• Web Proxy vs DPI

    SophosNewby
    SophosNewby
    Hi Everyone, I finally moved our XG over to version 18 yesterday and no hiccups. My question is I am wanting to get SSL/TLS Inspection setup correctly for our environment and I noticed when I toggled of SSL/TLS inspection->ON, it must automatically…
    • Answered
    • over 2 years ago
    • Sophos Firewall
    • Discussions
  • How often does Sophos check the accuracy of the geoip database?

    rfcat_vk
    rfcat_vk
    DHi folks, I was investigating an unknown country ip address and found that it belongs to cloudflase in the US. Cloudflare being like AWS etc as a large supplier is cloud servers I would think that the geoip database should be easily updated. If the…
    • over 2 years ago
    • Sophos Firewall
    • Discussions
  • HTTPS-Scanning some Website-Certs unvalid (expired)

    Mr.Roboto
    Mr.Roboto
    have a strange problem here with an XG cluster. On 07.06.22 there was a problem with the onsite NTP service. After the failure, which lasted about 5 minutes, some websites such as google.com can no longer be accessed in a browser because the certificate…
    • over 2 years ago
    • Sophos Firewall
    • Discussions
  • Software Agenda und Sophos XG ich komme nicht weiter

    Ralf Blüthner
    Ralf Blüthner
    Hallo, ich versuche gerade die Software AGENDA upzudaten, aber leider sagt mir die Software: keine Verbindung zum Internet...ich habe aber Internetverbindung. Die Beschreibung in der Agenda Hilfe ist auch nicht wirklich aussagekräftig: hier mal der…
    • over 2 years ago
    • Sophos Firewall
    • Discussions
  • Websites load slowly or not at all without Web-Proxy

    SM-ITM
    SM-ITM
    Hello, we have the problem that in general all websites load slowly and many others do not load at all. We use version 19 (SFV4C6 / 19.0.0-B317) as VM in Hyper-V. Here are some examples of websites that cannot be accessed at all: https://icloud…
    • over 2 years ago
    • Sophos Firewall
    • Discussions
  • Lots of "Invalid Traffic" being dropped to Office 365 servers.

    Kat Kilbane
    Kat Kilbane
    Hey folks! I have a XG firewall on 18.5.2. For the last year or so, we have been having trouble with random users being prompted to put their Outlook password in for the desktop app. I have been chalking it up to Microsoft being eh. But this week it has…
    • over 2 years ago
    • Sophos Firewall
    • Discussions
  • Security Features > Web Filtering - Best practice for BYOD Devices

    Daniel Hargrove
    Daniel Hargrove
    Hi. I am looking for some advise around the best practise for Web Filtering for a BYOD network. We have a seperate network setup on our XG for residents who connect their own devices which are mainly mobile devices. We have a firewall rule crated…
    • Answered
    • over 2 years ago
    • Sophos Firewall
    • Discussions
  • XG Firewall DPI

    Nikita Baranov
    Nikita Baranov
    Hello everyone, I was trying to enable DPI feature inside of the existing rule, however Malware scanning section is missing in my case. Please see screenshots attached for comparison.
    • over 2 years ago
    • Sophos Firewall
    • Discussions
  • Sophos XG Firewall - GEO Blocking is equal to Webfiltering?!

    Valvaris Sigma
    Valvaris Sigma
    Hello Sophos-Community, I own a Sophos XGS 126 [ SFOS 18.5.2 MR-2-Build380 ] and am happy with it. After tinkering with a few settings, I found something odd and wanted to ask if this is intended? (SSL Inspection = ON - DPI Engine Active - Added Rule…
    • Answered
    • over 2 years ago
    • Sophos Firewall
    • Discussions
  • How to disable the Capture Code on USER Portal and add the Company Logo?

    JanKellermann
    JanKellermann
    Hello, how can i disable the Capture Code on the User Portal Site and add our Company Logo? Regards, Jan
    • over 2 years ago
    • Sophos Firewall
    • Discussions
  • Roblox not working if "Use web proxy instead of DPI engine" is active

    ChriZathens
    ChriZathens
    Hello to all.. Seems like roblox got me into a rabbit hole Since I don't want to confuse you with a lot of stuff, long story short: Roblox is not working if "Use web proxy instead of DPI engine" is active.. The roblox website is being accesed without…
    • over 2 years ago
    • Sophos Firewall
    • Discussions
  • Policy Quota not working with DPI

    ChriZathens
    ChriZathens
    Hello! I set a web category (Games) to be accessible only for 1 hour per day. I run a policy test and I get the correct result: If I go to the firewall rule that has this policy and check the option "Use web proxy instead of DPI engine", all seem…
    • Answered
    • over 2 years ago
    • Sophos Firewall
    • Discussions
  • Block VPN Exntesion/Add-on On Chrome, Opera browser

