• Block traffic (HTTPS) between vlans

    Bastiaan van Leeuwen
    Bastiaan van Leeuwen
    Hi i have an UTM firewall and need to block HTTPS traffic between two networks on the UTM. Currently i can browse from one interface in vlan A to another interface in vlan B, but i want to block that. Looks like there are no firewall rules which allows…
    • 5 months ago
    • UTM Firewall
    • General Discussion
  • SSL traffic fails to respond from WAN interface

    rm501
    rm501
    Hi all I have just provisioned a new WAN interface (LTE router) as a failover WAN at a site with latest UTM. Any traffic from this WAN that hits an SSL endpoint on UTM or LAN (incl. WebAdmin, SSL VPN, SSH & other HTTPS servers) simply times out. …
    • over 2 years ago
    • UTM Firewall
    • Network Protection: Firewall, NAT, QoS, & IPS
  • Opening h264 videostreams via http significantly delayed when "Realtime-Scans - Internet" is active

    148Points
    148Points
    Hi, when opening a streaming h264 video on a website over http (does not occour via https!) we get this message: When we disable "Realtime-Scanning" -> "Internet" the video plays fine. Can anyone guide me on how to prevent the delayed playback/warning…
    • over 2 years ago
    • Sophos Endpoint
    • Discussions
  • Web Protection - Filtering - SSL decryption and scan without certificate ? + Few more questions.

    DeltaSM
    DeltaSM
    Hello everybody, I'm currently trying the Web Protection. I understood how it works, transparent/standard mode, etc. However, I noticed that lots of things don't work in case HTTPS is configured on "URL filtering" only (download scanning, download checks…
    • over 2 years ago
    • UTM Firewall
    • Web Protection: Web Filtering & Application Visibility/Control
  • Surfen auf http- Seiten nach Aktivierung von SSO nicht möglich - https - kein Problem

    Lars Zimmermann1
    Lars Zimmermann1
    Hallo zusammen, ich habe folgendes Problem, wofür ich auch mit viel Suche keine Lösung gefunden habe. Ich habe STAS konfiguriert - funktioniert auch - die Benutzer, welche surfen werden automatisch angelegt Single Sign on ist aktiviert und die AD…
    • over 2 years ago
    • UTM Firewall
    • German Forum
  • HTTP proxy restarted while using MS teams - Sophos SG 135 UTM

    Rajesh Sivarajan
    Rajesh Sivarajan
    I Have an issue with Sophos SG 135 UTM .I get a message "HTTP PROXY RESTARTED " and this particularly happens during the sessions of Teams Calls .see below details of UTM Model: SG135 Subscriptions: Base Functionality Email Protection Network Protection…
    • over 3 years ago
    • UTM Firewall
    • Web Protection: Web Filtering & Application Visibility/Control
  • "Internal" durch WAF leiten (für Zertifikate etc.)

    Stefan Wegener
    Stefan Wegener
    Hallo Forum, zuerst: vielleicht denke ich hier etwas kompliziert, aber eine "einfachere" Idee kam mir bisher nicht. Ich habe eine VM in meinem "Internal" LAN. Diese stellt nur einen HTTP-Dienst (TCP 80) nach außen zur Verfügung. Darum habe ich diese…
    • Answered
    • over 3 years ago
    • UTM Firewall
    • German Forum
  • HTTPS traffic being dropped from a single host by FORWARD chain

    Dave Curr
    Dave Curr
    [this is now an FYI, as whilst writing this, I found the issue - others may benefit from this, so i'll complete the post] I have a single PC on my network, and some https traffic (all to either google, facebook or instagram) is being dropped against…
    • over 3 years ago
    • UTM Firewall
    • Network Protection: Firewall, NAT, QoS, & IPS
  • Intercept-x blocking Malware site in http but not https, XG firewall does.

    LHerzog
    LHerzog
    Hi, on our XG I found this logs frequently ;Time;Log subtype;Username;Src IP;Dst IP;Category;URL;Bytes sent;Referrer;Message ID;Policy ID;; Web filter;27.01.2021 12:28;Denied;xxx;xxx;35.201.108.94;Spyware & Malware;https://logs.spilgames.com/lg/pb…
    • over 3 years ago
    • Sophos Endpoint
    • Discussions
  • blocked HTTPS websites only show SSL_ERROR_RX_RECORD_TOO_LONG when Web Control is enabled

    LHerzog
    LHerzog
    users reported sites not loading showing the error SSL_ERROR_RX_RECORD_TOO_LONG. this is caused by intercept X Web Control function. When I disable this feature, the websites are loading fine. example: https://www.weihnachtsbaum-heidelberg.de…
    • Answered
    • over 4 years ago
    • Sophos Endpoint
    • Discussions
  • Need to be able to Report Youtube usage by computer/IP

    Carlos Carrasquillo
    Carlos Carrasquillo
    I have a customer with Multiple sites with XG105. Currently running 17.5.14 and I need to be able to run a report that shows either the hostname or the IP of the computers surfing YouTube. They don't want to block it but they want to see who is using…
    • over 4 years ago
    • Sophos Firewall
    • Discussions
  • XG Firewall Home Web Server not working

    TheCodeGeek
    TheCodeGeek
    Hello all, I am coming over from PFsense and trying out Sophos XG Firewall Home Edition because I have heard some good things. I have a web server hosting 3 websites with 3 different domains. IIS filters the traffic based on the domain and serves the…
    • Answered
    • over 4 years ago
    • Sophos Firewall
    • Discussions
  • SFOS 17.1.3 MR-3 HTTPS sessions are freezing.

