• Block all websites using https when Decrypt & Scan HTTPS is enabled

    buzz buzz
    buzz buzz
    Hi everyone! I have problem with the feature Decrypt & Scan HTTPS is checked. The situation is this, I am blocking facebook and youtube during office hours and to be able to block also facebook and youtube mobile apps I enable the Decrypt & Scan HTTPS…
    • over 7 years ago
    • Sophos Firewall
    • Discussions
  • Chrome/Android Oreo unable to Google even with UTM CA cert installed?

    Long Road SFC ITServices
    Long Road SFC ITServices
    I recently got a new Android device running the latest version of Android, Android Oreo 8.0.0. Having connected it to wifi at my workplace I find that I am unable to browse to Google in Chrome, even with the CA certificate from the Sophos UTM installed…
    • over 7 years ago
    • UTM Firewall
    • Web Protection: Web Filtering & Application Visibility/Control
  • HTTPS validation CA upload via RESTful API

    Sven Anders
    Sven Anders
    Hello! Because we have to upload many HTTPS validation CAs to the UTM and the UTM does not have an option to upload more than one CA at a time, we wrote a small script which uses the RESTful API. The script works fine and I can see all uploaded…
    • Answered
    • over 7 years ago
    • UTM Firewall
    • Web Protection: Web Filtering & Application Visibility/Control
  • Security Alert on Outlook with Office 365 email

    david kwock
    david kwock
    Hi, Our company using Office 365 email. Sometimes we are getting an security alert from MS Outlook saying that "The security certificate was issued by a company you have not chosen to trust..." as attached below: Please advise how to solve this…
    • over 7 years ago
    • UTM Firewall
    • Web Protection: Web Filtering & Application Visibility/Control
  • How can I set up web access via PROXY PORT only?

    Someone7272
    Someone7272
    After a year, I've decided to try Sophos XG again. Currently using UTM 9.5 - which has its issues, but works well. I am trying to find out how to force all web requests through the proxy port. Sadly, I'm not getting far with Sophos XG. If I add a…
    • over 7 years ago
    • Sophos Firewall
    • Discussions
  • Poor detection rate of web filtering - caused by wrong categorization or stay many websites uncategorized?

    FormerMember
    FormerMember
    Hi, XG has an poor detection rate in webfiltering, e.g. when trying to open websites of denied web categories like "nudity" or trying to open malware infected pages. Is this caused by putting new websites in wrong web categories, or is this because…
    • over 7 years ago
    • Sophos Firewall
    • Discussions
  • Transparent Proxy and Android 7.0 Nougat

    Brian Clarke
    Brian Clarke
    I have recently started using the home version of the Sophos XG firewall. I am currently testing the transparent HTTPs feature with the self-signed certificate which comes with the firewall. While it seems to work well with windows devices once the certficated…
    • over 7 years ago
    • Sophos Firewall
    • Discussions
  • Importing WebProxy certificate on MacOS

    Kolda
    Kolda
    Hello Community, could please anyone advice me how to import UTM WebProxy Certificate for HTTPS scanning on MacOS? I am completely familiar with this process on Windows but not on Mac. Thanks for help. Pavel
    • over 7 years ago
    • UTM Firewall
    • Web Protection: Web Filtering & Application Visibility/Control
  • Websites only sometimes blocked by web filtering

    FormerMember
    FormerMember
    Hi, If I open a website once, it's blocked. If I open it twice, it won't get blocked! Why does web filtering blocks some websites one time and a few seconds later not? Thanks in advance - Meghan
    • over 7 years ago
    • Sophos Firewall
    • Discussions
  • No Notification in RealTime scanning Mode

    FormerMember
    FormerMember
    Good day, today I switched to Realtime scanning in Web>Protection>MalwareScan mode. Now the downloads are much faster, but when I try to download EICAR Testfile, there is no "Virus Found" Notification. The file won't be downloaded, but I only…
    • Answered
    • over 7 years ago
    • Sophos Firewall
    • Discussions
  • HTTPS decryption exclusion for splashtop and logmein

    Chris Wright
    Chris Wright
    I need to be able to exclude Splashtop and logmein from SSL Inspection for them to work. I tried ^[A-Za-z0-9.-]*\.splashtop\.com/ which lets me connect through the client, but I am not able to remote into any machines. I am assuming that is because the…
    • over 7 years ago
    • Sophos Firewall
    • Discussions
  • HTTPS scanning with third party certificate

    brock eldridge
    brock eldridge
    Are there any trustful free ssl certificates that works well with sophos xg?
    • over 7 years ago
    • Sophos Firewall
    • Discussions
  • "Connection not private " error on Google Chrome

    Peter Levy
    Peter Levy
    Hi, Since Google updated Chrome to their latest version , I'm getting the following error on my clients machines (that are connected to the Web Appliance) on their browser : ERR_CERT_COMMON_NAME_INVALID I have disabled HTTPS scanning on the Appliance…
    • Answered
    • over 7 years ago
    • Web Appliance (Read Only)
    • Discussions
  • Yet Another HTTPS Inspection and Google Drive post

    iTechThingsSeriously
    iTechThingsSeriously
    I know this has been posted about several times, but I wanted to share what I used to get it working while not eliminating the ability to log Google searches which happens for me when I add the following as an exception... ^https?://([A-Za-z0-9.-]*…
    • over 7 years ago
    • UTM Firewall
    • Web Protection: Web Filtering & Application Visibility/Control
  • Possible to use a third-party certificate for HTTPS Inspection?

