• Notifications of Global Verification CA expiration.

    Max Lisaevich
    Max Lisaevich
    I started receiving notification on certificate expiration. I found out it is DST Root CA X3 global verification CA. I disabled this certificate, but still receive notifications. How to delete this certificate correctly as there is no delete option in…
    • over 3 years ago
    • UTM Firewall
    • General Discussion
  • Sophos intercept x for mobile web protection

    Sohan Ray
    Sohan Ray
    Sophos intercept x for mobile web protectionCan Sophos intercept x for android web protection detect previously unknown malicious web pages? Like a malicious web page whose URL has not yet been registered/recorded in the sophos threat intelligence…
    • over 3 years ago
    • Free Tools
    • Discussions
  • Unblock categories for certain user

    Ricky Kua
    Ricky Kua
    admin we have enforced entire organisation with a standard Web Protection Policy. our marketing personnel is not able to access google Ads because it falls under one of the blocked categories. is there a method we can allow this user/device to bypass…
    • over 3 years ago
    • UTM Firewall
    • Web Protection: Web Filtering & Application Visibility/Control
  • Sophos utm 9.7 nat

    Magy
    Magy
    Nth
    • over 3 years ago
    • UTM Firewall
    • General Discussion
  • asg Sophos utm 9.7 ideas

    Magy
    Magy
    Dear Sophos support As tried to share some ideas and its written in the Ideas page but sounds that nobody read :D So I thought to yell my ideas in the support chat but sounds the matter so complicated and the chat Guy WAS NOT helpful.. So i thought…
    • over 3 years ago
    • UTM Firewall
    • General Discussion
  • outlook.live.com web reputation = suspicious?

    D_Valinske
    D_Valinske
    Today 05/27/2021, our SG UTMs started denying access to outlook.live.com due to its reputation being set to suspicious. The reason given is related to PUPs. I suppose I could see some far fetched rational for this but, really, it's outlook online guys…
    • over 3 years ago
    • UTM Firewall
    • General Discussion
  • How does web filtering rules apply?

    Prakhar Jalan1
    Prakhar Jalan1
    Hello, We have 4 terminal servers for which we have defined a web filtering policy. All the servers have an internal application installed which reaches out to the internet on port 9009 to update some information within the application. We have allowed…
    • over 3 years ago
    • UTM Firewall
    • Web Protection: Web Filtering & Application Visibility/Control
  • UTM 9.705-3 Web Proxy Blocking Windows Update reason=range HTTP response code 416

    William Trelawny
    William Trelawny
    I've seen this answer: https://community.sophos.com/utm-firewall/f/web-protection-web-filtering-application-visibility-control/125440/windows-update-fails-on-utm-9-705-3 But the proxy is still blocking access to http://2.tlu.dl.delivery.mp.microsoft…
    • over 3 years ago
    • UTM Firewall
    • Web Protection: Web Filtering & Application Visibility/Control
  • Web Protection - Filtering / Categories

    ChrisSoukup
    ChrisSoukup
    I would like to create new filter categories to use in Web Filter Profiles. When creating a new "Filter Category" sub-categories have to be selected. Are there any lists which websites will be blocked by a certain sub-category? For example the sub-category…
    • over 3 years ago
    • UTM Firewall
    • Web Protection: Web Filtering & Application Visibility/Control
  • Icould-content not showing

    Fadi Hamdan1
    Fadi Hamdan1
    Hi All, Recently I have noticed a weird issue that my computers behind Sophos UTM are not loading Apple iCould Content. I have made all apple exceptions as showing below. It keep loading!!!!! It works when I switch to 4G connection. Any suggestions…
    • over 3 years ago
    • UTM Firewall
    • Web Protection: Web Filtering & Application Visibility/Control
  • classifying web sites

    damiri
    damiri
    Hi, we operate in non-English speaking area where most of web pages are in some other languages. Sophos XG web filter is lacking A LOT of classification on those web pages and current process for classify those is very time consuming. The way we know…
    • over 3 years ago
    • Sophos Firewall
    • Discussions
  • UTM is Blocking any http Sites.