    Nazir Heravi
    Nazir Heravi
    Hi guys, I've Sophos XG Home that block all Entertainment Web Browser. Problem is users use VPN add-on on Browser such as Hoxx VPN, Touch VPN, Ultrasurf,... so user still can access to Entertaintment site like "Youtube.com". I add application rule…
    • over 2 years ago
    • Sophos Firewall
    • Discussions
  • Adobe Creative Cloud updates failing with error 113 on XGS 87

    wineoh
    wineoh
    After I migrated from an XG85 to XGS87, I can no longer download Adobe Creative Cloud updates. I get error 113 which is a vague error that indicates the problem is on my end. My XGS87 is set up primarily with the defaults. I'm using XGS87 (SFOS 18.5.2…
    • over 2 years ago
    • Sophos Firewall
    • Discussions
  • "Securly" security provided by school conflicting with web proxy.

    Paul McGinnie
    Paul McGinnie
    I have an interesting problem, which I have solved but don't understand what is going on! I run Sophos XG Home SFOS 18.0.6 MR-6-Build655. My daughter has a laptop from school which runs an azure based cloud office setup, with a firewall/security app called…
    • over 2 years ago
    • Sophos Firewall
    • Discussions
  • Office 365 Exceptions

    Jason Bristow
    Jason Bristow
    Currently we have to create exceptions for Office 365 in the web filter by following the guide here: Sophos Firewall: Configure web exceptions for Office 365 It would be nice if the exceptions could auto-update the list of IP's and URLS from http:/…
    • over 2 years ago
    • Sophos Firewall
    • Discussions
  • GoogleDuo

    Sophos User5846
    Sophos User5846
    Unable to get Google's Duo chat app to function externally. I have all ports and services open to test it, and while it will connect, there is no audio or video. Ideas?
    • over 2 years ago
    • Sophos Firewall
    • Discussions
  • web policy override block page not displaying

    Gift Petros Kumdana1
    Gift Petros Kumdana1
    Client requirement: -blocking all unprofitable websites and app -web policy override configuration for specific users eg lectures and administration department Problem: -after blocking the websites requested and tested this page comes up …
    • over 2 years ago
    • Sophos Firewall
    • Discussions
  • Dropped due to TLS engine error: FLOW_TIMEOUT[5]

    Daniel Wilder
    Daniel Wilder
    I appreciate that other people have raised this issue before, but I am having problems with a specific IOT device trying to send a data packet to the cloud. This particular device (which reports the salt quantity in a water softener) causes the following…
    • over 2 years ago
    • Sophos Firewall
    • Discussions
  • Webpage HTML Inspection using DPI

    cm00001
    cm00001
    Hello, Is there a way to block a sites having a specific string in the HTML they render in a page when DPI is enabled? I know this is possible already on anything in the Url of a site, but what about the contents of a page? (within the HTML) Thanks…
    • over 2 years ago
    • Sophos Firewall
    • Discussions
  • Filtering Games by Rating

    Marianne Scavone
    Marianne Scavone
    Is there any way to filter games (XBox, PS etc) by their rating with the XG Firewall and the UTM Firewall? I know this can be done done with parental controls on the game consoles but canit be done with the firewall?
    • Answered
    • over 2 years ago
    • Sophos Firewall
    • Discussions
  • Scanning Emails - Invalid Certificate

    Hermann
    Hermann
    I am trying to scan inbound emails that are fetched by Thunderbird, the iOS mail client, and the Gmail Android app. Sending and receiving seems to work, however, copying to the sent folder does not, unless I accept invalid certificates under the POP/IMAP…
    • Answered
    • over 2 years ago
    • Sophos Firewall
    • Discussions
  • XG FIREWALL + STAS + WEB DPI Protection

    Cristiano de Morais Lima
    Cristiano de Morais Lima
    Hello, we have 2 Sophos XG Firewall 430 in active-active HA mode. And I've configured some firewall rules to allow users in some AD groups to navigate. Ex.: I create a firewall rule for each AD group and create a specific WEB Policy for this AD group…
    • over 2 years ago
    • Sophos Firewall
    • Discussions
  • SSL/TLS Inspection is blocking Veeam Backup Agent

    Gotschek
    Gotschek
    Hi, until last week i've used only the web proxy funcionality. Now i've configured the SSL/TLS Inspection and have a strange behavior. The Veeam Backup and Replication Server (Backup03 - in Backup-LAN) can backup the ESX-Server in LAN. But the Veeam…
    • Answered
    • over 3 years ago
    • Sophos Firewall
    • Discussions
  • problem in allow google translate only for users rule

    Ahmed Atif1
    Ahmed Atif1
    Dear All, I have a problem in make users use google translate after block all network traffic and the rule as below
    • over 3 years ago
    • Sophos Firewall
    • Discussions
<>