Hi, I'm new to XG firewalls, so please bear with me. I have created a user and a web policy override access code as outlined here:
https://support.sophos.com/support/s/article/KB-000038467?language=en_US
This is working as expected, but when typing…
Hi, Community, one of the problems we are facing is to allow the internet based on MAC address to both the VLAN Users if this is not possible due to the involvement of the router then is it possible to create a rule on FW to use it as a proxy. My network…
I am currently migrating a customer from utm to xg.
He is using an upstream proxy for any some corp websites, the others are going directly on Internet.
All the clients are using the utm as a explicit proxy at this time.
As there is a default…
We have a URL Filtering Exception for all apple.com traffic. See below.
^([A-Za-z0-9.-]*\.)?apple\.com\.?/
Is it possible to craft/recreate the above to apply the exception to all apple.com traffic except music.apple.com ?
Therefore blocking music…
Hi there,
we are a school that currently has a Sophos XG that is doing our web filtering.
We now want to change to Smoothwall for the filtering and would like some advice please.
Currently, the setup is: LAN > XG > Router > WWW
With the Smoothwall…
Hey Sophos,
We've recently been testing Packet Inspection / HTTPS Decryption and was mostly a success, but some sites were presenting the below, even when we had the appliance cert installed. Can someone shed some light as to what was causing this…
Hello,
Once that a policy checks exception has been created, can I ignore this same exception for a specific group by a firewall rule (it can be by a IP Range, IP list, networks, Host Group, by selecting an entire in interface... it doesnt 'matter)…
Hey folks,
So I don't think there is an answer for this yet unless there is some funky AI based technology that might be in the endpoint soon.
A school came to me saying there were inappropriate images being displayed. Turns out there wasn't at all…
Hello there,
Can we export a list of default categories that can be blocked by Sophos? If we can save this as pdf or word file , it would be good
Thank you.
Hello,
I am looking for a way to regulate internet traffic based on user agents. Unfortunately I don't have control over the devices in our network, so I would like to restrict access to the internet based on the operating system. I read in another…
Hi everyone, I'm new to the XG and I'm running into an issue allowing an EXE download without any browser warnings.
I first created an exception using under "web" --> "exceptions" that included a regex: ^([A-Za-z0-9.-]*\.)?lumension\.com/
However…
So does anyone know if Sophos keeps this list updated when you download it ?
Also , what happens if you have already uploaded it ? Does it only import the news ones if there are or does it duplicate it ?
https://support.sophos.com/support/s/article…
Hi
I have a requirement to block some streaming sites such as Youtube from user access. I know it can be done by using the native default Video Hosting Category.
However, when we use that, it block all video hosting services. I want to use more specific…
Hi All,
I try to add subnet network in Web exception, but it (example: 203.104.150.0/24 ) didn't work.
So I have to bypass the subnet network in top firewall rule.
Is there any way to bypass subnet network in Web exception?
Shunze
We have 1 computer at a client that gets the following message: Your connection is not private. It points to www.googleadservices.com
NET:ERR_CERT_AUTHORITY_INVALID
When I look at the certificate, it says Issued to: www.googleadservices.com Issued…
Hello ladies and gentlemen,
I am having some issues when trying to connect to AAD Connect.
I have internet access on the server and the web proxy powershell test succeeds status 200, however when I look at the event logs I see errors when the communication…
Sorry if this is a stupid question, but I'm fairly new to the Sophos firewall world and some things aren't as clear as other vendors.
I have a third-party that is publishing a Sage ERP software package for my client. We can authenticate the published…
Hi,
We're migrating from UTM's over to XG's. The UTM were able to host a wpad.dat file, and we load balance the address via an F5. The wpad contains ${asg_hostname) , this is then populated by the relevant UTM when the file is downloaded by the client…
I am customizing the blocked pages that users get to see if policies are not met. This went pretty well, up until the point where I tested the download of a fake virus file, and. I customized the Message for block actions in Web -> User notifications…
Hi,
I'm trying to set up a rule for Discord traffic but cannot get it working
tried to find out from LogViewer what I need to add to the rule but informations I found there are rather confusing - the same traffic (dst addr & port) is once denied and…
If I do a policy test for https://sophostest.com/adult/index.html the Web Protection Category is marked as "Information Technology"
If I do a policy test for http://sophostest.com/adult/index.html the Web Protection Category is marked as " Sexually…
Hi,
I'm new to XG and am setting up web content filtering. I may be missing something, but I'm trying to set up an "Activities" group adding my own selection of Categories, and I don't see "porn" as a category. I do see "Sexually Explicit", but the…
Hi Everyone
I want to use create a custom Category pointing to an external URL database. The category seems to work fine is the numbers of records is relative small (I've tried <200). Does anyone know what the max record limit for external URL database…
Today i was trying to edit a custom Web categorie. This Categorie consists of both URL's as well as keywords.
My purpose was tot delet the last keyword in the categorie. This does not seem to be possible. When i delete the last enkeyword entry and click…