Hello, At work I have a situation that Sophos Support has been unable to resolve. We use Addigy as our RMM for Apple devices, to have remote connections it uses Splashtop. We have not able able to add sufficient exceptions or maybe I am doing…

Hello Sophos Community, I got a Question about designing specific Rules for Applications that are very untransparent how they handle SSL Fingerprinting. Example: From: LAN Zone - From: Specific Host - With Application A (Application RULE 1) - To…

Hi all I am having difficulty troubleshooting a problem with a request from a mobile phone 2-factor authentication app being blocked by our XG firewall (XG125 SFOS 19.0.0 GA-Build317). To test this, I have created a new top-most firewall rule for…

Hi, today we're facing something new: issues when rolling out the Sophos Endpoint to Mac Books. Windows Endpoints: no problem. They fail to install. Workarounds like https://support.sophos.com/support/s/article/KB-000044045?language=en_US were unsuccessful…

Hi, I am seeing these errors in the log for some websites which tend to utilise tracking information, particularly those which utilise a CNAME record to point to another address. For example, the website t.myrenews.com.au is a CNAME that resolves…

I've continued this post in "Looking at awarrenhttp_access.log for FQDNs" as I was having problems doing that, and through that post I found a domain that pointed me in the right direction, but is still ongoing in trying to fix the issue with Parallels…

Hello, I would like to enable SSL decryption and I am hoping to have this rolled out before July. There is a mix of all kinds of devices: I think I handle certificate installation on most devices. I know I won't be able to do that on some devices…

I appreciate that other people have raised this issue before, but I am having problems with a specific IOT device trying to send a data packet to the cloud. This particular device (which reports the salt quantity in a water softener) causes the following…

Hello, I have an online portal from one of our partners which uses port 5443. The traffic to this site is being denied by application filter on account of "SSL Traffic over Non SSL Ports" Allowing this specific application under the category…

Good Day All, I need some advice regarding SSL\TLS inspection. I have decided to open\allow access to Reddit. With the appliance certificate installed one is able to browse to Reddit and all subreddits with no issues from what I can see. However…

We have 1 computer at a client that gets the following message: Your connection is not private. It points to www.googleadservices.com NET:ERR_CERT_AUTHORITY_INVALID When I look at the certificate, it says Issued to: www.googleadservices.com Issued…

Hello, I'm currently using SFOS 18.5.2 MR-2-Build380 I noticed the same thing in SFOS 18.5.1 MR-1-Build326 When using the new DPI engine (with or without decryption does not matter) I also see this on multiple devices with different OS (Windows, IOS,…

Hi, When downloading this: http:// plan.getsmartday.com (Needs to be done from Edge) The installer starts but get's cancelled during the download. I have tested on 3 sites all with Sophos Firewall 18.5.1, 18.5.2 and 19.0.0, all the same, disabled…

Hi, until last week i've used only the web proxy funcionality. Now i've configured the SSL/TLS Inspection and have a strange behavior. The Veeam Backup and Replication Server (Backup03 - in Backup-LAN) can backup the ESX-Server in LAN. But the Veeam…

Hi All I am facing a strange error whereby there are no logs in the SSL/TLS inspection even though it SSL inspection is enabled and sophos is MiM the tls traffic. SSL Traffic is sucesfully decrypted on the end client using a custom CA. Logging in enabled…

I would not expect this on a Sophos machine: 2021-11-25 16:32:12SSL/TLS inspectionmessageid="19017" log_type="SSL" log_component="SSL" log_subtype="Error" severity="Information" user="me" src_ip="xxxxxxxx" dst_ip="23.36.239.66" user_group="xxxxxx…

Hello all, first of all our config: XG210 HA (SFOS 18.5.1 MR-1 build326). We currently have the following problem: Web Proxy off, DPI on: good performance, no noticeable limitations except for one application. The application is called WRIKE and is…

Hi to all, I'm pretty new with Sophos XG Firewall. I have a networked printer via LAN that needs to communicate with the outside to send status reports to the control panel via SSL. Is there a way to allow this on the firewall? My idea is to create a…

This is bad? Why can't my xgs decrypt all traffic?

I have a XG running 18.5.1 MR1. This XG has 2 physical interface bridged together with multiple VLANs. Each of these connections go to a managed switch via said Bridged(Trunk) connections. I have a Server in VLAN 5 that is connect to one switch…

Firewall (Sophos XG Home) SFVH (SFOS 18.5.1 MR-1-Build326) I cannot get HBOmax app to launch on any of my Roku devices. Roku TV, Roku Ultra, Roku stick. I am able to launch the HBOmax app on my android tv (although I've had other odd issues on it, ie…

Hi community I have a web policy that blocks particular urls of which youtube is a part. The concern that I cannot properly block the youtube.com site on my network when I use the DPI filtering mode. The site is inaccessible but the notification returned…

Hello everybody. Is the following statement true for XGS series products? SonicWall DPI-SSL scans all SSL/TLS traffic to decrypt, inspect, detect and mitigate hidden cyber attacks. Sophos has Proxy-based SSL decryption only on port 443.

Hello, I have noticed something I didn't expect and wonder if I misunderstood something or my firewall is "misbehaving". To decrypt HTTPS traffic I have to enable "Scan HTTP and decrypted HTTPS"... ... and need a TLS Inspection rule that decrypts…

hello, if we are using the dpi engine instead of the web proxy and in a firewall rule we have set a web policy to block gambling for example and someone hits a gambling site if using the dpi engine will they they be redirected to the custom block…