• Can someone explain SSL/TLS inspection rules vs. Web Exceptions?

    CaseyWilkins
    CaseyWilkins
    Explain like I'm 5 (maybe a 5 year old is smarter at this point, who knows)... We have SSL/TLS inspection rules under "Rules and policies." One of these rules is the built in "Exclusions by Website, which references both a Local and Managed TLS exclusion…
    • 11 months ago
    • Sophos Firewall
    • Discussions
  • Instructions on WAF Custom Authentication Form with example: Clarifying Documentation

    Itility
    Itility
    The WAF custom authentication form in the documentation is not that clear and required several rounds of testing to fix. Below I've added code that is easier to modify and quickly get up to speed without 30 minutes of troubleshooting and testing. I…
    • 11 months ago
    • Sophos Firewall
    • Discussions
  • Web server protection skip filter but no rule ID

    Carlo
    Carlo
    Hello, I have trouble configuring WAF rule for one specific web server/service When I try to access service from inside on my pc I get 403 [Sun Jan 07 19:40:08.983664 2024] [authz_core:error] [pid 22769:tid 140041007253248] [client 10.2.1.10:52039…
    • 11 months ago
    • Sophos Firewall
    • Discussions
  • Sophos WAF

    Ilham Izzuddin Bin Sulaiman
    Ilham Izzuddin Bin Sulaiman
    Hello, I have a Peplink WAN gateway and a Sophos in the centre for routing from the core switch to the WAN.I have a problem: I cannot perform a waf for my webserver, which is hosted by peplink and the server are located at dmz, and my website is already…
    • 11 months ago
    • Sophos Firewall
    • Discussions
  • google translate

    GURUKRUPA EXPORT - SURAT
    GURUKRUPA EXPORT - SURAT
    want to unblock translate.google.co.in for all in xgs 2100
    • 11 months ago
    • Sophos Firewall
    • Discussions
  • SFOS and SG UTM affected by SMTP/EXIM CVE-2023-51766?

    FFin
    FFin
    Hi, are SOFS and SG UTM affected by CVE-2023-51766 (Sender Spoofing by SMTP)?
    • Answered
    • 11 months ago
    • Sophos Firewall
    • Discussions
  • Web and App policies, difference between "None" and "Allow all."

    EastCoastUser
    EastCoastUser
    When selecting a Web policy or an App policy from a drop-down list, there is a "None" option and also an "Allow all" option. If you select "None," doesn't that mean the same thing as "Allow all"?
    • Answered
    • 11 months ago
    • Sophos Firewall
    • Discussions
  • ERR_SSL_PROTOCOL_ERROR

    nayah
    nayah
    We installed a Sophos virtual appliance in bridge mode in front of a pfsense firewall in order to intercept all traffic within the LAN infrastructure of our network for reporting purposes. This is what our current topology looks like: LAN --> sophos…
    • 11 months ago
    • Sophos Firewall
    • Discussions
  • SFOS 20, Exchange 2019, WAF Active Sync

    Marco Walbert
    Marco Walbert
    Hi, i read a lot of posts about this Problem, but cant get it running. Made the WAF settings strictly by Sophos KB article, owa, outlook anywhere etc are running properly, but active sync isnt working. Log saus WAF Anomaly Inbound…
    • Answered
    • 12 months ago
    • Sophos Firewall
    • Discussions
  • Sophos FW blocking some appended signatures from Exclaimer Signature Manager V19.5.3

    RegencyBlue
    RegencyBlue
    Hello All, We have a situation where we have switched firewalls for incoming & outgoing mail from UTM to Sophos Firewall. We are using Exclaimer Signature Manager Exchange edition & are currently still in a Hybrid setup. For some reason, some outbound…
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • changing primary email address -> No Spam digest and user portal qurantine

    Timm Buse
    Timm Buse
    Hi all, we have changed for all our AD users the primary email address from <surename<@<domain>.de to <forename>.<surename>@<domain>.de No we have a big problem, that nearly no digest is send to the users. And if you take a look in the user portal…
    • Answered
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • Webserver hinter XGS erreichen

    DATA Admin
    DATA Admin
    Hallo zusammen, ich habe folgendes Problem. Ich habe eine UTM auf eine XGS umgezogen. Nun gehen folgende Verbindungen nicht mehr. Wir haben ein Firewall die hält das Server und das DMZ Netz zwischen dieser Firewall und der XGS besteht ein Transfernetz…
    • over 1 year ago
    • Sophos Firewall
    • German Forum
  • XGS - How to make an Exception for unauthenticated users

    Ingo Buyny
    Ingo Buyny
    Hello, on my old UTM i got an exception which gave web access to unauthenticated users to several domains like microsoft.com or windowsupdate.com. How is that possible on xgs? The Webfilter does not contain an exception for authentication.
    • Answered
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • Does Web server protection (WAF) support HTTP/2 in SFOS v20?

