Hello together, i have the issue that some Websites like https://www.mediamarkt.de , https://www.poco.de , https://moemax.de are disconnecting the TCP Stream when our Sophos Firewall is running TLS Decryption against them. Once the TLS Decryption…

Hi there, I have a single static public IP that I'm using for SSL VPN incoming connections and for exposing a host (PBX) along with the following services: 80, 443, 5060, 5061, and RTP range 9999-15000. The PBX manufacturer provides a DNS service…

Can anyone help figure out what to let through the web filter to get the onvue proctored exam streaming software to work through an XG210? On the test connection it is failing everytime on the video streaming check. When I look in the firewall logs…

This is partly a question, partly a what's other peoples experience with this Doing some heavy speedtest loads on an XGS136 and an XG 135 and while both units with TLS inspection on will do 800mbps+ on the download they will only do 190mbps(XGS136)…

I'm trying to test the web filter with a content filter and am experiencing unexpected behavior. I've created a blocked terms list with the following term: and uploaded it to a content filter called blocked_terms. I've also set up a web filter policy…

Hi all, So we have Sophos XG Firewall as well as the Sophos endpoint client for A/V, web filter etc etc... The issue I am having is that we have more detailed filtering at the firewall level so no issues when users are connected to the work network…

Is it expected behaviour for url keyword blocking not to work when DPI is enabled? See below for an example: I created the following category: With the following user activity: which I added to the following web policy However, when…

Hallo, ich habe mit einer Sophos XGS 2100 im HA ein Problem mit der SSL / TLS Encryption. Wir benutzen das Programm SFIRM, welches Probleme mit der Encryption hat. Ich habe dementsprechend Kontakt mit dem Sparkassen-Support aufgenommen und die…

hello, How does a computer behave when it is in the firewall network but is also supposed to use and utilize various web policies via Sophos Endpoint Protection? The firewall also has a web filter that has been rolled out to different users and PCs…

Prezados, utilizamos o Sophos XG 135, com ultimo firmware aplicado. Estou tendo problemas ao atutenticar nos sites do gov.br Como exemplo a URL: https://sso.acesso.gov.br/login?client_id=www.gov.br&authorization_id=18d47433c8d Recebo aviso de…

Hello, I have a problem with our Firewall. We have a service Provider who takes care of our website, which is hosted by them. When they do any changes on the website, I cannot see these changes while connected to the internet through our firewall. If…

Hello everyone, At the moment we are thinking about changing from Web Proxy to DPI on XG 230. As I understood from public documentation, there are some features, only supported with Web Proxy mode, but we are not using any of these currently. Therefore…

Hi everyone. I'm currently with arista/untangle & thinking on switching over to sophos xg. I have some questions though about the firewall. One thing i use quite a bit with arista is their content filtering (which is why i'm not going to go with pfsense…

Hi Sophos Community, We're currently experiencing difficulties with Zoom calls after implementing Sophos XG Firewall rules and policies. Issue: Zoom calls encounter disruptions when our Sophos XG Firewall rules and policies are enabled. Disabling…

I'm trying to figure out how the web proxy works. I configured a browser to use SFOSv20-IP:3128 I only want web access through the proxy, no proxy configured, no access. I've followed the example, with Web policy "Allow All" and Destination…

The thread was closed but I wanted to share my solution. Here is the original thread. https://community.sophos.com/sophos-xg-firewall/f/discussions/141624/can-t-get-eso-updater-to-work-as-exception-any-ideas Here was my solution. I created…

I blocked the adult and nudity category in my sophos xgs 2100 firewall. But still many porn sites are accessible. Is there any way to block it completely?

Explain like I'm 5 (maybe a 5 year old is smarter at this point, who knows)... We have SSL/TLS inspection rules under "Rules and policies." One of these rules is the built in "Exclusions by Website, which references both a Local and Managed TLS exclusion…

want to unblock translate.google.co.in for all in xgs 2100

When selecting a Web policy or an App policy from a drop-down list, there is a "None" option and also an "Allow all" option. If you select "None," doesn't that mean the same thing as "Allow all"?

We installed a Sophos virtual appliance in bridge mode in front of a pfsense firewall in order to intercept all traffic within the LAN infrastructure of our network for reporting purposes. This is what our current topology looks like: LAN --> sophos…

Hello, on my old UTM i got an exception which gave web access to unauthenticated users to several domains like microsoft.com or windowsupdate.com. How is that possible on xgs? The Webfilter does not contain an exception for authentication.

Using TLS decryption and vendor Docusign suddenly causes issues with our XG firewall on 19.5.3. Happens also on other browsers and OS. Here Safari in MacOS. it works using classic proxy as described here: https://support.sophos.com/support…

Hello everyone, we have been having problems with video conferencing via browser for some time now. We are using a XG 230 in webproxy mode with HTTPS decryption, IPS and ATP activated. The clients are configured with a standard / manual proxy. Everything…

Hello everyone, Since v20 I need to disable / enable a SSL/TLS Decryption rule nearly every to every 2 days. It stops processing traffic and on a client device it "feels" like the internet is down. This instantly recovery after disabling / enabling…