Hello there, I have been searching long time to do the following with Sophos XG 230 Firewall. But still could not find solution. Can anybody help 1. Block Microsoft 365 One Note alone. Rest of the Microsoft 365 should work. Blocking One Note on Application…

Hello World, I have to Internet gateways from my ISP as part of a package deal. I would like to use one internet gateway as my production traffic and the other gateway as my lab traffic. None of the resources behind need to talk to each other. I just…

Dear tEam, I cannot allow traffic from an external ip and a specific port to my local server. I tried differents things but it doesn't work.

I have been having an issue where my smart tv hangs when apps first start up. It hangs for...several minutes sometimes. Checking my firewall logs, this is the reason, and after the several minute hang, everything works, which makes sense since it's now…

Hello all, I'm used to another known firewall vendor but I decided to give this for my home network a try since the other solution is way too expensive. My goal is to use a single link between my switch and my Sophos appliance so I do not need lots…

I have an XG330 running 20.0.2. I'm trying to configure BFD+BGP. The BGP portion works great. However, the BFD portion does not. I enabled BFD from the CLI. The following is what my BGP configuration looks like from the CLI: Current configuration: …

Hello, Can anyone tell me if the Sophos XGS can translate IPv6 to IPv4 addresses? If so, where can I set it? Or do I also need an IPv6 range in the internal network?

Hi, Is there any option to detect internal network port scans from within the network or networks? Like for example using nmap or netcat or others from inside the local network, not from a wan source. I'm posting this in endpoint as well. Thanks…

Hi, what would be the proper way to configure different WAN ALIASES for outbound traffic, for example in this manner: LAN users would use WAN Alias 1 for browsing and accessing web LAN2 users would use WAN Alias 2 FreeWiFi users would use WAN…

Hello, We've seen a message on the Sophos Firewall WEB-UI leading us to this article: "Multiple failed login (brute force) attempts for WAN-facing portals on Sophos Firewall" https://support.sophos.com/support/s/article/KBA-000009932?language=en_US…

Hi, On brand new XGS-136 I have problem, which cannot solve for few days. So I would appreciate any hints. Packets are dropping randomly every minute or so, sometimes even more frequently, in the following direction: From LAN side --> to Sophos…

Hi Folks, I'm moving from UTM to SFOS. Getting it setup with the basics was all fine but something I've been wanting to try for a while was to remove the masq rules as sophos is my back firewall in a back to back config. I ran into an issue though…

dear all, can someone help to block both telegram App and website on my sophos firewall

hello, Alert Message: Message: SERVER-WEBAPP Arcadyan Routers CVE-2021-20090 Path Traversal Attempt I got this Alert today, and the attacker is one of the company's computer, I read an article about this vulnerability…

Hi everyone, I am using a Huawei 3372 LTE stick on my SG-125 with SFOS for a couple years now. It is configured in DHCP mode as a failover WAN connection when the main connection goes down. Up until now this worked as intended but after upgrading the…

clear 840 / 5.000 Übersetzungsergebnisse Übersetzung Is there a way to delay the failback in the event of a WAN failover? Our customer gets his Internet access…

Hi, I am new to Sophos products I newly get into it and the BASIC installation has been done. I discovered the Sage300 application that our staff working remotely using a public IP to connect to the onpremises server is not working after installation…

I have a problem regarding may rujie AP that connected in sophos firewall XGS2300. I created VLan 172.16.16.16 for employees user(mac binding) and Vlan2 17.15.15.16 for Guest wif(DHCP) from 172.15.15.20-100. My problem was when i tried to connect my android…

Looking at IP Hosts like #Port2 or ##ALL_RW, they are dynamic IP addresses, correct? So if Port2 is my WAN port and the ISP changes my IP (via DHCP), wherever #Port2 is used in any rule will automatically be updated instantly so that the rule still applies…

If you are not registered in Active Directory, you cannot access the internet. How can I do it?

Hello, Over the holiday weekend we upgraded our XG330's from 19.5.4 to 20.0.2 MR-2-Build378. After the upgrade none of our wildcard FQDN rules are resolving/working. They worked perfectly fine prior. This is causing quite a bit of issues for user authentication…

Hallo zusammen, seit Donnerstag bekomme ich ständig die Warnung mit folgender Nachricht: Message: Access from IP address '92.53.65.166' is blocked for '5' minutes after '5' unsuccessful login attempt. Unsere Firewall ist Alert for XGS2100…

On September 4, our Firewall VPN Portal was attacked from IP 92.53.65.166 (Russia) with hundreds of login attempts for different usernames. After bloicking this, today (September 8) we have been hammered by another attack, this time from hundreds of different…

Since today we have been experiencing massive password spraying attacks on many Sophos firewalls, especially on the VPN portal, which listens to port 443. Apparently these are attacks from Russia with the IP 92.53.65.166. How can I create a rule to prevent…

Hello: I have a WAN port (Port 2) that is connected to our ISP with an IP block of 65.170.xxx.xxx/29. We have another block of IP addresses from the same provider at 63.162.xxx.xxx/29. Both come in thru the same ISP router (Cisco 4300). There are 4…