Hello all, I have several firewalls claimed on Sophos Central and SD-WAN connection groups among them. One of the branches will be without power for about two weeks, so the firewalls and tunnels to this branch will be offline. Is there a way to…

Hello everyone I am struggeling with the following: The customer has microtik router that connects via wireguard VPN to a remote Windows Server in a Datacentre. The Microtik router is the VPN Client, the Windows Server is the VPN Server. The employees…

This isn´t really a question but rather some strange behavior I ran into when updating a customer´s RED-Devices from v3.0.008 to v3.0.009. Environment: - Sophos XG2300 running SFOS 20.0.0 GA-Build222 - Multiple RED20 and RED60 Devices (6 total)…

1. We have a 2 XGS connected via a private ISP fiber and the interfaces are LAN / GIG. 2. For resiliency we have a IPsec Tunnel interface between the same, using a disparate ISPs at each location VPN/GIG. We have been using OSPF for all of our routing…

Servus zusammen, ich bin gerade dabei, eine Sophos SG230 auf eine XGS2300 zu migrieren. Auf der SG230 hatte ich eine Gateway-Route konfiguriert, bei der diverse Zielnetzwerke in einer Netzwerkgruppe zusammengefasst und zu einem Core-Switch geroutet…

When I add a startic route, I lose connectivity to devices connected on the other side of the site to site vpn yet the connection status of the vpn remains connected

Hello guys Fiber Interlink Network 1 should be able to communicate to network 2 through the fiber link Please assist in configuring

I wanted to understand how does Sophos firewall measure Latency, Jitter and Packet loss. Is it measuring these metrics between the firewall and the WAN gateway or between the firewall and an external endpoint, if it's the second case then what is this…

Hello everyone, I've searched quite a bit in the Sophos Firewall and i've turned up nothing. Where do i configure MD5 authentication for OSPF? I do not mean enable MD5 authentication. I'm asking where i go to set the Message Digest Key and password…

We have 2 firewalls at the main office in an active-passive HA pair. We just purchased another smaller XGS 107 to be used at a remote branch as a start to our SD-WAN project (we are going to be purchasing more firewalls to add later, but want to use this…

Hello, we are using 2 xg firewalls and have connected them via a route based vpn tunnel. We then configured the routing via BGP. From the branch office we reach the servers at the main location via ping. However, if we want to reach a server in the…

I have 2 XG ver. 20 firewalls between 2 sites, both with Static public IP. There is a SDWAN route based VPN between the 2 sites, and it works perfect. the roude precedence is SDWAN, Static, VPN. I am trying to publish an internal server resource that…

Hello Sophos, today we received the information, that FRR has new CVEs: CVE-2024-31948 CVE-2024-31949 CVE-2024-31950 CVE-2024-31951 All versions <= 9.1 are affected, including version 8.4.2 on the Sophos firewalls. When will the update be provided…

Hallo, ich habe eine RED Site to Site Verbindung zwischen zwei Sophos XG Firewalls. Wie kann ich es realisieren, dass bestimmte FQDNs/Domains oder auch Öffentliche IPs dann nicht über das "normale" WAN Interface sondern über den RED Tunnel geroutet…

Hi, Two locations are connected with MPLS. Both locations have Sophos devices. In both locations, the servers and PCs behind sophos can ping each other and access each other. However, when we ping or trace the same ip addresses in the diagnostics…

Hi Team, I have created a network on layer 3 with a point to point connection from port 3 of my network to the layer 3, which ideally hold my internal network VLANS & devices. on port 3 i have the one IP, and on the switch i have another ip (point…

I have a primary and backup ISP, with the backup ISP being a cellular-based limited bandwidth plan. The purpose of the backup ISP is for my “critical” devices such as my home server which hosts my alarm system via Home Assistant (so I can still receive…

I have defined an ACL and applied it on an interface using distribute-list command. Now i want to delete the ACL. How can i do that? It is mentioned that i have to first remove it from the interface and then delete the acl.

I know this is me missing something, but I migrated my wifi configuration from a SG135w to a XGS136 a couple of month ago and I have only just noticed that its giving the wrong IP's for each of the 3 wifi networks. I cant figure out what extra I need…

Hello everyone, Today I am trying to deploy a network system running load balancing But I am currently stuck with a problem. That is, I cannot get the VLAN to use the correct internet line that I want. My idea: i want VLAN 50 and VLAN 70 to…

hi all, so on our sophos FW i have set up two SD Wans as we have 2 Wans, one for our main network (wan1) and another for our guest network (wan2) as we wanted them separated so there using different public ip addresses problem is i have a laptop going…

Hi, I have been trying to implement SMTP routing for inbound and outbound SMTP traffic over a GRE tunnel. I have another thread about this but I am having some trouble with the source of inbound SMTP traffic, becoming the destination? (screenshot below…

Hello Sophos. is the ffr routing on Sophos Firewalls affected by CVE-2024-27913? Thanks, Ben

Disclaimer: This information is provided as-is for the benefit of the Community. Please contact Sophos Professional Services if you require assistance with your specific environment. ______________________________________________________________________________________________________________________________________…

Hallo zusammen, wir würden gerne die UTM mit der XG austauschen. Da wir auf dem UTM eine Gateway-Route statisch definiert haben, stellt sich uns nun die Frage, wie und wo ist das auf der XG möglich? Vielen Dank für die Hilfe.