    IT Racom
    IT Racom
    I've been reading some discussions about WAF support for HTTP/2 before. Is it available in the new SFOS v20? Or is it planned for some next MR?
    • Answered
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • WAF - Static URL Hardening error

    FFin
    FFin
    SFOS 19.5MR3 I'm getting multiple WAF-Logentrys with exact same URL (upper-/lowercase) - one request passes correctly the other one fails due to "Static URL Hardening - No Signature found". As it's same exact same URL it's probably not a configuration…
    • Answered
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • docusign TLS decryption error - HTTP parsing error encountered

    LHerzog
    LHerzog
    Using TLS decryption and vendor Docusign suddenly causes issues with our XG firewall on 19.5.3. Happens also on other browsers and OS. Here Safari in MacOS. it works using classic proxy as described here: https://support.sophos.com/support…
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • Video conferencing in web browser

    Jonas Stadler
    Jonas Stadler
    Hello everyone, we have been having problems with video conferencing via browser for some time now. We are using a XG 230 in webproxy mode with HTTPS decryption, IPS and ATP activated. The clients are configured with a standard / manual proxy. Everything…
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • SSL/TLS Decryption rule errors

    Akilae
    Akilae
    Hello everyone, Since v20 I need to disable / enable a SSL/TLS Decryption rule nearly every to every 2 days. It stops processing traffic and on a client device it "feels" like the internet is down. This instantly recovery after disabling / enabling…
    • Answered
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • WAF not working after Upgrade to SFOS 20.0

    EDV
    EDV
    We have updated our XGS3300 to SFOS 20.0 a few days ago. Since then our WAF ist not working. AH00526: Syntax error on line 106 of /cfs/waf/reverseproxy.conf: Invalid encrypted key AH00112: Warning: DocumentRoot [/sdisk/waffiles/1cf6480d9dcdd33a4319301e0d8ef22b…
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • HTTPS decrypt and scan - not identifying embedded URLs

    rfcat_vk
    rfcat_vk
    Hi folks, a question about decrypt and scan that has me puzzled for sometime. The users have the XG certificate installed and functioning correctly except for Apple sites. I have web policies blocking advertisements and use the XG proxy, this functions…
    • Answered
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • SMTP DoS settings (methodology)

    scrvlz
    scrvlz
    Have already been referred here: https://doc.sophos.com/nsg/sophos-firewall/19.5/help/en-us/webhelp/onlinehelp/AdministratorHelp/Email/GeneralSettings/index.html#smtp-settings I wonder if any of you guys can share with me what and why your settings…
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • Sophos SFOS WAF Rules limit

    admin_idl
    admin_idl
    Hello, We use the Web Server Protection of Sophos XG Firewall and have now reached almost 60 WAF rules. This is also the maximum number of WAF rules. Is it possible to combine several URLs in one WAF rule and route them to different servers? WAF rule…
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • XG Web policy numbering?

    rfcat_vk
    rfcat_vk
    Hi folks, I am trying to identify which web policy is identified on the logviewer reports causing traffic to be blocked. So far the reports have shown policies numbered 1, 2 and 13. The issue being I don't have 13 web policies and policies 1 and 2…
    • Answered
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • Check weblinks in e-mails

    Technik Technik1
    Technik Technik1
    Hello everyone, I have the following question. We have a customer with an XGS 3100 with version 19.5.3. The Sophos serves as a mail gateway/relay and is connected to Sandstorm. Now the question was whether Sophos can also check web links within incoming…
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • Incoming messages are sent to quarantine even though quarantine is deactivated

    Gerhard Seemüller
    Gerhard Seemüller
    Hello, as the shared mailboxes that we use almost exclusively cannot use the mail quarantine, we have not been using mail quarantine since the switch to SFOS. Recently, however, important messages have been ending up in quarantine again due to an allegedly…
    • Answered
    • over 1 year ago
    • Sophos Firewall
    • Discussions
<>