Hallo zusammen, wie stelle ich ein das der Host FQDN sich aktualisiert sobald eine neue IP vorhanden ist? Aktuell muss ich auf den FQDN gehen und auf speichern drücken um die aktuelle IP zu bekommen. Firmware: SFOS 20.0.0 GA-Build222 console> show…

Hello, regarding to this post: LLMNR disabled - DNS resolution no longer works over VPN when will version 2.3 of sophos connect be published? kind regards

I have some services running on a local server behind a reverse proxy and those services are protected from access outside IP subnets not specified in the reverse proxy settings. In my local router, I have the addresses for all these services listed…

On my phone connected via OVPN I can access local network resources by IP but name resolution won't work. VPN: SSL VPN (remote access) I have Policy Members setup Use as default gateway is on Permitted network sources IPv4 is set to my local LAN VPN…

Hi All... Customer has XG135 (SFOS 19.5.3 MR-3-Build652), Sophos is the main DHCP server for the network, for the last few months we have been battling with a strange issue. Sophos LAN IP is 172.16.0.10 Internal Microsoft DNS server 172.16.0.1.…

Disclaimer : This information is provided as-is for the benefit of the Community. Please contact Sophos Professional Services if you require assistance with your specific environment. ______________________________________________________________________________________________________________________________________…

Good evening everyone, a customer of mine has currently patched an XGS firewall (SFOS 20.0.0 GA-Build222). The customer had a vulnerability scan with a result of 1 Medium CVSS. Namely: DNS Server Recursive Query Cache Poisoning Weakness www.tenable…

Hi, when using SSLVPN in split-tunnel mode, DNS resolution to internal resources is not possible. A ping returns "Host not found". When I perform a nslookup, the XGS is contacted and resolves successfully. I've also tried several VPN clients, including…

Hello, I have the following problem. We have two Active Directory Windows DNS servers on the internal LAN. They have entered the Sophos XG Firewall as a DNS server as a forwarding. The Sophos XG Firewall itself queries public DNS servers on the…

Hi all, sophos XGS3300 with SFPS 19.5. In my internal network I want to decommission an old Windows Domain Controller. That DC still logs multiple DNS requests from the Sophos (Azure Cloud and other requests) per Minute. I removed that DC as Authentication…

Instead of manually entering DNS IP addresses into the DNS fields, it would be nice if we could use an IP host instead. Say you wanted to use google as your DNS. A user could create an IP host called "Google DNS servers" of the two IP addresses 8.8.8…

I would like to get an opinion on firewalled subnets for security. This would be LAN subnets only. Subnet A is servers and subnet B is desktops. Subnets A and B have outbound internet access only. Subnet B (desktops) need to access Subnet A (Servers)…

Good day l have a client with a sophos xg 310, they did a security audit report on their network. and the report came with this queries for DNS server allows cache snooping. l want to Restrict the processing of DNS queries to only systems that should…

Hello, When I use Sophos as the DNS server, I sometimes get a timeout for the DNS resolution. I also tried it directly from the XGS CLI. CLI: XGS107_SN01_SFOS 19.5.4 MR-4-Build718# nslookup google.de. 1.1.1.1 Domain Name Server# 1.1.1.1 Domain Name…

Als ehemaliger Astaro/Sophos Partner finde ich bis heute die UTM um längen besser als die XG mit der UTM beschäftige ich mich seit 2008. Aus diesem Grund war die Motivation sich mit der XG zu beschäftigen nach Stunden immer wieder dahin. Jetzt ist die…

hello configuring DHCP lease on XGS 107 firewall in "DNS server" section there is only 2 fields, is there a way to have the DHCP provide 3 DNS to clients Thanks Elie

Hi, I want some local DNS servers to do DNS over TLS (DoT) and have configured them accordingly. I created a rule allowing TCP 853 for those hosts - both IPv4 and IPv6. Because of IPv6 is assigned via PD I used the client MAC address (on local LAN…

Hello, I've Sophos XG installed in between ISP modem and router. The XG in bridge mode with LAN and WAN bridged together. The router and LAN all have internet access. However, Sophos XG doesn't - what I mean by that I can't update firmware for instance…

Hello all, I have a specific NAT question and problem, the reason would be, that am not a native or excellent networking guy... so learning by doing and reading specific when needed. Maybe someone could help me. In my home network I use a XG as…

When forwarding DNS to servers like 1.1.1.1 or 8.8.8.8, is it possible to do so using DoH?

Hi Sophos Community, I've got a XGS126 on SFOS 19.5.3 with IPsec and SSL VPN enabled. Now my client wants to use VPN to connect to certain Windows machines in the LAN over RDP using the NetBIOS names. Is there a way to do name resolution on the XGS…

good morning we should create a configuration for our 3cx switchboard that resolves the name of the 3cx FQDN to an internal address of our network. The device supplied is XG106w (SFOS 19.5.3 MR-3-Build652), I have not found any guides that solve the problem…

Can the DHCP server register a name/address in DNS

Hi, following problem. We use Sophos Connect Client version 2.2.90.1104 on Windows 10 and 11 and IPSec VPN. We set a prefered DNS on firewall. After the VPN connect, the DNS server is set on the VPN adapter settings in Windows. Than the problem began…

I have the below deployment on my environment Devices/Servers - Sophos XG 210 FW (Assigned it's own Public IP [i.e. x.x.x.67]) - Switch (Cisco ) - Connects all the APs and Servers - 3 Server (1 Web server with it's own Public IP [i.e. x.x.x.68…