Hi i have an UTM firewall and need to block HTTPS traffic between two networks on the UTM.
Currently i can browse from one interface in vlan A to another interface in vlan B, but i want to block that. Looks like there are no firewall rules which allows…
Hi all
I have just provisioned a new WAN interface (LTE router) as a failover WAN at a site with latest UTM.
Any traffic from this WAN that hits an SSL endpoint on UTM or LAN (incl. WebAdmin, SSL VPN, SSH & other HTTPS servers) simply times out. …
Hi, when opening a streaming h264 video on a website over http (does not occour via https!) we get this message:
When we disable "Realtime-Scanning" -> "Internet" the video plays fine.
Can anyone guide me on how to prevent the delayed playback/warning…
Hello everybody, I'm currently trying the Web Protection. I understood how it works, transparent/standard mode, etc.
However, I noticed that lots of things don't work in case HTTPS is configured on "URL filtering" only (download scanning, download checks…
Hallo zusammen,
ich habe folgendes Problem, wofür ich auch mit viel Suche keine Lösung gefunden habe.
Ich habe STAS konfiguriert - funktioniert auch - die Benutzer, welche surfen werden automatisch angelegt
Single Sign on ist aktiviert und die AD…
I Have an issue with Sophos SG 135 UTM .I get a message "HTTP PROXY RESTARTED " and this particularly happens during the sessions of Teams Calls .see below details of UTM Model: SG135 Subscriptions: Base Functionality Email Protection Network Protection…
Hallo Forum,
zuerst: vielleicht denke ich hier etwas kompliziert, aber eine "einfachere" Idee kam mir bisher nicht.
Ich habe eine VM in meinem "Internal" LAN. Diese stellt nur einen HTTP-Dienst (TCP 80) nach außen zur Verfügung.
Darum habe ich diese…
[this is now an FYI, as whilst writing this, I found the issue - others may benefit from this, so i'll complete the post]
I have a single PC on my network, and some https traffic (all to either google, facebook or instagram) is being dropped against…
Hi,
on our XG I found this logs frequently
;Time;Log subtype;Username;Src IP;Dst IP;Category;URL;Bytes sent;Referrer;Message ID;Policy ID;;
Web filter;27.01.2021 12:28;Denied;xxx;xxx;35.201.108.94;Spyware & Malware;https://logs.spilgames.com/lg/pb…
users reported sites not loading showing the error SSL_ERROR_RX_RECORD_TOO_LONG.
this is caused by intercept X Web Control function.
When I disable this feature, the websites are loading fine.
example:
https://www.weihnachtsbaum-heidelberg.de…
I have a customer with Multiple sites with XG105. Currently running 17.5.14 and I need to be able to run a report that shows either the hostname or the IP of the computers surfing YouTube. They don't want to block it but they want to see who is using…
Hello all,
I am coming over from PFsense and trying out Sophos XG Firewall Home Edition because I have heard some good things. I have a web server hosting 3 websites with 3 different domains. IIS filters the traffic based on the domain and serves the…
Hi all!
Recently we got "XG 135 w" with subj firmware. After I configured all necessary policies and rules I performed a test launch by switching a couple of live users from old Cisco firewall to this new one.
Our users work with cloud CRM via HTTPS…
Hello:
I have XG210 with SFOS 17.1.0 GA or SFOS 17.0.8 MR-8
Some websites with https: // do not load.
Example: https://146.20.73.64
With http or https:
Website not available
The website you requested cannot be accessed. It may work if you…
Good Morning,
I've installed Sophos UTM this morning, got it all running and configured. I went to activate HTTPS scanning and instantly I've got a problem, How do the mobiles within my household (IPhones, Android) Get protected under this policy? Similar…
Endpoint Protection - Policies - Web Control - Does NOT stop EXE downloads if HTTP S
Sophos has just made me aware there there "Endpoint Protect web filter DOES NOT WORK on http S " so people can download what ever they want if its http S ..
Is everyone…
It's time for another small update for the Web Appliance. Version 4.3.6 will be going out to customers over the next couple of weeks.
This version addresses a number of bugs that have been reported by customers. See the release notes for details.
…
I've been asked to answer a question here - when we have HTTPS Decrypt and Scan enabled, does the UTM check the validity of the original SSL certificate? So, for example, if it is revoked, would the UTM still do the Decrypt and re-encrypt, presenting…
Hello all,
I've been looking for information about the correct way to use the web server module on XG but I couldn't find anything.
Also ask to a Live support agent on chat and he didn't have any document that could help me.
So, what I want to know…
Hello all,
I've been messing around with the certificate distribution using GPO.
After create the default domain policy, adding the cert and force the gpo update I got the cert installed on my browsers (Firefox and Chrome) but I'm still getting the…
Hi,
Sophos Central has all sorts of issues when used on a network that has HTTPS Inspection running on the gateway.
Does anyone know when Sophos Central will support HTTPS Inspection properly? Seems strange that Sophos would issue a product (the XG…
Hello every one,
I have a sophos XG home
Yesterday I can't access webadmin page after upgrade to the latest firmware, so in the below the error message i get it
(Internal Server Error)
So any one ca help me to resolve this issue
Thanks in advance…
A new version of the Sophos Web Appliance software is being rolled out starting this week. Version 4.3.4 combines a number of fixes for reported bugs, including a potential vulnerability reported to us by Christian Demko of MWR InfoSecurity. Thanks to…
Hi,
I know that for deep packet inspection you need a computer to trust your selfmade CA. I know it can be distributed by a GPO, I wonder if this is possible: Enable Deep packet inspection on the UTM and force end point protection to install the CA…
Hi everyone!
I have problem with the feature Decrypt & Scan HTTPS is checked.
The situation is this, I am blocking facebook and youtube during office hours and to be able to block also facebook and youtube mobile apps I enable the Decrypt & Scan HTTPS…