Hi, I have a proxmox hypervisor I use it to spin up VMs and LXC containers, and I use MAC addresses to enforce some rules on my Sophos firewall. how can I add a MAC range so all the new VMs that have random generated MAC addresses (under the same vendor…

Hi all, Sophos XGS SFOS 20.0.2 MR2. When I try to check a ping: It only accepts IP Addresses or names without capital letter! I can resolve blabla.domain.local but not BlaBla.domain.local "Please enter a vlid IP or hostname". Is that bug or…

I’m currently facing some connectivity challenges with my network setup. My PABX and SIP systems are working fine—they respond to ping requests, so they’re definitely online. However, I can’t seem to get any incoming connections from the PABX to my Sophos…

1 Firewall 2024-10-26 14:10:51 Appliance Access Denied N/A 0 PortA1.10 10.10.1.3 10.10.1.255 137 …

Hallo Gemeinde Auf der alten UTM konnte ich in den Netzwerkdefinitionen Mac-Adresslisten erstellen und diese dann als Black oder Whitelist verweden. Auf meiner XG-Home Sfos 20.0.2 MR-2 Build378 gibt es unter Wireless / Wireless-Networks / "myWLAN…

Hi, I moved to Version 21.0 GA (Home Edition) recently. I noticed that in control panel, no events in the log or counters are logged that X-Ops is doing anything: A configured third party threat list (abuseipdb.com) is working properly and blocks…

Hi Zusammen, ich hadere gerade damit, das IPS einer Sophos so einzurichten, dass sie einen Portscan blockiert, oder zumindest überhaupt mal erkennt. Meine Richtline hat einen Smartfilter "nmap" (hab aber auch schon alle 7k Richtlinien aktiviert…

Hallo Zusammen, ich würde gerne in der Sophos XGS107 eine Portfreigabe für einen Telefoncloudanbieter einrichten. Welche Ports das sind, wird hier sehr gut beschrieben. https://www.easybell.de/hilfe/telefon-konfiguration/allgemein/firewall-fuer…

Hi all, I have several SFOS V20 in place. I can nomore add an ip network: "You must enter a network IP address." There is not much room for making things wrong and I did this couple of times before. No problem to add an ip host but no chance for…

What is everyone's experience with WAN link load balancing in v20? We're a K12 private school with two identical WAN links from different ISPs, Frontier and Comcast. Our goal is to enable WAN link load balancing in an active-active config, weight 1 and…

I am referencing this documentation https://docs.sophos.com/nsg/sophos-firewall/19.5/API/SYSTEM/Host%20and%20Services/IPHost/operations/AddIPHost&EditIPHost.html There's information on how to add or update an existing IP host object. However, I just want…

We have a /29 subnet from our ISP. I want to use a dedicated public address for our guest network traffic. I've added an alias on the PPPoE port and thought I could then just use an SD-WAN rule to route the traffic, but the alias doesn't appear in the…

SNAT with multiple WAN gateways isn't working.. WAN Gateway 1 = Port3 - its public with /27 worth of aliases WAN Gateway 2 = Port5 - its public with /28 worth of aliases (IP Host) SNAT with Port3 aliases work for all of the rules I've created…

Hi all, im pretty new to the sophos firewall i noted that on the dashboard it showed an attack and also checked the logs whcih are both shown below. From this i can see that it was detected rather than blocked. Is there a way to set the IPS to block by…

Hello All, We have a Sophos XGS connected to a metered WAN connection, in order for devices to connect to the internet the user must authenticate to the Sophos captive portal and at which point a weekly data transfer quota is applied. This has been…

Hi all, i have had a look at the Invalid Traffic page but as stated at the bottom doesnt resolve the issue, just reduces the number of logged entries My setup is as follows Core network is TPLink Omada (Manages the vlans) Sophos setup: Port1 …

Hello, I found a solution where IPSec networks are distributed via OSPF and would like to know if this is correct? Can I use this in a productive environment? 1. SSH -> 4. Device Console 2. system ipsec_route add net 192.168.123.0/255.255.255.0 tunnelname…

Good morning. I have been looking for information about the use of Traffic Shaping / QoS and applied what is indicated but in my case it is not working for me. I have 2 offices, each with a Sophos firewall. The server in office A sends data to the…

Guten Abend, wir möchten gerne mehrere Web-Applikationen auf unserem Server über das Internet bereitstellen. Hierzu habe ich bereits beim Provider die entsprechende Subdomain auf unsere öffentliche IP geleitet. Daraufhin habe ich in der Sophos via…

Hallo Forum, ich habe eine XG106w Rev1. Da ich nur eine Home Lizenz habe, wurde von mir die SFOS Home heruntergeladen und installiert Der Lan port1 hat die IP 172.16.16.16 und die Netzmaske 255.255.255.0 Der am LanPort 1 hängende PC hat die…

Hi, we have a problem with transferring syslog from Sophos firewall to the Arcsight SmartConnector. When we try UDP, logs can be seen in connector. However, with TLS communication fails. This is only example, but ours handshake also fails at Change…

Hi Configured one more WAN IP in the Sophos XGS136, link is up but traffic is not moving through new link, checked load balancing, everything is looking fine Pervious link is working fine, however the new link is not working, able to ping 8.8.8…

Hi There I recently acquired a second-hand XG115W. After wiping the SSD, I successfully installed the V20 HOME firmware on it. However, I've encountered this issue after the installation: Ethernet ports 2 and 3 do not function. I can see the activate…

Hallo, ich versuche gerade vergeblich, eine XGS neben einer anderen Firewall zu betreiben. Die XGS soll im ersten Schritt mit nur einem Port als vorgeschaltetes Gateway und WebProxy dienen, bis das Netzwerk komplett umgestellt ist. [PC] -> [XGS…

Hey Guys, I am using the Sophos XG as DHCP server which provides two DNS servers. One is a Pihole and the other one is the SophosXG itself. So normally the devices should resolve internal and external domains via Pihole, but when it is not available…