    Bill Roland
    Bill Roland
    Hi all, As I am getting more familiar with my new XG firewall, I am naturally wanting to do more and more things. I've started looking at the deep-packet inspection/HTTPS Decrypt and Scan functionality. I've seen the discussions on this board about…
    • Answered
    • over 7 years ago
    • Sophos Firewall
    • Discussions
  • HTTPS SSL CA deployment

    Nicola S
    Nicola S
    Hi All, I've decided to give HTTPS scanning ago, however, when deploying the certificate via GPO it's intermittently working. Sometimes gets removed etc or even though it's there, the websites still giving security alert page on chrome. I'm using…
    • over 7 years ago
    • UTM Firewall
    • Web Protection: Web Filtering & Application Visibility/Control
  • Sandstorm on Sophos XG v16.05 GA problem?

    Irvin ReynaldoRosario Vidal
    Irvin ReynaldoRosario Vidal
    Hi, i am testing the v16.05 GA for use the sandstorm you have any luck with this feature? i activate the http/https scan and Detect zero-day threats with Sandstorm and i get in all pages error 500 o 502 Thanks...
    • Answered
    • over 7 years ago
    • Sophos Firewall
    • Discussions
  • TeamWork Application

    Aditya Patel
    Aditya Patel
    HI Everyone, The application may be blocked due to HTTPS scanning and would need to disable the HTTPS scanning from the firewall rule to allow the traffic . Solution : The Web filter should show the URL's used to connect with its server, You may…
    • over 7 years ago
    • Sophos Firewall
    • Discussions
  • Some URLs are blocked when using HTTPS Inspection

    Peter Lapornik
    Peter Lapornik
    We are facing an issue of blocked requests when using the "Decrypt & Scan HTTPS" option for certain sites. Here is an example: https://channel9.msdn.com/ works https://channel9.msdn.com/blogs works (it gets redirected to https://channel9.msdn.com…
    • Answered
    • over 7 years ago
    • Sophos Firewall
    • Discussions
  • Sophos XG HTTPS Hostname Blocking

    OliverKnights
    OliverKnights
    Hello, I seem to be having issues connecting to the HTTPS webpages for ESXI and Vcenter. My PC's are in the zone LAN and my https websites are in the zone LAB. I can connect to the sites fine using IP. When i try to connect to the sites using the…
    • Answered
    • over 7 years ago
    • Sophos Firewall
    • Discussions
  • Backblaze Web Exceptions

    KaipoAlakai
    KaipoAlakai
    Hello, I was having issues with the BackBlaze software agent not getting full upload (backup) speed regardless of the number of threads I gave it. Since the agent encrypts the files before uploading, there is no reason to have the firewall attempt to…
    • over 8 years ago
    • Sophos Firewall
    • Discussions
  • Ubisoft Uplay Web Exceptions

    KaipoAlakai
    KaipoAlakai
    Hello, After much troubleshooting, here is what I had to unblock to get the Ubisoft Uplay desktop client to work without any issues: I had to create a HTTPS decryption exception with the following URLs local[0-9]*-mtl-[0-9]*\.ubisoft\.qc\.ca/ steamcdn…
    • over 8 years ago
    • Sophos Firewall
    • Discussions
  • XG135 (SFOS 16.01.2) is blocking unknown protocol traffic by default

    Ishwarsingh
    Ishwarsingh
    Hi, Currently my device XG-135 is running on V16.01.2, and it is weird to see that it is blocking unknown protocol traffic. Although "Block unrecognized SSL protocol " option is disabled under Web--> Protection. Below screenshots for reference. …
    • over 8 years ago
    • Sophos Firewall
    • Discussions
  • Onedrive download not working

    Giles Wright
    Giles Wright
    Using new 16.02 version XG firewall with https decryption & scanning enabled (bridge or gateway mode no difference) Onedrive uploads files successfully.... But cannot successfully complete any downloads.... Have tried excepting the network storage…
    • over 8 years ago
    • Sophos Firewall
    • Discussions
  • Decrypt HTTPS Breaks JAVA Apps - Exceptions Useless

    JeffBrunner
    JeffBrunner
    Having an issue at a client where we installed an XG firewall, a Java application that has no problem outside the firewall refuses to load, Java complains of SSL certificate errors. Have configured exceptions for the site that hosts the app but it still…
    • over 8 years ago
    • Sophos Firewall
    • Discussions
<>