Since today we have been experiencing massive password spraying attacks on many Sophos firewalls, especially on the VPN portal, which listens to port 443. Apparently these are attacks from Russia with the IP 92.53.65.166. How can I create a rule to prevent…

Hello: I have a WAN port (Port 2) that is connected to our ISP with an IP block of 65.170.xxx.xxx/29. We have another block of IP addresses from the same provider at 63.162.xxx.xxx/29. Both come in thru the same ISP router (Cisco 4300). There are 4…

Hi all, can someone provide a hint, how to access a device where all LAN-Interfaces are "tagged" and "LAG"-ports? I've restored a migrated config and now the only untagged port is the WAN-port (can#t ping or access these port) I am able to access…

Hello, i need some help. I have a Branch Office wiht a XG125 and SFOS 20 MR1 up and running. Laptop connects over a APX320 AP and get a WiFi IP Address. Laptop was able to connect through Microsoft Always ON VPN (IKEv2) with UDP 500/4500 find to…

Hi community, While troubleshooting an issue with a webservice on an internal network I found out after a packet capture on both the client and the Sophos Firewall (unable to capture on the webservice device) that the Sophos Firewall captures packets…

Hello, I try@home to migrate from UTM zu SFOS. On the good old UTM there was only one LAN Interface. This was the gateway for some PCs. At the network configuration on the UTM, I configured the real-router-getway as gateway in this one UTM NIC. It…

Hello Community, I am currently in Poland setting up a second S2S tunnel and I am struggling with the fact that the xfrm interface of the tunnel cannot be found under the interface to which the tunnel is bound. What am I doing wrong? Attached are some…

Guten Morgen, wir haben die Sophos XGS136 im Einsatz und bisher gehen wir per DSL ins Internet. Hier ist der Port 2 dafür konfiguriert (siehe Screenshot). Jetzt bekommen wir nächste Woche Glasfaser. Wie muss ich den Port 2 ändern, damit ich nun…

Hello Community, I am facing a challenge in getting a rule to block social media and video hosting to work. I created an application filter and web policy to block all social media and video hosting. Created the rule and placed it at the top. It blocked…

Hi all, any hints to configure mobile WAN as backup line? wired WAN is default but when line is down mobile WAN should jump in place. Mobile WAN must be turned on or not? WWAN Interface must be to automatic or manual? Thanks for help …

Good morning. I have a problem in identifying which server makes requests to another when the requests arrive to a loopback to access internal servers when pointing to their public ip's. Example: server with ip 192.168.1.20 resolves DNS that points…

I have a dual WAN setup, for this example, I'll call them A and B. A is my primary WAN, and B is my failover backup WAN. A uses starlink, and B uses a local ISP. I use another app to monitor pings to my ISPs to see if they are up. Unfortunetly…

Hi, Can we enable botnet prevention on the SFOS firewall. Please provide any kind info related to this.

DHCP requests not routing over IPSEC This has nothing to do with v21.0. It is possible in v18.0. You just have to run a whole stack of CLI commands because the GUI is inadequate. A post by a Sophos staff member to a closed thread which no-one…

Hey there, How much of an impact to the internet speed does it make, if I create a new firewall exception? Since the firewall has to go through the entire ruleset, it should slow down every request a little bit. Is there an upper bound of…

Hi. RusDesk remote control app, suddenly can no longer connect to the network. I did some tests and I realized that if I bypass the Firewall (XGS 136 sfos 20), Rustdesk works perfectly. I have not implemented any rules to block it, so I suppose Sophos…

have created a new alias port (Port 5:0) on our Sophos XG 210 (SFOS 20.0.2 MR-2-Build378) and created a local host at internal IP of 10.0.0.71). I have also created a firewall rule to allow access to this host from several specified remote hosts that…

Dear Member I hope this message finds you well. I am currently encountering a significant amount of network traffic related to the Attack-FILE-IMAGE ImageMagick SyncExifProfile Out Of Bounds Array Indexing alert. the firewall ais detecting and dropping…

Hello: Yesterday I started seeing these IP_SPOOF violations from our remote site that is on the allowed list in the DNAT firewall rule. They are unable to connect or ping our DNAT devices setup behind the firewall. We can connect to them with out…

Hi Comcast has provided us with EDI service consisting of one /30 network to connect to the internet and a /25 for our additional Public IP addresses. One approach would be to use a basic router with one port connected to the /30 network and do a…

hi, we have webserver in LAN zone that server access through private IP address IN LAN zone. issue-Right now user in china and access webserver through Vpn but in china vpn not connected only indian sim with roaming will work.how to access webserver…

I have created a new vlan and dhcp on the XGS, configured the vlan on unifi wifi/switches, I am getting ip however I cannot get internet access. I don't want the vlan to access other vlans however I want computers inside the vlan to communicate with…

This was working a month or so ago, but the vendor has just now tried it again and it isn't working. The error is Violation Local_ACL.

Hello. I want to use 1 of the excess LAN ports on the firewall to give out ip address of 192.168.88.x to the pc connected to it. Currently, my firewall gives out ip address in the 192.168.1.x range. I first selected the port, assigned it to the LAN…

We use a block countries rule to control from where our user can connect to the VPN. We noticed two new entrys in the list this morning "Europe" and "Europe Continent" When we take either of them out regardless that Germany is allowed, is Germany…