Has anyone been able to get ZTNA to iDRAC working? I have st all the ports and access method Agent. When I connect to the iDrac i get a web prompt Your connection isn't private Attackers might be trying to steal your information from idrac.xxx…

Hi Leute, ich habe ein kleines Problem bei der Einrichtung einer VPN Verbindung. Ich habe vom VPN Anbieter eine .ovpn Datei sowie ein Zertifikat im .p12 Format und eine .key Datei erhalten. Alles drei residiert im Dokumentenverzeichnis in einem Unterverzeichnis…

When I go to edit the certificate and upload the certificate which is due for renewal ( every 13 months ), it fails with the following error at the top center of the screen: Certificate could not be updated as it is already used by HTTP Based Policy…

Hello, We are using the DPI engine and have created SSL/TLS inspection rules. Unfortunately, we receive a certificate warning for some websites even though the firewall certificate has been imported. What could be the reason for this and how can we…

Hello everyone, is there a complete Guide available for setting up XGS and NPS with EAP and certificate authentication? We want to move on from a working EAP and MSChapv2 configuration because it is deprecated. i wonder, do i need to change…

HI all, Hoping you can help. Recently an external website we access has been updated and hosted elsewhere. Following the move we now get the following error but only when connecting via the VPN (Remote access). We can browse to the site without issue…

Good day I have client with XG 230, the They don't have an Active Directory, is there a way to install ssl appliance certificate to all machines.

Hi, I have ONE of 3 new installs of XGS-126 having long known problem with Sophos CA certificates on some popular URL addresses. For example, users cannot download Google Chrome: I guess problem is HSTS, where browser detects MITM, which is Sophos…

Does regenerating the Appliance Certificate affect any other access besides SSL VPN? This is my issue, we recently had our XG210 replaced and rebuilt the new unit with a backup. Prior to the firewall failure SSL VPN has been my goto setup for staff who…

Tried to add a certificate to an unmanaged Chromebook device with latest Chrome OS version (someone brought in their own device). Followed the steps as we have used for years. Download the CRT file and open Chrome Security settings and under manager certificates…

Dear Friends: I’ve been following this article because none of my reports were working. Sophos Firewall: No reports show After flushing the reports, it appears as though I never completed the configuration of my WAF certificates. So, I decided…

Case is not resolved. Please open the case. Sophos team has migrated cyberoam to Sophos firewall & Its working properly from last 3years with Cyberaom certificate which expiry is 2036. The issue is Sophos connect 2.3 is not working but 2.2 & 2…

Hi everyone, I'm enforcing my TLS inspection rules to more strict and secure with best practices. So my Decryption Profile: Using https://badssl.com/ for tests scenarios I had success in almost all practices: invalid date working as…

Hey there, on old SUM Firewalls there was an SSL VPN Installer incl. configuration on Userportal. When you have installed this, you got an openvpn.cfg file and the user certificate. I have changed our Firewall to an XGS and now i need the new…

Wir verwenden im Unternehmen die Sophos Firewall und das Sophos Connect für den VPN-Zugang. Demnächst läuft eines unserer SSL-Zertifikate aus. Da ich noch recht unerfahren im Umgang mit Sophos bin, wollte ich nun wissen, ob das Auswirkungen auf unsere…

Good day all.. I have a no-name Firewall running with pfSense and FW Certificate. As my new Sophos XGS87 Firewall does not support pfSense I want to import the existing FW Certificate into Sophos. Problem: as per Sophos website I have to import…

I'm aware of the KB that states when it is required to re-download the SSLVPN configuration when changing global settings but it doesn't specify the certificate as one of these things. So what happens if you renew an active certificate before it expires…

Good Eve. Trying to connect to a network switch via https. Error page : The trust status of this website's certificate could not be securely established. About this request URL: https://somePublicIP Certificate details: Valid From: Feb…

Hallo, mein Ziel ist es über Domänen Zertifikat die SSL/TLS inspection zu machen. Ich bin nach folgender Anleitung gegangen ( https://docs.sophos.com/nsg/sophos-firewall/19.5/Help/en-us/webhelp/onlinehelp/AdministratorHelp/Certificates/HowToArticles…

Dear collegues! When we access the Webconsole through the internal network https://xxx.xxx.xxx.xxx:port, the browser recognizes the certificate for https access as not secure. We are using the default Sophos certificate. How should I fix this problem…

Hello! I know that a few years ago there was a feature request on the currently retired Sophos's ideas portal, regarding remote access SSL VPN with certificate only based authentication, for Sophos XGS firewalls. Does anybody know if it's possible right…

Hello, we have multiple environments of Sophos SG and XG Clusters. As we are not able to check every Cluster itself we automated a notification for WAF Certificate Expiration. On SG this is built-in but not so on the XG. I searched a little, and…

In 2018, Sophos integrated Let's Encrypt with their UTM series, leaving XG(S) users anticipating a similar feature. Many, including us, have turned to API solutions due to the lack of progress which is fine. However, the XG API feels less refined compared…

Last year or so ago we had a case regarding this issue. Once again a vendor conducted a friendly PCI scan on our public interfaces and send us a notice of Non-compliance. The robot scanner is seeing the self-signed appliance certificate on PORT 3400…

Hallo zusammen, wieso kann ich bei import certificate nur "certificate only" auswählen?