• Cannot ping specific subnet Gateway on new LAN

    Rui Jacome
    Rui Jacome
    Hello all, We are in a migration process to a new LAN installed, on our building, moving from a Ubiquiti Unifi Network, to a FULL HPE Aruba Network. For now we would like the old equipments, to contact the new equipments on the NEW LAN, before we…
    • over 3 years ago
    • Sophos Firewall
    • Discussions
  • SOPHOS XG86 Issue with SDWAN Routing

    Rodney Altamera
    Rodney Altamera
    Hi to all Sophos Experts! I would like to share my experience with my SOPHOS XG86 Firewall. I tried to create a new firewall policy after updating the firmware to v18. I did some test and I encountered a weird issue with routing wherein when I selected…
    • over 3 years ago
    • Sophos Firewall
    • Discussions
  • SD-WAN / VLAN Routing issue

    Hugh Herron
    Hugh Herron
    I've been having an issue with V18 MR-4 for some time now and really can't seem to figure it out. I have a workstation 172.30.30.104 attempting to ping a printer 172.20.20.30. As you can see in the capture below, the ping reaches the printer and it attempts…
    • over 3 years ago
    • Sophos Firewall
    • Discussions
  • Log file filling up quickly

    Tim Hall
    Tim Hall
    In under a 24 period I have a logfile that fills up with this message: 2021:02:18-09:51:17 ast-thr-utm-001 httpproxy[16699]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="CONNECT" srcip="172.17.17.2…
    • over 3 years ago
    • UTM Firewall
    • General Discussion
  • unclear XG routing decision

    LHerzog
    LHerzog
    We notice a strange routing decision of the XG to networks not routed by the XG itself. This traffic is forwarded to an IP address I cannot find any routes to. Also the XG does not even have an IP address in the network range of that IP address. If…
    • over 3 years ago
    • Sophos Firewall
    • Discussions
  • Routing Process / priority - Multipath Rules, Policy Route, IPsec Routes...

    usec-dz
    usec-dz
    Hi folks, I try to grasp how Sophos UTM handles routing and found this image on Rulz (from BALFSON): /cfs-file/__key/communityserver-discussions-components-files/51/4087.iptables-sequence.JPG Unfortunately, it doesn't tell me clearly what is the…
    • over 3 years ago
    • UTM Firewall
    • General Discussion
  • WebGUI unreachable in Bridge mode after adding bypass-stateful-firewall rule

    Soulaiman Alhauari
    Soulaiman Alhauari
    Dear, I'm evalutaing Sophos XG Home in Bridge mode. This is on a virtual appliance. I have experience with Pfsense, Palo Alto, Fortinet and Untangle firewalls. My home network has a pair of Cisco ISR G2 (3925E) routers in HSRP, each connected…
    • over 3 years ago
    • Sophos Firewall
    • Discussions
  • Huge Spike in CPU? - fqdnd service DEAD?

    yesandno
    yesandno
    Can someone please help me! I have been having issues lately with my Sophos XG 330 rev.2 Firewall. First off I have had a complete system crash where I had to completely re-install firmware (the system reboots to "fail safe mode") Next I keep randomly…
    • over 3 years ago
    • Sophos Firewall
    • Discussions
  • XG Firewall 135 Networking / Routing question

    vampielgod
    vampielgod
    Dear all experts, Not sure whether am i in the correct place to ask this question. As below diagram, i have a layer 2 Switch (Switch A) connected to the XG 135 firewall. My boss has got another layer 2 Switch (Switch B), he intended to create…
    • Answered
    • over 3 years ago
    • Sophos Firewall
    • Discussions
  • UTM 9.7 SSL - SSL VPN allows Local Network Access when only Internet IPv4 is configured

    thehihatchi
    thehihatchi
    Hi Guys, I'm running the latest UTM 9 (version 9.705-3). I have the following configuration: LAN 1: 10.10.1.0/24 LAN 2: 10.10.2.0/24 SSL VPN Pool: 10.10.3.0/24 Everything works fine. I can log in with VPN users and they get allocated an IP address…
    • Answered
    • over 3 years ago
    • UTM Firewall
    • General Discussion
  • What is the best approach for a home lab user

    biloo badshaa
    biloo badshaa
    Hello I am a home user with a big family and an IT person who likes to play with technology own site https://brokescholar.com/ I stumbled on Sophos because I wanted something with good DPi and Web filtering. I ended up installing Sophos XG 18 and…
    • Answered
    • over 3 years ago
    • Sophos Firewall
    • Discussions
  • Set firewall rule correctly

    Fikret
    Fikret
    Hello dear members, quick question. I would like from A > Any > B also back again B > Any > A Explanation: I would like to be able to reach e.g. with my notebook A the notebook B by Ping and also vice versa. The aktiv Rule: At source it says:…
    • Answered
    • over 3 years ago
    • UTM Firewall
    • Network Protection: Firewall, NAT, QoS, & IPS
  • Firewall-Regel richtig einstellen

    Fikret
    Fikret
    Hallo liebe Mitglieder, kurze Frage. Ich möchte von A > Any > B auch wieder zurück B > Any > A Erklärung: Ich möchte zB. Mit meinem Notebook A das Notebook B per Ping erreichen können und auch umgekehrt. Meine Frage: Richte ich das beidseitig…
    • Answered
    • over 3 years ago
    • UTM Firewall
    • German Forum
  • question about XG 310 load balancing

