• Can't Ping DNAT Host Remotely

    Clay Tsuhako
    Clay Tsuhako
    have created a new alias port (Port 5:0) on our Sophos XG 210 (SFOS 20.0.2 MR-2-Build378) and created a local host at internal IP of 10.0.0.71). I have also created a firewall rule to allow access to this host from several specified remote hosts that…
    • Answered
    • 3 months ago
    • Sophos Firewall
    • Discussions
  • Request for Advice on Attack-FILE-IMAGE ImageMagick SyncExifProfile Out Of Bounds Array Indexing

    Michael9609
    Michael9609
    Dear Member I hope this message finds you well. I am currently encountering a significant amount of network traffic related to the Attack-FILE-IMAGE ImageMagick SyncExifProfile Out Of Bounds Array Indexing alert. the firewall ais detecting and dropping…
    • 3 months ago
    • Sophos Firewall
    • Discussions
  • Suddenly receiving IP_SPOOF Violations in XG 210 from allowed source

    Clay Tsuhako
    Clay Tsuhako
    Hello: Yesterday I started seeing these IP_SPOOF violations from our remote site that is on the allowed list in the DNAT firewall rule. They are unable to connect or ping our DNAT devices setup behind the firewall. We can connect to them with out…
    • Answered
    • 3 months ago
    • Sophos Firewall
    • Discussions
  • Comcast EDI setup on XG firewall

    Christopher buchanan
    Christopher buchanan
    Hi Comcast has provided us with EDI service consisting of one /30 network to connect to the internet and a /25 for our additional Public IP addresses. One approach would be to use a basic router with one port connected to the /30 network and do a…
    • 3 months ago
    • Sophos Firewall
    • Discussions
  • WEBSER SERVER NOT ACCESS THROUGH VPN

    SatyabrataB
    SatyabrataB
    hi, we have webserver in LAN zone that server access through private IP address IN LAN zone. issue-Right now user in china and access webserver through Vpn but in china vpn not connected only indian sim with roaming will work.how to access webserver…
    • 3 months ago
    • Sophos Firewall
    • Discussions
  • Created Vlan/dhcp but no internet

    Sophos User3521
    Sophos User3521
    I have created a new vlan and dhcp on the XGS, configured the vlan on unifi wifi/switches, I am getting ip however I cannot get internet access. I don't want the vlan to access other vlans however I want computers inside the vlan to communicate with…
    • Answered
    • 3 months ago
    • Sophos Firewall
    • Discussions
  • NAT Port Forwarding not working on XGS210 SFOS 20.0.2 MR-2-Build378

    Mark Tarrant
    Mark Tarrant
    This was working a month or so ago, but the vendor has just now tried it again and it isn't working. The error is Violation Local_ACL.
    • Answered
    • 3 months ago
    • Sophos Firewall
    • Discussions
  • New LAN port not getting ip address from DHCP

    jang430
    jang430
    Hello. I want to use 1 of the excess LAN ports on the firewall to give out ip address of 192.168.88.x to the pc connected to it. Currently, my firewall gives out ip address in the 192.168.1.x range. I first selected the port, assigned it to the LAN…
    • Answered
    • 4 months ago
    • Sophos Firewall
    • Discussions
  • Block Countries List change... Europe and Europe Continent

    Shawn Adams
    Shawn Adams
    We use a block countries rule to control from where our user can connect to the VPN. We noticed two new entrys in the list this morning "Europe" and "Europe Continent" When we take either of them out regardless that Germany is allowed, is Germany…
    • Answered
    • 4 months ago
    • Sophos Firewall
    • Discussions
  • Netherlands not in country options

    RyanHosiassohn
    RyanHosiassohn
    Hey All, I was wondering has anyone else noticed Netherlands isnt in the country blocking list for Sophos XG ?
    • 4 months ago
    • Sophos Firewall
    • Discussions
  • new Sophos XGS - Webclients are unable to reach URLs but DNS works

    GernotMeyer
    GernotMeyer
    Hi all, we moved from LANcom to Sophos XGS SFOS 20.0.2. Fine so far. We migrated last night. Now it comes more and more, that some webclients are unable reach some URLs. Every clients are able to resolve every DNS name. But when putting that DNS…
    • Answered
    • 4 months ago
    • Sophos Firewall
    • Discussions
  • DNS Names do not resolve for Clients in Reports - only IPs are shown

    Peter Riederer
    Peter Riederer
    Hey Folks, while deploying one XGS after another we noticed that Client-IPs in reports e.g. aren't resolved into DNS Names like on our SG/UTM Models. We created a DNS request route: 168.192.in-addr.arpa and domain.local pointing to the internal Windows…
    • 4 months ago
    • Sophos Firewall
    • Discussions
  • Question regarding Sophos and VMware

