I have noticed, that recently the WAF & E-Mail Features are disappeared in the Firewall Sizing Calculator. So my customer thought to buy a Sophos Firewall, but we are not sure, if the WAF is near EoL, like the E-Mail Module where Sophos forces you…

I have to create a user with username equal to mailadrres ( name@domin.com ) Purpose is to use this user to authenticate with a login form with passthrough in a WAF rule. When i try to authenticate nothing happens, when i authenticate with a username…

We have an XG310. We are currently migrating our Exchange server from 2013 to 2019. I am trying to figure out how to change our firewall rule for OWA to point to the new server. I go under "Rules and policies", IPv4 and we have a rule created for OWA…

Hello Community, my name is David Lorenz and i have a problem with the WAF from our customer. They use Exchange 2019 on prem. and users from a branch office in egypt have connectionproblems. I already have set some exclusions in the rules because…

Hello everyone I have a Synology NAS behind a Sophos firewall (WAF). On this server is Synology Drive which provides a Cloud Infrastructure. Sadly I cannot upload anything over 1 GB which is problematic. Internally without the WAF it works. The issue…

I am new to Sophos firewall, I just deployed a virtual Sophos XG firewall in an Azure virtual machine. Now I want to protect my webserver which is hosted on GoDaddy with the firewall's web server protection, Is it possible and if it is how do i go about…

Hello, once enebaled the following option reverse proxy does not work anymore. Cookie signing URLHardening tailf /log/reverseproxy.log [Mon Feb 06 22:15:41.552601 2023] [core:warn] [pid 13179:tid 140605555216064] AH00111: Config variable ${URLHardening_HTTP_Hostname…

Hello. I want to open Emby for external access. I want to put this on WAF. Emby is run on docker container. I want to be able to access it via https://stream.test.com , can this be done? To be able to use https, will generating a cert for stream.test…

Sophos FW v19.0.1 (Build 365) - With a Home LIcence Since upgrading to this version, I have had to WAF functionality, and there are no errors being shown in WebAdmin Going into the shell and looking at /logreverseproxy.log I can see the following: …

Good day everyone, I am having challenges enabling WAF. The website is using http and on normal dnat its accessible. The moment I create a WAF with HTTPS and disable dnat rules, i get a 403 forbidden error. May you kindly assist. Regards, …

Hello Sophos Community Using the latest firmware as of today (SFOS 19.5.0 GA-Build197) on Sophos Firewall, installed as a virtual appliance in Proxmox 7.3-4. It's a home license, on 4 virtual CPUs (host), and 6GB memory. I'm using the official qcow2…

Hi, I tried to configure a WAF rule that is using Port 8090, but on save I get the error message, that port 8090 is already in use. This is the Captive Portal Port. Is there any way to change Captive Portal Port or is there any solution to use it…

Disclaimer : This information is provided as-is for the benefit of the Community. Please contact Sophos Professional Services if you require assistance with your specific environment. Table of Contents Overview Log Viewer Firewall (Invalid…

Hi, i wish you all a happy new year, since we started using XGS2100 appliances with version SFOS 19.0.1 MR-1-Build365, have we noted some problem like Auto discover is blocked. i am trying to call the auto discover service but web application…

Im trying to find an explanation about metioned topics. But i cant find it in documentatnion, can someone point me where to Sophos is explaing it?

Hello, I have a VPN tunnel to another site, there is a web server that should be reached via a reverse proxy on the XG. The XG has an additional IP address (192.168.0.140) on the LAN interface (the LAN interface has IP 192.168.0.2). The IPSec tunnel…

Hello everyone, I have some questions and hope you can help: 1. We are publishing some web servers behind the firewall using WAF. There are some "Forbidden" messages and checking the Reverseproxy.log shows OWASP ModSecurity. As we can see only a simple…

Hello, I am running with Sophos XG210 (SFOS 19.0.1 MR-1-Build365) . There is Request Entity Too Large error is still existing when I download file larger than 1 MB from WAF protected website. Here's the error message. ========================…

Hi everyone! We are using a Sophos XGS2300 (SFOS 19.0.1 MR-1). We uploaded a pfx-certificate to the WAF which specifically included only the webserver certificate itself and its intermediate certificate. But, when we check the site with a tool like…

Good morning community, I have a problem with WAF after a migration from XG230 to XGS2300. It was a XG230 HA cluster which I disbanded before the backup and only backed up one firewall. I imported this backup into a new XGS2300 and again formed a…

I've got 2 web servers on different local IP. Both IIS. (x.x.x.7 and x.x.x.21) I've done 2 waf rules on firewall but i've got a DNAT on HTTP direct connect to 1 server (x.x.x.7) It is necessary have DNAT rules (loopback and reflexive also)? Infact…

Hello everybody, Is there anyone who has a step by step guide on making RDS Web and Gateway work using WAF rules. I have been trying to get this to work for more than a day now and I can't get it to work. My setup for now is RD Sessionhost, RDWeb…

Hi, we have a web server with a public IP. Let's say the IP is 123.123.10.1/28. The gateway of this server is a network interface of Sophos XG, lets say 123.123.10.14/28 (we are autonomous system, we have several public IPs). How can I protect the web…

Hi, I'm trying to use Web Application Firewall to protect web servers behind NAT. Currently I have configured firewall to accept HTTP traffic and forward it to internal server. So my question is, in case of WAF, is NAT required to exist or it's automatically…

Hello Everyone. I have a Sophos XG firewall with severals Web Server protected trought WAF. Eveything works fine. But I need to do a specific configuration : I have to block a specific path so that it can be access only trought an IP address (that…