We use a block countries rule to control from where our user can connect to the VPN. We noticed two new entrys in the list this morning "Europe" and "Europe Continent" When we take either of them out regardless that Germany is allowed, is Germany…

Hey All, I was wondering has anyone else noticed Netherlands isnt in the country blocking list for Sophos XG ?

Hi all, we moved from LANcom to Sophos XGS SFOS 20.0.2. Fine so far. We migrated last night. Now it comes more and more, that some webclients are unable reach some URLs. Every clients are able to resolve every DNS name. But when putting that DNS…

Hey Folks, while deploying one XGS after another we noticed that Client-IPs in reports e.g. aren't resolved into DNS Names like on our SG/UTM Models. We created a DNS request route: 168.192.in-addr.arpa and domain.local pointing to the internal Windows…

Hello everybody, Hello, I'll explain my case, I have a Sophos XG 106. I have one connected to my LAN pin I virtualized a Windows 11 PC with VMWare Workstation, can I make my virtualized PC benefit from the DHCP that I put on the Lan pin of my Sophos…

Hallo Zusammen, ich bin gerade etwas ratlos. Wir haben gestern eine weitere Sophos XGS116 in Betrieb genommen. Leider funktioniert die interne DNS Auflösung vom lokalen Standort A zum internen Active Directory am Hauptstandort B nicht. Die DNS-Anfrageroute…

Hi, I added some domain names to IP mapping under DNS request route to resolve DNS queries for those domains. The subnets behind these domains are connected through IPsec and are reachable but except one, all other domains are not getting resolved.…

Hey Dears, I have a Sophos firewall version 19, I want to ask if i can deauthenticate an Ip shown in DHCP leased list to force it to obtain new Ip or disconnect it immediately? Thanks

Hi folks, a couple of days ago my network was downgraded/upgraded from 1000/50 to 250/100, all very good. The IP4 address is now static assigned by the RSP DHCP servers. After a number attempts for over an hour and logging a fault with the RSP, investigation…

I am working on migrating functionality from UTM to SFOS on XGS3300 hardware. This organization subscribes to this DNS filtering service: https://www.cisecurity.org/ms-isac/services/mdbr In the UTM, it was easy to bottleneck DNS queries so they are…

I need some help to understand why this firewalls IPv6 gateway is constantly reported as failed. It's XGS126 with SFOS 20.0.1 Because of that Gateway errors I reconfigured it from being an active gateway to a backup failover gateway only. I have…

hello, Can I have a detailed procedure to configure my sophos xg106 as a dns server ? Thanks

Hello Everyone, I am having a little configuration issue with my web server on a VLAN. All my VLANs have internet access but I can't seem to access my web server from outside my network. Can anyone post an example firewall rule from Public IP to VLAN…

I am not planning to use Sophos Central, my XG firewall is standalone. I have a fairly complex security stack setup with a separate IDS/IDS and SOAR type system along with a honeypot outside my firewall protected zones. I would like to automate whenever…

Hi, my current network looks like this. This is a double NAT scenario but works quite well. Now I got a Unifi USG for testing purposes. I'd like to add it between the Sophos XG and the Unifi Switch. The Sophos should keep on managing DHCP, DNS…

Hello, we got 2 new XGS450-firewalls. Currently the configuration is blank. The firewall should manage the vlan traffic. We have 3 branches. They are connected with a cisco mpls-network. Our internet-firewall in the mpls network: Should be…

Hi experts, I have an external web site hosted in the AWS, and the DNS domain name is registered in my local DNS server (Windows 2019 with AD and DNS). I have configurated the DNS options in Sophos XGS as shown below. The website does open for internal…

Hello, I refer to RE: DHCP Static IP mapping for same client multiple networks? With the update from SFOS 20.0.0 GA-Build222 to SFOS 20.0.1 MR-1-Build342 the Sophos system dhcp conf-generation-method has been set to old again: console> system…

hello, I noticed that when I execute the `snmpwalk` command on the OID `.1.3.6.1.2.1.31.1.1.1.18` (ifAlias), the result comes back empty. When I execute the OID `.1.3.6.1.2.1.2.2.1.2` (ifDescr), it returns the interface name. For example: eth7. …

We have a Sophos XG135 firewall running SFOS 20.0.1 MR-1-Build342). We have a cloud 8x8 VOIP phone soultion which is having intermittant audio issues. We have been asked to run their network diagnostic tool which is reporting back UDP port 443 outbound…

Referencing this previous post: Webpages SLOW to load That post is over 7 years old and locked, so I am posting here. I recently started having this same issue...Web pages take 30+ seconds to load for all users on network A number of coincidental…

Hi, I'm using a XGS116 with SFOS 20.0.1 MR-1-Build342. I've got a public subnet 1 (2.1.1.0/30) assigned by the ISP. 2.1.1.1 is their gateway. 2.1.1.2 is used as static IP of PortF1 (ISP1). I've got a backup connection on Port3 (ISP2). I've defined…

When will ipv6 be supported over PPPoE ? When I use any other router / firewall I am able to get IPv6 over PPPoE just not via Sophos

Good day We have an XG 35 ON VERSION 20.0.1 There is a phone that is connecting to the network.. and when it connects the network it is getting 192.168.10.1 which is the ip addresss of the firewall .. Our DHCP is the firewall , and the DHCP pool…

In the IPv6 training, a manually configured IPv6 link-local address for the gateway was considered "best practice". fe80::1 would be a good choice... Is it possible to configure this with sophos firewall? ...or why this should not be done? thx in a…