    Maxim Grechikhin
    Maxim Grechikhin
    Hi all! Recently we got "XG 135 w" with subj firmware. After I configured all necessary policies and rules I performed a test launch by switching a couple of live users from old Cisco firewall to this new one. Our users work with cloud CRM via HTTPS…
    • over 6 years ago
    • Sophos Firewall
    • Discussions
  • With sites https:// -Error 502 with http and https disabled

    Mauro Bernal
    Mauro Bernal
    Hello: I have XG210 with SFOS 17.1.0 GA or SFOS 17.0.8 MR-8 Some websites with https: // do not load. Example: https://146.20.73.64 With http or https: Website not available The website you requested cannot be accessed. It may work if you…
    • over 6 years ago
    • Sophos Firewall
    • Discussions
  • Sophos UTM + HTTPS Scanning & Mobiles & Guests

    Super Sausage
    Super Sausage
    Good Morning, I've installed Sophos UTM this morning, got it all running and configured. I went to activate HTTPS scanning and instantly I've got a problem, How do the mobiles within my household (IPhones, Android) Get protected under this policy? Similar…
    • over 6 years ago
    • UTM Firewall
    • Web Protection: Web Filtering & Application Visibility/Control
  • Endpoint Protection - Policies - Web Control - Does NOT stop EXE downloads if HTTPS

    Ian Harris
    Ian Harris
    Endpoint Protection - Policies - Web Control - Does NOT stop EXE downloads if HTTP S Sophos has just made me aware there there "Endpoint Protect web filter DOES NOT WORK on http S " so people can download what ever they want if its http S .. Is everyone…
    • over 6 years ago
    • Sophos Endpoint
    • Discussions
  • Release of SWA v4.3.6 - Safesearch for Bing over HTTPS

    RichBaldry
    RichBaldry
    It's time for another small update for the Web Appliance. Version 4.3.6 will be going out to customers over the next couple of weeks. This version addresses a number of bugs that have been reported by customers. See the release notes for details. …
    • over 6 years ago
    • Web Appliance (Read Only)
    • Release Notes & News
  • Does HTTPS Decrypt and Scan check the original SSL certificate validity?

    Tony Ayre
    Tony Ayre
    I've been asked to answer a question here - when we have HTTPS Decrypt and Scan enabled, does the UTM check the validity of the original SSL certificate? So, for example, if it is revoked, would the UTM still do the Decrypt and re-encrypt, presenting…
    • Answered
    • over 6 years ago
    • UTM Firewall
    • Web Protection: Web Filtering & Application Visibility/Control
  • Web Server configuration.

    John Henry Vindas Carballo
    John Henry Vindas Carballo
    Hello all, I've been looking for information about the correct way to use the web server module on XG but I couldn't find anything. Also ask to a Live support agent on chat and he didn't have any document that could help me. So, what I want to know…
    • over 6 years ago
    • Sophos Firewall
    • Discussions
  • Decrypt & Scan HTTPS

    John Henry Vindas Carballo
    John Henry Vindas Carballo
    Hello all, I've been messing around with the certificate distribution using GPO. After create the default domain policy, adding the cert and force the gpo update I got the cert installed on my browsers (Firefox and Chrome) but I'm still getting the…
    • Answered
    • over 6 years ago
    • Sophos Firewall
    • Discussions
  • Sophos Central issues with HTTPS Inspection enabled

    StuartGreen
    StuartGreen
    Hi, Sophos Central has all sorts of issues when used on a network that has HTTPS Inspection running on the gateway. Does anyone know when Sophos Central will support HTTPS Inspection properly? Seems strange that Sophos would issue a product (the XG…
    • over 6 years ago
    • On-Premise Endpoint
    • Sophos Endpoint Software
  • Internal Server Error, can not access web-admin after upgrade from SFOS 17.0.1 MR-1 to SFOS 17.0.2 MR-2

    gladiatorf22
    gladiatorf22
    Hello every one, I have a sophos XG home Yesterday I can't access webadmin page after upgrade to the latest firmware, so in the below the error message i get it (Internal Server Error) So any one ca help me to resolve this issue Thanks in advance…
    • over 7 years ago
    • Sophos Firewall
    • Discussions
  • Release of SWA v4.3.4 - Important information for customers using HTTPS decryption

    RichBaldry
    RichBaldry
    A new version of the Sophos Web Appliance software is being rolled out starting this week. Version 4.3.4 combines a number of fixes for reported bugs, including a potential vulnerability reported to us by Christian Demko of MWR InfoSecurity. Thanks to…
    • over 7 years ago
    • Web Appliance (Read Only)
    • Release Notes & News
  • Deep packet inspection UTM and Endpoint protection

    Matthias Vrints
    Matthias Vrints
    Hi, I know that for deep packet inspection you need a computer to trust your selfmade CA. I know it can be distributed by a GPO, I wonder if this is possible: Enable Deep packet inspection on the UTM and force end point protection to install the CA…
    • over 7 years ago
    • UTM Firewall
    • (Read-Only) UTM-Managed Endpoint
  • Block all websites using https when Decrypt & Scan HTTPS is enabled

    buzz buzz
    buzz buzz
    Hi everyone! I have problem with the feature Decrypt & Scan HTTPS is checked. The situation is this, I am blocking facebook and youtube during office hours and to be able to block also facebook and youtube mobile apps I enable the Decrypt & Scan HTTPS…
    • over 7 years ago
    • Sophos Firewall
    • Discussions
>