Hey there! Simple (and maybe stupid) question: If I have a network like this: WAN | PPPoE Router (192.168.1.1) | (192.168.1.10) (Zone: WAN, Default gateway 192.168.1.1) Sophos XG (192.168.5.1) (Zone: LAN) | LAN (All IPs are with /24 subnet mask…

Hello all 2 part question, We have 2 WAN connections on our UTM with uplink balancing enabled and at the moment all traffic had been configured to go through only one of the interfaces (don't ask, I didn't create this :)). I'm finding that our hypervisor…

Hello community, Recently i was asked to migrate an existint configuration from a router to XG firewall and here is the scenario : an application running in my local server with the name : transmission.local.co IP@ is 192.168.62.11 DNS serve r…

Hello guys, I have a weird routing problem and don't know how to configure routing probably to solve it. First of all, I'm the administrator of a company which uses a Sophos SG 135 with Sophos UTM 9.707-5 firmware. The firmware is up to date. To…

Edit: Don't think this is possible with the limited ospf functionality of UTM. BGP most likely will be the answer.

Why does the XG210, for the purposes of configuring a static route, require a different Gateway IP address from the VLAN Interface IP address? Trying to get my head around to understanding this static routing thingy on the XG210.

Hi I am using Sophos XG115 as the firewall and i do have a layer 3 switch (Unifi 8 port POE 60W switch) which leverages VLANS created & tagged at XG115. Users in different VLANs want to connect to devices (e.g. Network Printer and Network Attached…

Hi, I am sure this is something that is really easy to fix but I seem to be having some issues with the IPsec (Remote Access) setup. I have followed a detailed setup guide and while I can connect OK, once connected I cannot seem to ping anything on…

Ich habe ein Problem mit meiner Sophos SG-125 mit UTM9: Es gibt ein internes Netzwerk 192.168.0.0/24 und via Site-2-Site-VPN ist ein externes Netzwerk 172.31.0.0/16 in AWS angebunden. Alles funktioniert perfekt. Geräte aus dem internen Netz erreichen…

Hi! Running an SSG330. I have a strange situation and I am a bit at my wits end. I have a subnet attached to a VLAN interface, which is applied on the Sophos LAN interface. I have setup masquerading for this subnet to the SSG330's External interface…

I have a server at site B that has been relocated to site A. Workstations at site A are still pointing to what used to be the server's internal IP at site A, 2.2.2.2. I have built an IPSec tunnel interface between the two sites with respective static…

Hi, So i have the following Problem: On Site A i have a XG v18 with 2 WAN Interfaces, a client network (192.168.166.0/24) and a VoiP Network (192.168.168.0/24). WAN-1 is the default WAN and with SD-WAN routing all traffic coming from the VoiP Network…

Here is my setup: Home Network (192.168.0.0/24) ——> Router(192.168.0.1) ——> Internet Windows 10 Host running Vmware workstation Sophos UTM is installed successfully in Vmware workstation with two NIC’s NIC 1 = Connected to Bridge network in vmware…

This is hopefully a simple question... how does one undo the Asymmetric Routing commands as illustrated here: Avoid Asymmetric Routing in Cyberoam (sophos.com) Yeah, the article is for Cyberoam but applies to XG as well. Thanks in advance!

Hi all, I'm writing after a v17 to v18 migration, I have read and watched Sophos videos and I'm starting to get an idea of the main changes in the traffic management rules BUT, I wanted to be sure that I'm not missing something in the "concept" and…

Hello, I've got a strange problem to get a connection between a VPN IPSEC Client to a single device (IP-Camera) that is connected to the LAN. The XG-Firewall is running the DHCP- and DNS-Server. What I've noticed is that the camera lacks a "client…

I am working to setup a firewall and facing strange issue. The configuration is as follows: Firewall and Other Servers are hosted in subnet: 172.16.100.x Clients are hosted in various subnets like 192.168.x.x, 10.10.10.x Top Firewall rule is to…

I decided to complicate my life (further) by switching my home-office/lab from a workgroup to a domain environment. I have both local and remote web servers and email servers. The Sophos UTM is currently acting as my DNS and DHCP servers. I am also using…

Nth

HI I am trying to ping from Sophos LAN router block of 192.168.11.0/24 to 172.16.1.0/24 to 172.16.1.253 machine of the servers in AWS Ec2 instance. IPSEC is showing up, but Tunnel on AWS side is showing down. Sophos firewall sits behind the ISP router…

I realise i should probably looking to the VOIP phone support people, believe me i am on it, but after a recent firmware upgrade of an LG iPECS system what was previously working fine now works intermittently throuhg our Sophos SG UTM. Callers can't be…

Hi all, maybe a stupid question, but i'm struggling here... Our company has got their own domain let's call it: *.yummy.eat, now we've got an external partner hosting a subdomain, let's call it meat.yummy.eat From outside the company network, meat…

Hi, Following configuration: Port1 192.168.0.251/24 Port1.200 192.168.0.9/24 Testing the traffic: In my opinion, the traceroute should use 192.168.0.251 as first hop. But it uses the 192.168.0.253 witch is the MPLS router. We can't reach…

Hallo Community, ich habe eine Frage zu einem Szenario was ich gerne aufbauen würde und wollte wissen ob und wie ich das am besten umsetzen könnte. Der Server1 (10.132.0.17) soll den Server2 (10.30.0.3) erreichen und dafür bitte die Route über 10…

I am trying to access the web management interface to my ESXi physical host. I think something like a rule needs to be setup so that I can access it. It has a static IP address of 192.168.1.115 My firewall has an internal IP address of 192.168.1…