    EEVW
    EEVW
    We have 3 lines Line A: - has a fixed public Ip - is needed for authentication with MS services (Exchange365 and others). Certain requests to MS have to be initiated over this fixed Ip - is part of a VPN - has the lowest bandwidth Line B and C - have…
    • Answered
    • over 3 years ago
    • Sophos Firewall
    • Discussions
  • Routing qestion

    BBPromotion
    BBPromotion
    Hello, short question. I am fairly new to Sophos XG. I come from Sonicwalls and I am trying to enter a normal route where traffic from Any source going to LAN 192.168.1.0/24 should go through a certain gateway (Coreswitch). The normal static routing…
    • over 3 years ago
    • Sophos Firewall
    • Discussions
  • Route specific websites over IPsec tunnel

    Arslan Khalid
    Arslan Khalid
    Im using XG Xtream SFOS 18.0.4 MR-4.I've successfully configured site-to-site IPsec tunnel. Im able to ping other no issue. Now i want to know how i can route specific websites over the tunnel to other point. Like facebook, Google and Instagram traffic…
    • over 3 years ago
    • Sophos Firewall
    • Discussions
  • How route all internet traffic via S2S IP-SEC vpn from Branch (Sophos-CR25ing) to HQ (Palo Alto)

    Mr Prince
    Mr Prince
    Hi, I am running IP-sec s2s vpn between branch(Sophos- CR25ING, XG v17.5 ) to HQ (Palo Alto-5220), vpn established and working fine. for better security and filter, we need all traffic should be routed through HQ, how can we achieve this? I have…
    • over 3 years ago
    • Sophos Firewall
    • Discussions
  • Sophos XG WLAN im entfernten Standort über entferne XG managen?

    XGuser123
    XGuser123
    Hallo zusammen, mal eine Frage zur Infrastruktur eines WLAN über Sophos XG. Wir setzen im Hauptstandort eine Sophos XG 310 mit diversen AccessPoints ein. Über eine MPLS-Strecke ist ein entfernter Standort angebunden, der zentrale Internetausstieg…
    • over 3 years ago
    • UTM Firewall
    • German Forum
  • Pass specific websites over IPSec tunnel : SOPHOS UTM 9

    Arslan Khalid
    Arslan Khalid
    I`ve client who wants to route specific websites over IPsec tunnel connecting to Mikrotik router. I have done this on Mikrotik routers and its pretty simple there but in Sophos UTM 9 it seems like there is something specific that is required but im missing…
    • Answered
    • over 3 years ago
    • UTM Firewall
    • Network Protection: Firewall, NAT, QoS, & IPS
  • Assuring IPSec site-2-site tunnels use a certain WAN interface from Uplink Balancing

    ChrisSoukup
    ChrisSoukup
    I'm currently using Uplink Balancing with one active WAN (WAN1) and one standby WAN (WAN-BAK) interface for failover. I have prepared a WAN2 interface (to another ISP) and would like to add it to active interfaces in order to provide a smooth transition…
    • Answered
    • over 3 years ago
    • UTM Firewall
    • General Discussion
  • Sophos XG Tunnel Interface vpn to Azure

    Davox1
    Davox1
    I am working on a project and was wondering if it is possible to create Sophos IPsec Tunnel interface to connect to Azure VPN tunnel interface. Basically Route based VPN to azure.
    • Answered
    • over 3 years ago
    • Sophos Firewall
    • Discussions
  • SMTP - Restrict In and Outgoing Traffic to dedicated Interfaces/IPs

    GernotMeyer
    GernotMeyer
    Hi all, we have couple XGs in place (18.3 and 18.4). Each with multiple WAN lines and each line has different IPs. When using Mail on XG: How to restrict mail traffic (In- and outbound) to dedicated Lines and IPs? Thanks for hints Gernot
    • Answered
    • over 3 years ago
    • Sophos Firewall
    • Discussions
  • IPSEC Site-to-site routing with multiple subnets not working

    Ed Radza
    Ed Radza
    I have a UTM version 9.705-3 with two subnets, LAN 192.168.100.0/24 on eth0 and WIFI 192.168.200.0/24 on eth2 that are connecting via IPSEC site-to-site VPN to a FortiGate appliance with hundreds of subnets. so I've configured the remote network on the…
    • over 4 years ago
    • UTM Firewall
    • VPN: Site to Site and Remote Access
  • Can ping devices on VLAN from the gateway, can't access from the subnet on the main interface.

    Gage C
    Gage C
    Hey there, I set up two VLANs. VLAN 3 and VLAN 4. I can ping the gateway for both of the IPs, but can't ping all the IPs on them from the main subnet on the interface that the VLANs were created on. The difference is, the gateway and cisco switch everything…
    • over 4 years ago
    • Sophos Firewall
    • Discussions
  • IPsec with IPv6 only tunnel to UTM with one-sided routing problems

    JanZa
    JanZa
    Hello Community, I have a strange problem. I have a successfully established IPsec connection between an UTM and a XG firewall. Both products have the latest firmware: UTM with 9.705-3 and the XG with SFOS 18.0.3 MR-3. The IPsec connection is established…
    • Answered
    • over 4 years ago
    • Sophos Firewall
    • Discussions
<>