Tunnel interface connection, Location 1 and 3 have a Site-to-site connection. Like this: Location1 ====sitetositetunnel===== Datacenter=====tunnel=====Location2 Location1…

I have 2 XGS "A" and XGS "B", connected by a Site to Site IPSEC tunnel. Connections work fine. Now i have to have access to a network at "B" by a Remote-VPN connection at "A" Remote-VPN => "A" <=> "B" The vurtuell network of the Remote …

Hi, we have branch which is connected via site to site vpn. They have their own internet access. My question is there anyway i can route the internet on some pc through VPN site to site and not to their firewall? Thanks, Nidz

Hello, I have bought my first Sophos Firewall and I need some help. Setup: Port1: LAN - 172.16.0.1/23 Port2: WAN - Public IP (PPPoE) Port3: LAN - 192.168.1.1/24 Site-to-Site IPsec tunnel: Port1 172.16.0.1 (local site) - 192.168.0.1/22 (remote…

Hi everyone! New with Networking. Is it possible to connect another router with a different ISP to my existing architecture? Please refer to the diagram below. The purpose of the "to be implemented architecture" is to allocate all the bandwidth…

Hi all, I have a HQ site and a branch site. There's a policy-based ipsec site2site connection established the sites. Branch site has SSLVPN(OpennVPN 10.81.255.0/24) server running and is used as default gateway. Branch site also has an internal…

Hi, I am sure this is something that is really easy to fix but I seem to be having some issues with the IPsec (Remote Access) setup. I have followed a detailed setup guide and while I can connect OK, once connected I cannot seem to ping anything on…

Hello, I've got a strange problem to get a connection between a VPN IPSEC Client to a single device (IP-Camera) that is connected to the LAN. The XG-Firewall is running the DHCP- and DNS-Server. What I've noticed is that the camera lacks a "client…

Hallo Community, ich habe eine Frage zu einem Szenario was ich gerne aufbauen würde und wollte wissen ob und wie ich das am besten umsetzen könnte. Der Server1 (10.132.0.17) soll den Server2 (10.30.0.3) erreichen und dafür bitte die Route über 10…

Hello. I have 2 sites with 2 ISP each other: Site 1 (ISP A, ISP B), Site 2 (ISP X, ISP Y). So I think to config 4 tunnels like we did with Site-to-Site IPsec VPN: Tunnel A-X, Tunnel A-Y, Tunnel B-X, Tunnel B-Y. Site 1 publish this networks (192…

I have 2 firewalls. Firewall A is a XG and Firewall B is an SG A ---- B IPSEC Tunnel On A x.x.x.x/24 can ping on B x.x.x.x/24 and vice versa However on the A side if you browse to the webpage of that device such as a esxi host or synology…

Im using XG Xtream SFOS 18.0.4 MR-4.I've successfully configured site-to-site IPsec tunnel. Im able to ping other no issue. Now i want to know how i can route specific websites over the tunnel to other point. Like facebook, Google and Instagram traffic…

Hi, I am running IP-sec s2s vpn between branch(Sophos- CR25ING, XG v17.5 ) to HQ (Palo Alto-5220), vpn established and working fine. for better security and filter, we need all traffic should be routed through HQ, how can we achieve this? I have…

Good day! I am having to setup a new network for an IP based phone system our organization does not control. The system needs to work over the IPSec tunnel between two sites running Sophos XGs. Because we don't have access control over the system, we…

SSL VPN issue Hello!! I have actualy a problem, I configured a À SSL VPN. My all setting is perfectly configurate. But when I test in my PC I can't connecte. If I test in my Samsung Note10 + with OpenVPN the connection is successfully but no internet…

I was wondering if in one of the next MRs in SFOS 18 it was possible to include one or both of the following changes: Including the VTI interfaces in the pull-down menu options for PING diagnose * When pinging with an internal interface, letting…

Ok, something that I've easily done many times on all of our UTMs. I have a new IPsec tunnel I built to a 3rd party. We are just accessing a single remote (198.0.0.2/32) host configured in the tunnel, but it needs to be accessed from 4 different hosts…

Here is our current setup - We have 3 sites, remote site is 192.168.0.0, HQ is 192.168.1.0, and a site to site tunnel to a hosting site where we access one host (192.168.216.3). The tunnel is configured between HQ and the hosting company, that connection…

Hello, We have an IPSec site-to-site VPN which is Active and Connected but we're not getting any inbound traffic, we can't ping from the Remote to any Local IP's but it works the other way around. Tried a bunch of different combinations of Policy…

Have setup SSL Remote VPN Connects fine and is able to access the LAN of the XG What i want to achieve is to be able to access IPSEC VPNs to other remote LANs via the XG. I have tried setting the VPN settings to use as default gateway and adding…