• WAF - Static URL Hardening error

    FFin
    FFin
    SFOS 19.5MR3 I'm getting multiple WAF-Logentrys with exact same URL (upper-/lowercase) - one request passes correctly the other one fails due to "Static URL Hardening - No Signature found". As it's same exact same URL it's probably not a configuration…
    • Answered
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • docusign TLS decryption error - HTTP parsing error encountered

    LHerzog
    LHerzog
    Using TLS decryption and vendor Docusign suddenly causes issues with our XG firewall on 19.5.3. Happens also on other browsers and OS. Here Safari in MacOS. it works using classic proxy as described here: https://support.sophos.com/support…
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • Video conferencing in web browser

    Jonas Stadler
    Jonas Stadler
    Hello everyone, we have been having problems with video conferencing via browser for some time now. We are using a XG 230 in webproxy mode with HTTPS decryption, IPS and ATP activated. The clients are configured with a standard / manual proxy. Everything…
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • SSL/TLS Decryption rule errors

    Akilae
    Akilae
    Hello everyone, Since v20 I need to disable / enable a SSL/TLS Decryption rule nearly every to every 2 days. It stops processing traffic and on a client device it "feels" like the internet is down. This instantly recovery after disabling / enabling…
    • Answered
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • WAF not working after Upgrade to SFOS 20.0

    EDV
    EDV
    We have updated our XGS3300 to SFOS 20.0 a few days ago. Since then our WAF ist not working. AH00526: Syntax error on line 106 of /cfs/waf/reverseproxy.conf: Invalid encrypted key AH00112: Warning: DocumentRoot [/sdisk/waffiles/1cf6480d9dcdd33a4319301e0d8ef22b…
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • HTTPS decrypt and scan - not identifying embedded URLs

    rfcat_vk
    rfcat_vk
    Hi folks, a question about decrypt and scan that has me puzzled for sometime. The users have the XG certificate installed and functioning correctly except for Apple sites. I have web policies blocking advertisements and use the XG proxy, this functions…
    • Answered
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • SMTP DoS settings (methodology)

    scrvlz
    scrvlz
    Have already been referred here: https://doc.sophos.com/nsg/sophos-firewall/19.5/help/en-us/webhelp/onlinehelp/AdministratorHelp/Email/GeneralSettings/index.html#smtp-settings I wonder if any of you guys can share with me what and why your settings…
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • Sophos SFOS WAF Rules limit

    admin_idl
    admin_idl
    Hello, We use the Web Server Protection of Sophos XG Firewall and have now reached almost 60 WAF rules. This is also the maximum number of WAF rules. Is it possible to combine several URLs in one WAF rule and route them to different servers? WAF rule…
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • XG Web policy numbering?

    rfcat_vk
    rfcat_vk
    Hi folks, I am trying to identify which web policy is identified on the logviewer reports causing traffic to be blocked. So far the reports have shown policies numbered 1, 2 and 13. The issue being I don't have 13 web policies and policies 1 and 2…
    • Answered
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • Check weblinks in e-mails

    Technik Technik1
    Technik Technik1
    Hello everyone, I have the following question. We have a customer with an XGS 3100 with version 19.5.3. The Sophos serves as a mail gateway/relay and is connected to Sandstorm. Now the question was whether Sophos can also check web links within incoming…
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • Incoming messages are sent to quarantine even though quarantine is deactivated

    Gerhard Seemüller
    Gerhard Seemüller
    Hello, as the shared mailboxes that we use almost exclusively cannot use the mail quarantine, we have not been using mail quarantine since the switch to SFOS. Recently, however, important messages have been ending up in quarantine again due to an allegedly…
    • Answered
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • Why are SMTP Mail "Reject" events not logged properly?

