Apologies if this has already been covered. Sophos XG Firewall (Home Edition) SFVH (SFOS 19.5.1 MR-1-Build278) I have 5 public static IP addresses provided by my ISP. I have a single gateway address of xxx.xxx.xxx.9 I have a single WAN port which has…

Hie Guys, so im try to configure failover using ospf and a static route that uses a different link . so ospf works fine, when the destination network is not reachable the route is removed etc. but when i configure the static route with an administrative…

Hi. I use a XG with 19.5.1 MR-1-Build278 Firmware.I have a strange behavior. Today, we can't ping our servers located at a "site to site vpn" branch office. By now, all I can tell is, that the specific static route gets ignored. I see it on the web…

Hi! I have created an SD-WAN policy so that the devices of a VLAN go out to the Internet through a specific WAN line. It works. However, the devices of said vlan can no longer access to a device of another vlan when before the sd-wan rule they could…

Hello, hope all of you are ok. I need help with something. I have 2 sophos, XG310 and XG210, on firmware 19.5.0. Both are in a buildings complex and share a LAN segment. One has GW 10.10.10.1, now Sophos 1 and the other one has GW 10.10.10.2 now Sophos…

Hi Team, We encountered a problem wherein customer needs the following: 1. Head Office will route their internet connection to Branch Office once they experience no internet on the site. 2. Vice versa, Branch office should route their internet connection…

Hello Community, We want to create a SD-WAN Route for WAN traffic and Internal Traffic to Data-Center. Currently we have Branch location connected to Data-Center on IPSec Tunnel created with xfrm interface and BGP for failover. Now few of our key…

Hi all, currently i am struggeling with the concept for a customer with more then 20 sites/branch offices. Current setup is with RED-Devices, but the performance and stability is really bad, so we are thinking about using firewalls instead of red…

Hello, i have issue with v19.5 , i have server in DMZ zone there's a connection between the server the other in other subnet and i made a rule for this, and working fine, and there's rule LAN TO WAN for this server , the problem is when i create SD…

Good day Team l have just deployed a firewall XGS 2300 The network has 5 branches which are connected using GRE Tunnels. The communication from branches to HQ is working fine. We have a problem with the communication from one branch office to another…

I need to route a single host through a WAN that is not the default wan. In the previous firmware version I just had to create a firewall rule and specify the gateway, but now...I'm lost. I've followed this article Sophos Firewall v19: How to Choose…

Hi Guys, This is our network setup. We have couple of websites and Microsoft Direct Access server sitting on our LAN to access resources from outside . Currently we have PFSence box and all working without any issue. With Sophos no luck. I appreciate…

Since upgrading the firmware version, a couple of devices have been blocked from sending traffic between the subnet 192.168.1.0 and 192.168.2.0. I have set up rules to allow traffic to and from the devices but still unable to ping. the device in…

Hi There, i started today with the XG on virtual environment (ESXi7). I set up a statc route for external additional Network using by a health service. I add an rule who allows to forward the traffic to this specific network via an internal router…

Hi, We have 2 Wan Ports with load balancing. We would like for specific websites to go through port WAN2 but all other traffic (other websites) to use the load balancing ratio we have set up. Sophos XG 135 V19.

I'm having issues getting a static route or SD-WAN route to work on my XGS 116 (19.5 MR1 firmware). I am in the process of replacing aging SonicWall devices with Sophos and it's mostly going ok, except for this issue. The network layout is fairly simple…

Apologies for my poor understanding on routers and English language. XG210 19.0.0 GA-Build317 We have 3 public IP address ranges from 3 ISPs assigned to 3 WAN ports. Is it possible to reach our ISP-1's IP address range via ISP-2, ISP-3 WAN when…

While I have been configuring a Sophos Firewall, ran in a strange issue. I setup a SDWAN rule to load balance between 2 ISP links. As soon as the policy is saved, I lost access to the Firewall. I am able to access Internet through the Firewall and the…

Hi guys.. I'm with problems to propagate networks through BGP with Azure ExpressRoute The connection is established, but I keep receiving these BFD logs from Azure: There is any command to solve this? The firewall is on version SFOS…

Hello dear community friends! Next, I created vpns tunnels using SD-WAN routes between the DataCenter and the Branch as shown in the image below. Both firewalls are version 19.5.0 GA-Build197 Note: They are currently disabled, as I returned to vpn for…

Hello Everybody I have a new problem with my installed Sophos Firewall Firewall XG115 (SFOS 19.0.1 MR-1-Build365) LAN Subnet:192.168.200.0 Mask:255.255.255.0 GW:192.168.200.1 VLAN 10.20.1.0 Mask:255.255.255.0 GW:10.20.1.1 To be able to configure…

XG86 Firewall v19.0MR1 TLDR: When i enable SD-Wan for a certain zone to use differente Gateway all other rules on that zone is ignored I have 2 Zone and 2 Wan. First LAN zone use ISP1 and ISP2 as a backup For the Second Zone i need ISP2 default and ISP1…

I have 3 sites (A, B, and C). Site A: 172.16.16.0/24 Site B: 192.168.1.0/24 Site C: 10.23.1.0/24 Site A and B are both Sophos XG firewalls configured with a route based IPSec tunnel interface between each other Site C is remote and is outside our…

Hi, I'm experiencing a strange issue with the SDWAN routing engine. I have 2 Sophos XG connected via route-based ipsec (xfrm interfaces) and using SDWAN rules for the routing decision. The XG located at the branch office route traffic, using a SDWAN…

Hi all, I am in the optics and the reflection to start the project of segmentation of my local network. i have xg 330 as edge firewall Si i think about to methods, go with L3 switch for inter-vlan routing or don't make L3 switch and do all the segmentation…