Hi all, I have a XG135 firewall and several RED devices, I also have several devices from Ubiquiti (UNVR and CloudKeys) and they are causing problems. Ubiquiti support keeps telling me that I need to allow access on UDP port 123 which they use for NTP…

Hi, I’m using a third-party threat feed with Sophos and under the impression that it should provide WAN to LAN protection. However, I’ve conducted a test and observed unexpected behavior. Here’s what I did: Created a custom text file list containing…

Dear all, I am facing a problem that my WAN Port always showing RED and i could not ping the WAN Gateway. At the same time, the same line with the same Static ip address is working in my laptop / nearby desktop without any problem. Kindly let…

I have the latest Sophos Firewall Software Home 20 installed on my mini pc as well as on old XG 135w router and on both devices I experience issue with no DHCP reply for Wifi what using VLAN. - I have tested Unifi and Zyxel AP same issue - I have directly…

Hello, Since the XG Firewall does not have countries for IPv6, I have created my own countries based on published IPv6 address ranges which can be found here https://www.ipdeny.com/ I created a LAN to WAN rule to block access to a country and a WAN…

Hi all, I created a new alias interface but missed on digit, so the address doesn´t belong to a existing interface configuration. Now I cant delete that alias because its not showing up in gui. Is there a way do get rid of that alias via console?

Apologies I know it's been mentioned before, but I'm in the process of moving from pfsense + to XG Home. Got a variety of loose ends to sort out and DNS over TLS is one of them. Is this forthcoming within the v21 release cycle? I'm sorting Wireguard…

I’m in the process of getting Sophos XG Home as an alternative to pfsense. I’m 90% there, but is there a way to do DNS Rebinding, particularly for plex? i don’t want to open ports as I accessed everything via a VPN with pfsense and it worked perfectly…

Hello, Need your recommendations, we want to implement a SFTP server to exchange data from and to one of external partners. I am planning to add the server to DMZ group and just restrict FTP protocol to it. Create a NAT rule also i want to force the…

I have a customer who has 4 Sophos Switches and 1 Sophos Firewall. He intends to connect them in a ring with Firewall as a Gateway. So here is the planned setup: Sophos XGS Firewall as Gateway with 2 interfaces as bridge mode: Port 1 Bridge Mode on…

Hello, it seems I have missed something, on all my firewalls "cloud application list" is just empty. Application control is being populated but the cloud part has nothing in list or graphs. Would anyone be so kind to advise? All are XGS 107 with…

Hi all, We are having a few problems with our VOIP phones. I believe it may be to the firewall, but I not 100% sure. I need to allow an IP address range and some ports. I have created a firewall rule, but I cannot see that any traffic being logged…

Hi, I need to set up my v20 OS firewall in active-passive mode. I've already done some configuration, but I'm facing issues with automatic failover due to using "Any" in the NAT rule. Can you provide a straightforward solution using SD-WAN or WAN Link…

Hello everyone, I am attempting to redirect all requests made to 192.168.10.5 to 172.16.10.5. The VPN is working properly on both sides. Sophos XGS: DNAT Through Routed VPN Details: #VPN Working 100% LOCAL-LAN: 192.168.10.0/24 (Sophos) REMOTE…

Hello Team, i have a problem in this scenario. I have configured: LAN1: (Physical interface) 192.168.1.1 LAN1:0 (Alias Virtual Interface) 192.168.1.242 LAN1:1 (Alias Virtual Interface) 192.168.1.241 ISP1: (Configured on WAN Physical interface…

I got a Sophos XGS126 on a customer site and I need to configure 7 IP TVs. I need assistant to configure those TVs. Since the TVs using multicast addresses is it possible to configure these without multicast addresses because ISP said that configure TVs…

Hello, everyone. I created a DNAT rule. I receive the communication on the local interface at the SFW's IP address on the LAN and translate it to another destination that is remote on the VPN. I force a SNAT with the SFW's IP address that is assigned…

Hello, One of our clients has asked us to block communication to Tor Exit Nodes, in the Applications and Web options in the Sophos XGS firewall I can only see things related to TOR VPN, TOR PROXY and TOR2WEB or whatever... But I cannot see anything…

Hello community, I am currently working on a SG to XGS migration for one of our customers. The customer had a bunch of local firewall users. Many users have alias email addresses configured on the SG firewall. Unfortunately, I am not sure how…

I have a few subnets, and all of them have a dhcp server/pool range for specific range. A few of them have a IP reservation (bind mac to IP address). The error/strange behavior I get is if the MAC address is in list for reservation in any of the dhcp…

Good evening, Back testing XG Home, does v21 support hardware acceleration for IPsec and SSL VPN tunnels? I have XG Home installed on a XG230 R2 at mo, I have a XG135 R3 that has pfsense + on it atm, so pending successful testing, planning on dropping…

hello, The last two days, we've been receiving an http virus mail from sophos firewall with the following message, (Malware 'Unscannable' was detected and blocked in a download from acroipm2.adobe.com). what we had done so far, full scan launched…

Hi. I've been battling this for days and finally decided to post it here and seek help. I've pfSense as the main router and Sophos XG is in bridge mode (for application filtering purposes). There's 1x VLAN involved. The DHCP works fine for the main…

We have several XG firewalls reporting this. Other layers in the defense report nothing. Endpoints are a mix of Defender/Huntress and also Sophos MDR. All scans are clean. Anyone else seeing this particular alert regarding the FQDN from Adobe? Alert…

Hi, I've got the following case: HA XGS3300 Three WAN connectinons P2 ISP 1 P4 ISP 1 P6 ISP 2 P2 and P4 are BGP. P6 is stand alone. All internet connections are working. When configuring SNAT and or SD-WAN all traffic for WAN is over…