    Alain Mirval
    Alain Mirval
    Hello everybody, Hello, I'll explain my case, I have a Sophos XG 106. I have one connected to my LAN pin I virtualized a Windows 11 PC with VMWare Workstation, can I make my virtualized PC benefit from the DHCP that I put on the Lan pin of my Sophos…
    • 4 months ago
    • Sophos Firewall
    • Discussions
  • Active Directory DC DNS Abfrage vom Remote Standort verbunden mit policy based vpn

    Terry222
    Terry222
    Hallo Zusammen, ich bin gerade etwas ratlos. Wir haben gestern eine weitere Sophos XGS116 in Betrieb genommen. Leider funktioniert die interne DNS Auflösung vom lokalen Standort A zum internen Active Directory am Hauptstandort B nicht. Die DNS-Anfrageroute…
    • Answered
    • 4 months ago
    • Sophos Firewall
    • German Forum
  • DNAT VPN SDWAN

    Alves
    Alves
    Hi guys, I'm trying to create a DNAT rule that uses the ISP from Firewall A for a host that is on Firewall B. The communication between these firewalls is done via SDWAN VPN When testing the NAT, I identified in the packet capture that the traffic is…
    • 4 months ago
    • Sophos Firewall
    • Discussions
  • DNS request route

    CreateShare
    CreateShare
    Hi, I added some domain names to IP mapping under DNS request route to resolve DNS queries for those domains. The subnets behind these domains are connected through IPsec and are reachable but except one, all other domains are not getting resolved.…
    • 4 months ago
    • Sophos Firewall
    • Discussions
  • Deauthenticate an IP address from DHCP leased

    Ehab Ali
    Ehab Ali
    Hey Dears, I have a Sophos firewall version 19, I want to ask if i can deauthenticate an Ip shown in DHCP leased list to force it to obtain new Ip or disconnect it immediately? Thanks
    • 4 months ago
    • Sophos Firewall
    • Discussions
  • Open ports

    Bill Bird
    Bill Bird
    Had a colleague port scan my WAN port after replacing my dead XG230 with a new XG230. I show all these open ports: I did not have this issue with previous fw (my previous config would not load, sadly). What am I missing? Thanks ahead of time…
    • 4 months ago
    • Sophos Firewall
    • Discussions
  • NAT Port Forwarding not working on XGS2300 (SFOS 20.0.1 MR-1-Build342)

    Louis Nguyen
    Louis Nguyen
    My Sophos FW XGS2300 port forwording not working for a new port in the past 7days ago, the older port forwording still work normal. Please help me how to check and troubleshoot about this problem. My NAT and rule as pic below. Many thanks for support…
    • Answered
    • 4 months ago
    • Sophos Firewall
    • Discussions
  • IPv6 PD and v20.0.2 MR-2

    rfcat_vk
    rfcat_vk
    Hi folks, a couple of days ago my network was downgraded/upgraded from 1000/50 to 250/100, all very good. The IP4 address is now static assigned by the RSP DHCP servers. After a number attempts for over an hour and logging a fault with the RSP, investigation…
    • Answered
    • 4 months ago
    • Sophos Firewall
    • Discussions
  • Maximum number of IP aliases per interface?

    Jaroslav Faldik
    Jaroslav Faldik
    Hi, Is there a limit to the number of IP aliases per interface?
    • Answered
    • 4 months ago
    • Sophos Firewall
    • Discussions
  • SAP system not accessible after deploying SOPHOS firewall

    Anesu Dangarembwa
    Anesu Dangarembwa
    Good day We have deployed a Sophos firewall on a network, there was a cisco router and we have replaced the cisco router. After deploying the firewall the SAP system is not accessible on the local area network .. We have a SAP server in the LAN…
    • Answered
    • 4 months ago
    • Sophos Firewall
    • Discussions
  • Need help with routing LAN to WAN

    Alain Mirval
    Alain Mirval
    Do you have an article to help better understand routing on Sophos Firewall? I want my LAN to communicate with my WAN.
    • 4 months ago
    • Sophos Firewall
    • Discussions
  • Couldn't delete user. A firewall rule, VPN connection, web policy rule, or SSL/TLS inspection rule exists for this user.

    Sophos User2968
    Sophos User2968
    Our company own a sophos firewall xgs ( XGS3300), I try to delete user from 'Authentication' page but it failed, i able to disable the user account, but unable delete the user account. but some account i able to delete. i appreciate if there is…
    • Answered
    • 4 months ago
    • Sophos Firewall
    • Discussions
  • UTM DNS > Global > Allowed Networks -- how to reproduce in SFOS?

    KrisJacobs
    KrisJacobs
    I am working on migrating functionality from UTM to SFOS on XGS3300 hardware. This organization subscribes to this DNS filtering service: https://www.cisecurity.org/ms-isac/services/mdbr In the UTM, it was easy to bottleneck DNS queries so they are…
    • 4 months ago
    • Sophos Firewall
    • Discussions
<>