Hi Guys, Sorry for the Noob question. I am still pretty new to Sophos. Do you guys have a best practice on how to properly lock down a firewall esp the WAN to LAN and LAN to WAN Firewall Rule? Appreciate all the help from this really responsive…

After a year, I've decided to try Sophos XG again. Currently using UTM 9.5 - which has its issues, but works well. I am trying to find out how to force all web requests through the proxy port. Sadly, I'm not getting far with Sophos XG. If I add a…

Greetings, Trust you are doing well, We are building our network from scratch. For the Wi-Fi part, we are going to use Aruba WCL 7010. 4 VLANs created, each one for separate SSID. for example: 1- VLAN1: 192.168.1.0/24 2- VLAN2: 192.168.2.0/24…

Moved over to the XG this weekend from a SonicWALL NSA4500. I'm in the office and connecting to my laptop via Teamviewer. I had a connection around 11AM this morning and announced to everyone that the FTP was back up. By 11:30 I had to announce that it…

HTTP redirection feature for a firewall rule is no longer working after upgrade to SFOS 16.05.4 MR-4. Any HTTP requests that match the particular rule are supposed to be automatically redirected to a HTTPS request, but that it is not happening. The HTTP…

Hi there, since a few weeks now we've got the problem, that PureMessage won't update its spam rules. We've opened two different tickets and talked to different Sophos supporters but both told me, that "it must be a problem with our infrastrucutre…

Good day, today I switched to Realtime scanning in Web>Protection>MalwareScan mode. Now the downloads are much faster, but when I try to download EICAR Testfile, there is no "Virus Found" Notification. The file won't be downloaded, but I only…

Hi, i have a server behing a xg135, behind it a server who i want to connect to gmail to make a smtp conecction. I configured a rule, no filters, only masq lan to wna, but does not work. On the log i obtain this: 2017-05-17 16:02:36 …

I'm missing something. I have several firewall rules that have had their traffic shaping policy setting change to "User's policy applied" but I cannot find where this setting is coming from. So I don't know what traffic shaping is being applied. Since…

I've started to build a few firewall rules in Sophos XG. The drag and drop function seems to be very hit-and-miss. I can click on the icon and get the mouse cursor to change to a 4-way arrow but then when I click to drag it just starts highlighting text…

Here is my issue: I have a two sites connected via MPLS link Site A 192.168.2.0 Site B 10.0.0.0 Site A IP phones can't communicate with the IP Phone Controller (10.0.5.1) located at Site B IP routes have been created on XG to route traffic…

Hello A have configured on cyberoam cr50ing two subnets Lan1 192.168.2.0/24 with dhcp Lan2 192.168.0.2/24 with dhcp How can i set to comunicate this two lans each other? I can't see or share file for one lan to another.

I was playing around with the policy to check different combination. I´ve added a Mac host with a mac adress inside und applyed this policy. After that i delete this policy and i would delete the MAC host also but this is not possible. I can not delete…

Hello! I've recently upgraded from UTM 9.4 to XG at home. On setup I set the default firewall policy to "Accept any service going to "WAN" zone, when in "LAN" zone, and coming from any network". This allows for a bit much in my opinion, so I disabled…

Hi, I have a cPanel Server with Bind Name Server behind the firewall with many hosting domains inside, websites, emails, ftp, etc. All services work correctly doing NAT with the required ports. The only problem is the DNS server (BIND). I do NAT of…

Hallo alleseits, ich benötige einen Tipp oder besser eine Lösung für folgendes Problem. Ich benötigen einen Auszug aller Rules um sie 1. einem Auditor vorlegen zu können und/oder 2. sie in jeglicher Form zu dokumentieren. Im Zweifel auch zur Not…

TLDR; when I take an OS X laptop off the network and bring it back on, the XG firewall doesn't detect it's heartbeat. So we've had an xg310 firewall that's been running for about two months. Whenever we turn on the heartbeat on a rule, it blocks all…

Interesting issue here... We have a client that has retail stores and they use POS systems. Basically they have a POS software that talks out to another provided to process transactions. What happens is that periodically they get communication failures…

Forgive me, still a newbie with the Sophos XG's. I am accustomed to Fortinet, sonicwall, and watchguard appliances, so this question may be a real noob one. I have a sophos XG85 I set up, using a TDS connection for the WAN. I am migrating this site…

hello all, I am trying to connect remotely to another network using VMware Horizon View (PCoIP) over UDP/TCP port 4172. I have created the firewall rule to allow the traffic to go out the firewall to the remote site, but it is still showing up in the…

Hi sophos team, I just want to confirm that if i create a rule is zone LAN to zone DMZ and network is (GF)10.10.0.0 to (SERVER)192.168.1.1/32 is that same with zone ANY to zone ANY and network is (GF)10.10.0.0 to (SERVER)192.168.1.1/32? the priority…

I am new to this and just finding my way around setting up utm/firewalls i have a 2 firewall setup an internal sophos utm 9 ffirewall and an external firewall The internal firewall sophos utm 9 is setup where all computers and mobile devices are behind…

HI, I have set NAT an FW to allow bittorrent use port 35951 (TCP/UDP) all looks ok but at live FW log i see lot of DROPs at this port 19:03:28 Default DROP TCP 178.40.178.147 : 50762 → WAN IP : 35951…

Hi. It seems like country blocking is not working for WAN -> LAN (or any other protected network behind XG Firewall). I have tested this with a proxy in the blocked countries. I have this rule at the top of the list and network traffic still passes…