    Rizal F
    Rizal F
    Hi, so anyway, my UTM is blocking any http sites/traffic. but https is fine. any ideas? the UTM is on Bridge Mode the error:
    • over 3 years ago
    • UTM Firewall
    • General Discussion
  • Sophos XG Firewall - WAF Rule - Multiple Domains and One Public IP

    JakeCherrie
    JakeCherrie
    Hi Everyone, I'm a little new to Sophos XG Firewalls and really firewalls in general. I always thought it was not possible to host multiple services (e.g. websites) on the same port and public IP address but when I started to play with Sophos XG Home…
    • Answered
    • over 3 years ago
    • Sophos Firewall
    • Discussions
  • getting the complete URL request from block log

    LHerzog
    LHerzog
    Hello, over the day we have a lot of block reports from different users in Sophos Central with this URL: 'https://trmcdn.eu' blocked due to category 'Intimate Apparel & Swimwear' I assume, this site is hosting media files for newspapers or so in…
    • Answered
    • over 3 years ago
    • Sophos Endpoint
    • Discussions
  • Web Filtering remains active even when disabled

    Michael Traner
    Michael Traner
    Hello All, This is a repost of an unsolved problem from the Sophos subreddit ( www.reddit.com/.../) , so if it looks familiar that's why. I'm running Sophos XG SFOS 18.0.4 MR-4 and running into issues with web filtering. In short, the category "IP…
    • Answered
    • over 3 years ago
    • Sophos Firewall
    • Discussions
  • regular expression for XG web exceptions

    ecar13
    ecar13
    On my UTM firewall I was able to add a web exception like this: ^https?://([A-Za-z0-9.-]*\.)?gstatic\.com/ But on XG 18.0.4 if I try to enter this, I get an error "You must enter a valid domain name" I was able to slightly modify the regex by removing…
    • over 3 years ago
    • Sophos Firewall
    • Discussions
  • Web Filter Policy Blocking - Page for Users

    cm00001
    cm00001
    Hello, I am having an issue, in which users, after hitting a blocked website, are redirected to a page in the firewall that doesn't exist. If a user accesses Netflix and is blocked, it will be redirected to: https://<XGFIREwall_FQDN>:8091/ntlmauth…
    • Answered
    • over 3 years ago
    • Sophos Firewall
    • Discussions
  • Web Application services not accessible

    Mwinula Said
    Mwinula Said
    After upgrading the firmware to SFOS 18.0.3 MR-3 now users are not able to access web services using local/Private IP addresses, only it works when NATted to the Public IP. Could any one help on this please?
    • over 4 years ago
    • Sophos Firewall
    • Discussions
  • SSL/TLS inspection applies, although no filtering is enabled in the firewall rule

    Steppenwolf
    Steppenwolf
    Hej, I have the following problem: on certain pages the SSL/TLS inspection is effective although the filtering is not active in the firewall. This affects both the new XStream filtering and the filtering via the web proxy. A HTTPS connection cannot…
    • over 4 years ago
    • Sophos Firewall
    • Discussions
  • Remote Access - Dyndns

    feroz syed
    feroz syed
    Hello, is there anyway to setup SSL VPN without static ip, there is no option on ssl vpn configure to define the public domain name. This option available on XG and it working fine, but UTM i don't see way to setup remote access without static ip.
    • over 4 years ago
    • UTM Firewall
    • General Discussion
  • XG Web application firewwall rule - path routing - path translation?

    Fred_B
    Fred_B
    We are using the XG with Web Application firewall rules and path routing. It works but is there a way to translate a long inside path to a short outside url? With our old firewallI it was possible to have something like ourdomain/RestAdapter translate…
    • Answered
    • over 4 years ago
    • Sophos Firewall
    • Discussions
  • DOD requirements

    Anthony Anderson
    Anthony Anderson
    I have a client who needs to be able to disconnect SSL VPN users based on them trying to access another website such as Dropbox or another public cloud. Here is the exact question: " Can we drop connections based on the site accessed? ie. dropbox or…
    • Answered
    • over 4 years ago
    • Sophos Firewall
    • Discussions
  • SSO or alternate secure authentication with hardend AD

    dduchardt
    dduchardt
    Hello, Until now we used AD-SSO and it worked. Now we're in the process of hardening our AD and want to disable NTLM as far as possible. Since the UPM uses NTLMv2 for SSO that's a problem. Of course we can define an exception to still allow NTLMv2…
    • over 4 years ago
    • UTM Firewall
    • Web Protection: Web Filtering & Application Visibility/Control
  • Wild Card Blocking/Filtering?

    yesandno
    yesandno
    Hi everyone, How and where do I enable wildcard blocking? I want to block all the stupid, ",io" TLD's among others. Something like this; https?://[A-Za-z0-9.-]*\.io/ just not sure where to put it. Thanks in advance!
    • Answered
    • over 4 years ago
    • Sophos Firewall
    • Discussions
  • Firewall blocking

    Dhanalakshmi Papaiah
    Dhanalakshmi Papaiah
    We have created Site to Site VPN tunneling . Port 443 of the specified IP but cannot access the IP . The error log say Web protection block how to fix this . I tried adding IP in exception and while list but that doesnot work How to fix this
    • over 4 years ago
    • UTM Firewall
    • General Discussion
<>