    Lars Holte
    Lars Holte
    I can only see "Reject" events in the GUI when going to Email -> Mail logs. I do not find them anywhere in any of the built-in logs and they are also not sent as audit logs. The other SMTP Anti-spam events "Dropped" and "Delivered" are both logged in…
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • Outgoing SMTP Traffic

    admin_idl
    admin_idl
    Hello, We use 2 WAN interfaces but want to route the outgoing SMTP traffic via one interface. What would be the best approach here?
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • Do I need to use auto added Firewall rule for SMTP scanning?

    jek
    jek
    Hi, I am prepairing configuration to use XGS as MTA and I have some questions which I don't find answers to. Current situation: External MX and MAIL-out server are used, Exchange is set up locally. We have /24 public IPs on that site and only…
    • Answered
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • Enable users to integrate external mail server accounts (via IMAP/SMTP) with Sophos XG330 acting as an MTA in our network

    woody
    woody
    Good day, our Sophos XG330 acts as an MTA in our network. We have an on-premise Exchange server for whose domain we have created an SMTP policy in the Sophos email settings. This is working very well so far. Now we have to enable our users to integrate…
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • Is it possible to offload HTTPS on the Sophos fw and send plain HTTP to the real server ?

    Jochen Siers
    Jochen Siers
    Is it possible to decrypt HTTPs on the firewall and send plain HTTP to the webserver (without encrypting it again)? Thanks!
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • WAF & large files – how do you deal with it?

    dirkkotte
    dirkkotte
    Hi all, When AV or other protection features are enabled, we keep running into various problems while uploading large files. Sometimes the disk space (Temp=100%) seems to be the cause, sometimes other internal buffers. We have the requirement to allow…
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • Outlook translator feature blocked

    Obaida Thunibat
    Obaida Thunibat
    Hi, Outlook translator feature isn't working; I received this error, as seen in the below photo, and was unable to find out how to allow the traffic for the Outlook translator tool As I add my IP address to any destination + any port. The translation…
    • Answered
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • Stop! This website is blocked

    Dragos Avram1
    Dragos Avram1
    Hello everyone, Recently i noticed a bunch of tickets regarding the following. i want to go on facebook, but facebook is blocked. instead of the blocked page i get Error code: SEC_ERROR_UNKNOWN_ISSUER(firefox) or NET::ERR_CERT_AUTHORITY_INVALID…
    • Answered
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • Firewall in MTA mode not sending out mails

    Sven OlafSchuran
    Sven OlafSchuran
    Hello, I delete the MTA SMTP default rule, cause it seems to do to much. How is this rule used? How do I get it back? MTA Switch to Legacy and back? Config stays at it is? Thanks Sven
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • SMTL TLS Configuration Setting

    Dhaval User
    Dhaval User
    We disabled legacy TLS protocols and some of the legacy vulnerability did get mitigated. But we still have TLS1.1 vulnerabilities as per our vulnerability assessment tool. Is Sophos planning on removing TLS1.1 support from SMTL TLS config setting? what…
    • Answered
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • Annahme von Email an unbekannte Empfänger

    KarstenFL
    KarstenFL
    Moin, unsere XGS reicht immer noch Emails an den Exchange durch, für User, die nicht mehr aktiv sind. Beispiel: Wir hatten früher einen User T.Test@ unsereDomaine.de . Diesen User gibt es nicht mehr. Im AD und im Exchange gibt es diesen User und auch…
    • over 1 year ago
    • Sophos Firewall
    • German Forum
  • SFOS 19.5.3 MR-3: Web Server Protected, Path-Specific routing - should this config work?

    gavo_nz
    gavo_nz
    Hi, I have a WAF rule configured for path-specific routing, however, the routes I am specifying are all to the same target web server, but with different restrictions. e.g. / - restricted to specific IP ranges, target sevrer1 /myapp/ - not restricted…
    • Answered
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • EMAIL DKIM issue QUARANTINE with policy allowed

    philbert
    philbert
    We use Sophos Firewall as EMail Protection for incoming Mails. Firmware: SFOS 19.5.3 MR-3-Build652 SMTP deployment mode: Device acts as a Mail Transfer Agent (MTA) DKIM Settings: DKIM is set to accept, some mails will be quarantined by DKIM verification…
    • Answered
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • Sophos XG Firewall allow http download

    Simplified Sam
    Simplified Sam
    I am not sure which settings is causing it, but i have hard time finding anything usefull about it. On my network only https is allowed, now we got arduino boards which sadly downloads over the app their zips(firmware) over http (without the S ..…
    • over 1 year ago
    • Sophos Firewall
    • Discussions
<>