Hi, I have been given an iptables command and I would like to create the same rule on my XG. Could anyone confirm if I have "translated" the rule correctly, please? iptables -t nat -I PREROUTING -s 10.100.20.19 -d www.riscocloud.com -p tcp --dport…

Hello everyone! I have 2 SOPHOS firewalls in two different buildings, connected by Long Range Aerials (point to point). FIREWALL 1 is configured like this: LAN 192.168.122.X (Aerial 1 is part of this DHCP pool) WAN public IPs (static) then…

Hi, I am wanting to block the IOT network (xxx.xxx.5.xx/24) from pinging the default gateway of other networks so created a firewall rule to do so however when testing, devices in the IOT network are still able to ping the default gateway of other networks…

Hi! I am a proud owner of XGS 107 and pretty happy with it. I am running a homelab with a few vlans, really nothing special. But there is something, that is bothering me: I am also using Barracuda Firewalls where i work, and there i really like the…

After installing Sophos XGS2300, our client stopped viewing his Dahua CCTV remotely on his smartphone, the NVR is online in the AP but CCTV footage is not I dstreaming. I did all the necessary port foward and ports are open RTSP: 554 TCP: 37777 HTTP…

Hi guys, We have been deploying a firewall policy for a few months now and have noticed that there are a few customer firewalls that are unable to deploy the configuration. They all appear to be getting a similar error to the one pictured below. Can…

Hi community, I'm trying to connect two different Subnets. This is the environment: Subnet A 192.168.1.0 /24 Gateway: 192.168.1.1 Port 4: Company with DHCP address 192.168.1.55 Device: FritzBox Subnet B 10.0.100.0 /24 Gateway 10.0.100.1 Port…

Hi everyone, Firstly let me explain the setup i have for my home network Have WAN plugged into a mini PC which runs Sophos XG. On Interface 4 of Mini PC i have plugged in ubiquiti AP from which other devices get wifi connection ( mobile phone , laptop…

Hi, I read this forum discussion (10 months ago) and it was said that this will be a new feature request. Has it available right now ? xg / xgs - allow ip from specific asn number only Thanks.

Can anyone please tell me (A) How to block all QUIC traffic in and out ,and (B) will that then give me better log reports of url's visited ?. Thanks

I am completely stumped by this. I am sure its something obvious that I am overlooking. Lan Port 1 - 192.168.1.254/24 MGMT port 5 - 172.16.0.254/24 I already had a rule saying mgmt subnet source 172.16.0.0 could access lan subnet destination 192…

What did I do wrong?

Hi I have a linux server in the DMZ, and I want to manually patch it from time to time. so I want to open access only during patches then close access to WAN. what are all the rules to put in place. well I'm going to choose the scheduled time tab.

Port forwarding rule I have an external ip address (PortB:8) currently used for a production website on port 443. I would like to be able to access a test web server via the same public IP via port 65443 and translate to port 443 at the server.…

Hi all, # XG330 I have a project to set up an SFTP server to transfer data securely from a remote station to the SFTP server located in the DMZ.(Head Ofice) the server is installed, configured and integrated into the dmz. the remote client uses an…

We have 1 WAN IP from our ISP 18 LAN IPs from the ISP Current setup is one CAT6 from ISP to Sophos Firewall. Firewall has the 1 WAN IP interface setup for internet We need a port enabled for on the firewall for a Vendor router to use one of the…

I created a new rule which allows traffic originating from VPN subnet to the external IP address. I verified in the logs that the traffic passes by unobstructed. Also verified in SSL VPN settings that the particular VPN profile contains that IP address…

Hallo, kann mir jemand helfen, denn ich bekomme es nicht hin. Ich habe auf einer Sophos XG ein Netzwerk 192.168.101.xx auf Port1 und ein Netzwerk 192.168.102.xx auf Port 5 eingerichtet. Jetzt möchte ich vom Netzwerk auf Port1 auf das Netzwerk von Port5…

Hallo zusammen, ich habe eine Frage bzgl. der Statischen Routen. Ich möchte eine SG auf eine XGs migrieren und möchte Dienst für Dienst umziehen. Ich möchte in diesem Zuge mit Statischen Routen arbeiten. Nun stellt sich mir die Frage, wenn ich auf der…

Hello Sophos Team, is there a Documentation on what URLs / IPs need to be in a Firewall Rule for Destination Host? I know the Ports that are needed: HTTPS / NTP / DNS -> Forwarded to Firewall IP and Uplink to DNS Protection Just found a List for…

Good afternoon I work at Virtual Box. I have three virtual machines. The first is the Sophos firewall, the second is the Windows 10 client. And on the third I have an Ubuntu server. The task is to block traffic from the Windows 10 client to the Ubunu…

Sooo when scanning the system i've noticed 113 is the only port showing as closed / reject. Since the other ports are Drop I've created a rule to drop 113 from all connections but SFOS isn't honoring the rule. Why? Why would they decided to reject only…

Hello dear all, I'm connected with one of my clients via LAN, without going to the internet, just a LAN to LAN connection to have access to their server. But the port open to receive SNMP traffic is blocked from time to time, and I no longer receive…

Setting up Blink Cameras and the XGS126 is blocking communication with the Blink Servers. Have updated the policy to allow 554, 443 and 80 for the camera's IP Group but still no go. Anyone else got this to work ??

Hello, we have a problem with our client where we put Sophos XG135 with latest update 20.0.0 on their network, like every day at the same time somewhere around 12:30-1pm and in the evening around 7-8pm, the internet stops but Sophos continues to work…