Hi, I am new to sophos firewall world. Yesterday, I discovered that my firewall is still accessible using the default ip address that was assigned for initial configuration. I have discovered that Port 1 has this IP but there is no ethernet plugged…

In many customer-projects we need to change the interface <-> hardware-port associaton within network-projects. I'm aware that you can use XML export/import to do this, but there still the risk to forget about some dependencies and failing manual config…

Hallo zusammen, für mein Eigenheim plane ich eine XGS 107 an einem Telekom Glasfaseranschluss zu betreiben. Am liebsten würde ich auf das externe Glasfasermodem verzichten wollen. Über Sophos Hardware & GPON SFP Fiber / Glasfaser How-To habe ich nun…

Hi all, I need some help with redoing my firewall setup. It was done a while ago and I’ve made some mistakes that I’d like to correct but want to minimise the amount of work. Here’s what I have : my firewall is a 6 ports firewall. 2 have been…

There are some errors in the predefined "Internet IPv4..." hosts. This list is the clearly wrong ones imho. Internet IPv4 (129-169) should be "(128-169)" Internet IPv4 (191-191.1) seems completely mislabeled, and likely incorrectly defined altogether…

I've been looking at a strange issue on my devices regarding IPv6 addressing (at least an issue I think is strange). I am not using SLAAC. I have a Sophos XG acting as a DHCPv6 server issuing a private IPv6 prefix, let's call it AAAA:AAAA:AAAA:AAAA:.…

Need some help getting our Sophos XG 136 (LAB) Firewall working with IPv6. ABCDC01: Role = Windows Server 2019 Domain Controller IPv6 = fc00:2222:3333:4444:cccc:dddd:eeee:10/64 IPv4 = Not Enabled Gateway = fc00:2222:3333:4444:cccc:dddd:eeee:ffff…

Hi All, I have a Internet Link from FiberOne ISP. I used a media converter to convert the Fiber link to Rj45. Then I plugged it into a ASUS DSL Modem/Router to use Wifi. in this situation, I got IP Address A, and I have the internet. But, I have a lot…

Hi All... Customer has XG135 (SFOS 19.5.3 MR-3-Build652), Sophos is the main DHCP server for the network, for the last few months we have been battling with a strange issue. Sophos LAN IP is 172.16.0.10 Internal Microsoft DNS server 172.16.0.1.…

Hello! We are planing micro segmentation of our server farm and thus will need a bunch of vlans in the range of 200-300, but there seems to be a limit on how many vlans can be added to a physical interface according to this kb: https://support.sophos…

We have been asking for the DHCP option for TFTP boot options to be fixed and the reply was It is planned to be fixed in the upcoming v20.0.1 MR-1 Can you please post the schedule for the net coming maintenance to be ready for release?

Hello, I have been trying and failing to get SNMP monitoring working for my Sophos XG firewall using PRTG. I have done the following to try and get this working: Enabled the SNMP agent in the firewall config Added the SNMP manager address and…

Is there any way to use SNMP to monitor traffic flow through an IPsec tunnel? I'm successfully capturing port traffic with SNMP but would also like to capture the traffic between our two sites via an IPsec tunnel.

Hello, Can someone help me with my Datto RMM Monitor for Sophos? The policies have been installed way back, but when we replaced the firewall from one of our sites, the Datto Sophos Monitoring is now offline. I am new to both Datto and Sophos community…

Hi all, I have a huge problem with simple ping to NAS VLAN from any other VLAN. I tried almost everything and it just doesn't work. My infrastructure: Sophos firewall with NAS VLAN 2, no DHCP, Synology has fixed IP X.X.2.100 on port 2 with gateway…

We have been allocated an IPv6 /48 from our ISP. I plan on using Global/Public IPv6 addresses for my clients utilizing /64 networks from that /48. Kinda one of the main goals for IPv6 to not have to NAT behind a public address. I am able to successfully…

Hi everyone, I can confirm that (to me :-) there seems to be a bug if you have more than one WAN interface with PPPoE: The " Schedule time for reconnect" under "Network" -> "Interface" -> WAN-Port will not be respected though it will show correctly…

Was passiert mit einem eingerichteten DHCP wenn die Lizenz abläuft?

Disclaimer : This information is provided as-is for the benefit of the Community. Please contact Sophos Professional Services if you require assistance with your specific environment. ______________________________________________________________________________________________________________________________________…

Good evening everyone, a customer of mine has currently patched an XGS firewall (SFOS 20.0.0 GA-Build222). The customer had a vulnerability scan with a result of 1 Medium CVSS. Namely: DNS Server Recursive Query Cache Poisoning Weakness www.tenable…

Hello, We are doing inventory work and we want to know the MACs of the interfaces of our 2 Sophos firewall but I don't see any information online Someone can help me out? Thanks and regards

Hello, Using the Sophos API (v20) ( https://docs.sophos.com/nsg/sophos-firewall/20.0/API/index.html ), authentication works whether it's a local account or an Active Directory account. However, when creating a VLAN through the API, an error occurs…

Hello, I have the following problem. We have two Active Directory Windows DNS servers on the internal LAN. They have entered the Sophos XG Firewall as a DNS server as a forwarding. The Sophos XG Firewall itself queries public DNS servers on the…

hi Community. we have a lte router with a static IPv6 IP-Address on the WAN-Side. I turned on the DHCP for IPv6 as you can see below: and as you see, the xgs gets an ipv6 address: The Sophos Cluster has v20 installed and I can see the cluster…

I'm upgrading my firewall and trying to figure out a simple way to switch my regular LAN from port1 to portF1 after importing the backup. I want to upgrade from the regular 1-gig connection to a faster 10-gig SFP connection. The tricky part is that there…