I am trying to access the website https://uae.tweb.ttfuel.com/v2/ . Its accessible outside the office network. But its not accessible inside the network. Its saying site can't be reached. I am using Sophos xg firewall and I am new to Sophos. I think firewall…

Dear Support Team, Dear Support Team, I have Sophos Firewall XG330 (SFOS 20.0.0 GA-Build222) The Web policy is not working. when i blocked the https then all site all blocked. i checked the policy tester. its web policy is working. But when we open…

I’ve noticed that some sites subjected to TLS inspection still present valid certificates from reputable CAs without generating on-the-fly appliance certificates. This behavior seems unusual because, typically, I would expect the appliance to generate…

We have a learning website, that we want to allow YouTube access to. The website contains YouTube videos that we want to allow. But on the YouTube website we want to block YouTube access. Currently YouTube is being blocked with Application filtering.…

Hello everybody, I created a rule to prohibit the social network Facebook in Web then Policy, I applied it to a Host, I created a new firewall rule where I applied this, then activated.the rule does not work and facebook still works. How to make the…

Hi, I would like to block inbound emails by email domain extension in my SOPHOS FIREWALL, for example: .ru .cn Now i'm blocking by the complete domain (*@domain.extension), but i would like to block by domain extension. Thanks Nuno Mo…

Dear All i have this problem in pic i tried to close category (travel ) but as an execption i opened this site called (Tripadvisor) it opened but this is always the view ??? can u help me please ?? i hae to open the travel category to open normally…

We noticed that Microsoft Office was not updating, so we added the Microsoft Office exceptions as per Sophos Firewall: Configure web exceptions for Office 365. Next, we encountered an issue where Google Chrome wouldn't install, so we added the exceptions…

how can i block dawnload portable application?????

I have enabled SSL/TLS inspection to do MITM for HTTPS(443) trafic from LAN to WAN. I have push by GPO certificat CA to windows computer. That work just fine for most site. Now I have an issue with site that have HSTS enabled. For those site that enable…

Hello Community,I would like to ask your help to fix a funny problem I have. All my PC are protected by Sophos Home (Primium Subscription) and I have a Sophos XG Home edition. In two PCs of my network I have 2 web sites that are not downloaded properly…

Hello, I am running SFOS 19.5.4 and I noticed that I cannot get to any secure apple.com website since the last update. I try to go to apple business manager (business.apple.com) and it will just spin and eventually time out. I also tried to purchase a…

Hello, We are using the DPI engine and have created SSL/TLS inspection rules. Unfortunately, we receive a certificate warning for some websites even though the firewall certificate has been imported. What could be the reason for this and how can we…

Hallo Zusammen, ich versuche aktuell das ICloud Private Relay in meinem Netzwerk zu blocken/verbieten (damit hier auch über Safari die Policy greift). Hierzu habe ich folgendes herausgefunden, man muss diese beiden URLs blocken: mask.icloud.com…

Guten Morgen zusammen, wir haben diverse Websites gesperrt. Leider bekommen wir aber die Meldung, dass der User sich anmelden muss um die Website zu besuchen. Die gewünschte Meldung wäre aber diese hier: was müssen wir einstellen, damit die…

Hello everyone, I'm trying to understand what the best or correct whitelisting method is. Scenario: I need to whitelist URLs for a new application. Method 1: Firewall Rule 1) Create FQDN Host: *.example.com 2) Create Firewall rule Source…

Hallo Kollegen, Seit Jahren nutzt die Zweigstelle eines Kunden die Sophos UTM in der Zentrale als Internet Proxy. Das funktioniert(e) auch immer einwandfrei (UTM der Zweigstelle im Browser als Proxy angeben und gut is). Die Zweigstelle ist, unabhaengig…

Guten Morgen, seit einigen Tagen ist der Login bei eBay mit der folgenden Fehlermeldung deaktiviert: Stop! This Download is blocked. Wenn ich ebay.de auf die Liste der Ausnahmen für die SSL/TLS Inspection setze kann ich mich wieder normal einloggen…

Hi, I have ONE of 3 new installs of XGS-126 having long known problem with Sophos CA certificates on some popular URL addresses. For example, users cannot download Google Chrome: I guess problem is HSTS, where browser detects MITM, which is Sophos…

Hello, currently I have a problem with my sophos XGS Firewall. I would like to allow a specific Website for our marketing department. tiktok.com I also add this site to "Allowed URLs for Default Policy" and "Local TLS exclusion list" but nothing happened…

Greetings community. I have an XGS126 device (SFOS 20.0.0 GA-Build222) I'm trying to do a policy test on google.com, facebook.com, and I get this message: An error has occurred in resolving the URL, please update the URL and retry the policy…

Hello, I have recently see my officesetup.exe installation blocked when I activated the app-filter based on this policy "Block generally unwanted apps" on my LAN TO WAN firewall rule. This blocked was manifest juste after launch the officesetup.exe…

Hi everyone, I'm enforcing my TLS inspection rules to more strict and secure with best practices. So my Decryption Profile: Using https://badssl.com/ for tests scenarios I had success in almost all practices: invalid date working as…

Is there any way to implement a captive portal without any account or guest login? Just a disclaimer -> confirm -> web surfing allowed?

We're having some strange issues currently only reported for debian repositories. When trying to download random files from there with browser or wget - the requests randomly seem to time out and / or users get a STOP message from the firewall. Sometimes…