Hello community, we wanted to add rdp files to the list of blocked e-mail attachements. Under blocked filetypes we added "rdp" but such attachements are not blocked. Other filetypes like f.e. "xls" are blocked correctly. Do we have to add the rdp…

Hallo zusammen, nachdem ich das Problem mit den Zertifkiaten in folgendem Thread gelöst habe, Sophos XG Lets Encrypt Zertifikat stehe ich jetzt vor dem Problem die WAF ein zu richten. Hier mal die Konfig wie es bei mir im Netz aussieht: Router…

I need to block thumbnail for websites can we do it with Sophos Firewall

Hello Good Day, I m using Sophos XGS 136 and web policy roles are working well but after a while when I search for sex images they appear but do not open the website. So please how to not appear in searching engine.

Hello everyone!! I have a problem accessing a certain GitHub URL. For example, when I try to update Pi-hole the address objects.githubusercontent.com cannot be resolved: At first, I thought it was an issue with Pi-hole itself or with openDNS…

Dear all, I have Installed the Sophos SFOS 21 on a VM on Hyper V, and I am facing Issues with the WAF. I have a internal WebServer where you can gain access over Port 8080, I want to know if it is possible to access the WEB-Server over Public…

Olá Pessoal tudo bem? Me Chamo Marcos, estou fazendo a primeira implantaçao de um Firewall Sophos em um ambiente, o equipamento é um (XGS 107 Security Appliance). Fiz toda configuração inicial e ele ainda esta em modo padrão sem nenhum filtrou ou…

Hi i want to ask the configuration of (WAF) regarding customer request to enable an additional port, specifically port 11883.HTTPS is currently enabled and functioning without issues. To accommodate the client’s request for port 11883, I have created…

Buen Día, Quisiera saber por qué al trata de acceder a la siguiente URL https://gala.com.pa/ no carga al realizar la petición desde cualquier segmento de red LAN. Se realizan pruebas: Permitiendo el dominio y la ip de la url Se agrega como…

I have TLS inspection setup on my main network running through a Sophos XG (20.0.2 MR-2) and am trying to setup Google Passkeys for G-Mail. The passkeys were setup using a different network connection, and they do work on another network. If I go through…

Good morning everyone. Since the function of a company depends on the LDAP query, I would consider it extremely important to receive a warning. If the LDAP query fails. The MTA then no longer checks users if the connection to LDAP is disturbed (it cannot…

Lots of posts about this. Here is an example. AD SSO - Cannot establish NTLM authentication channel with xxx Seems like the recommendation is to disable AD SSO in all zones. But what if we want SSO so we can log user web traffic? Why might we want…

Schönen guten Tag zusammen, folgendes ist mir grade aufgefallen. Wenn das ADDS nicht erreichbar ist, lässt der Sophos-MTA, Mails zum E-Mail-Server durch, an Empfänger die es gar nicht gibt! Dann antwortet der Mail-Server postmaster@Domäne.de sorry die…

Hello there, I have a customer who may want to buy a Sophos Firewall with the main reason of using it as a Web Proxy Server. Unfortunately I could not find information regarding WebSocket traffic inspection. My guts tell me that the SFOS will inspect…

Issue Summary: Slow Speed test SSL/TLS Inspection Summary of Call Discussion: Traffic for the test system (172.xxx.xx.8) was passing through rule ID #2. We observed a speed of 36 Mbps with the SSL/TLS inspection rule enabled. After disabling the…

Hi everybody, we have installed a Sophos v20 MR2. However, we had to realize that the spam filtering is very poor compared to the UTM. The Sophos is acting as an MX and works in MTA mode. Spam protection is active as a policy and basically has all options…

Hi Community... Please assist - Customer has a sophos 125 XG SFOS 20.0.2 running web filter and support license only- Web filtering works fine - Customer requested a report on a specific user on websites visited/ internet usage - Reports show IP address…

hello, I have a really old queued mail found within mail spool. in this case the email is not (was not) important, but how can that happen? In the meantime, many new emails have been delivered from the same sender to the same recipient. I'm asking because…

Affected Version: SFOS 20.0.2 MR-2-Build378 When creating a new SMTP route & scan policy in Protect > E-Mail > Policies & exceptions you are unable to enable "Reject based on RBL". When you already have an existing SMTP Route & scan policy with "Reject…

Many of us are using Cloudflare or similar services to protected their Extranet / Webmail and other public websites using the Sophos WAF. It's possible to display the real IP addresses on any Linux servers behind the firewall by enabling Pass host header…

This is more of a "Help the next guy out" post. So, I was thinking that my email was unusually quiet for the past couple of days, so I finally got around to checking things out, and discovered that I hadn't received any email for 3 days!!!. Did the…

Hi All, Anyone else having issues with iOS18 devices connect to Sophos FW with Web Filtering set to 'Default Policy' and unable to send RCS messages to Android devices? As soon as i turn off Wifi and force cell service, RCS works As soon as i disable…

Hi, i have a little situation here i don't know how to handle, hopefully someone can give me a hint. Our ISP gave us two public accessible IPv4 adresses, x.x.x.6 and x.x.x.7, however our public gateway is x.x.x.5. Our WAN Interface in the Firewall…

Hello, I need support with configuring mail traffic (SMTP) from external via noSpamProxy (DMZ) to the internal Exchange (LAN) and back again. I have largely followed the Sophos instructions "Protect internal mail server in legacy mode" ( ( https://docs…

Hello all, we are using our Sophos XGS-Firewall as a SMTP proxy with MTA. We have an Exchange Hybrid environment. The mail flow right now is as following: OUTBOUND: Exchange Online -> The internet INBOUND: The Internet -> XGS -> Exchange OnPrem…