• Appliance Access denied

    midnightSun
    midnightSun
    Anyway to turn these off from showing in the logs? Thx
    • Answered
    • 11 days ago
    • Sophos Firewall
    • Discussions
  • AD Accounts locked by brute force despite MFA & ACL rule

    Markus Quirmbach
    Markus Quirmbach
    Hello everyone, we have a XGS set up with SSL VPN, the VPN Portal, AD integration and MFA for every user. Currently we are facing brute force attacks on the VPN Portal. We tried to prevent those by setting up an ACL rule which is blocking countries…
    • 1 month ago
    • Sophos Firewall
    • Discussions
  • Alert ID: 17913

    leo leo
    leo leo
    Hallo zusammen, seit Donnerstag bekomme ich ständig die Warnung mit folgender Nachricht: Message: Access from IP address '92.53.65.166' is blocked for '5' minutes after '5' unsuccessful login attempt. Unsere Firewall ist Alert for XGS2100…
    • 2 months ago
    • Sophos Firewall
    • Discussions
  • VPN Portal getting hammered by password spraying attacks - Russia and elsewhere

    DG1
    DG1
    On September 4, our Firewall VPN Portal was attacked from IP 92.53.65.166 (Russia) with hundreds of login attempts for different usernames. After bloicking this, today (September 8) we have been hammered by another attack, this time from hundreds of different…
    • Answered
    • 2 months ago
    • Sophos Firewall
    • Discussions
  • How to create a sample rule for password spraying attacks

    duzcebelediye bilgiislem
    duzcebelediye bilgiislem
    Since today we have been experiencing massive password spraying attacks on many Sophos firewalls, especially on the VPN portal, which listens to port 443. Apparently these are attacks from Russia with the IP 92.53.65.166. How can I create a rule to prevent…
    • Answered
    • 3 months ago
    • Sophos Firewall
    • Discussions
  • Zugriff auf das User Portal durch den VPN Tunnel

    TobiasSchubert
    TobiasSchubert
    Hallo, wir haben zwei Sophos durch einen SSL-VPN Tunnel verbunden. Ich möchte gern durch diesen Tunnel auf das User-Portal zugreifen. Die Pakete kommen auch dort an, aber laut trace gibt es einen Verstoß gegen die ACL: Violation; Local_ACL Lt…
    • Answered
    • 8 months ago
    • Sophos Firewall
    • German Forum
  • https service in wan zone

    Fadi_Hamamdeh
    Fadi_Hamamdeh
    Dears, I have a two firewalls, main firewall and a secondary firewall, and there is a connection between them through a VPN, in the past, access to the remte firewall from the main headquarters was through the VPN port, but now, when I want to enable…
    • 9 months ago
    • Sophos Firewall
    • Discussions
  • Nmap shows open Ports on WAN

    Hans_Dampf
    Hans_Dampf
    hi, if I scan the WAN IP from my Sophos Firewall, i can see open Ports, like: PORT STATE SERVICE 21/tcp open ftp 22/tcp filtered ssh 23/tcp filtered telnet 25/tcp filtered smtp 53/tcp filtered domain 80/tcp open http 110/tcp filtered pop3 111/tcp…
    • 10 months ago
    • Sophos Firewall
    • Discussions
  • Web console access via WAN 19.5.3

    mk659
    mk659
    First off I understand the security implications of enabling web admin access via WAN. I've added a Local services ACL exception rule to permit one IP to the WAN interface for SSH/HTTPS access, however I still cannot enable https on the WAN interface…
    • Answered
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • Local admin services available on WAN port despite ACL not reflecting that

    Dahvid Schloss
    Dahvid Schloss
    So i'm a bit confused and could use some help. After running NMAP on my public IP for a sanity check i was greeted with ports showing open that shouldn't be available to the WAN port. I don't have any services checked on my local service ACL for WAN Starting…
    • Answered
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • Local service ACL exception rule per CLI neu laden

    Gary Chainmiller
    Gary Chainmiller
    Hallo zusammen, folgendes Szenario: ich möchte von zu Hause aus auf die Web-GUI der XGS116w (Testumgebung in meinem Unternehmen) zugreifen. Habe eine Local service ACL exception rule erstellt die den Zugang von der entsprechenden IP erlaubt. Und…
    • Answered
    • over 1 year ago
    • Sophos Firewall
    • German Forum
  • Wireless Module of SD-RED-20 doesn't work because DHCP Request are blocked by Local SCL.

    Georg Eichelbaum
    Georg Eichelbaum
    Hello, I configured a SD-RED-20 with a wireless Module and wanted to test it. The Problem is that the wireless Module isn't showing up in the AP list. When i looked in the Logs i saw that the DHCP-Request is being blocked because of Local ACL. …
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • How to ACL differ from Firewall rules

    Sydney Mascarenhas
    Sydney Mascarenhas
    Im using the Sohpos UTM Virtual Applicance MR2 Version .. I have noticed that despite creating a drop rule for all zones, networks and services, the ACL still stands in control and firewall rules take no effect, only if the LAN Access at ACL device access…
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • Unable to enforce local service ACL on Sophos xg v19.0.1 MR-1

    Muhammad Abdullah Siddiqui
    Muhammad Abdullah Siddiqui
    Hi, We are trying to implement local service ACL on LAN side but it's not working. After checking on community found multiple posts but none works. Below are the Drop all rule and ACL snaps: Device Access: Added another drop management portal…
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • Sophos V18.5MR5: What kind of ICMP protocol are enabled in the service Ping/Ping6 in Device Access Tab?

    Execcr
    Execcr
    Hi, i'm working on getting the correct ICMP firewall rules on my Sophos Firewall. For doing this i've created a Local Service ACL Execption rule using the service "Ping/Ping6" for my WAN zone and allowing only some common route we use, excluding the…
    • Answered
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • Local ACL Violation

    Carlo
    Carlo
    Hello, I'm running web server on port 443 in DMZ zone with another service running on port 7xxx. I can browse web page because of waf rule, but I can not connect to service on port 7xxx from WAN, Packet capture show ACL Violation Show…
    • Answered
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • LOCAL_ACL Violation IPSEC VPN

    NoPoison
    NoPoison
    Hi, I set up an IPsec VPN but I am getting Local_ACL violations... I want to access it from my LAN PC 172.16.16.19 The Firewalls WAN IP is 192.168.178.50 Traffic is allowed I only added 1 Firewall-Rule. I pass everything to everything... …
    • Answered
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • Allow SSL VPN (Remote Access) User portal (And other Sophos ACL Services) for specif user

    Simplified Sam
    Simplified Sam
    So most users using the remote access vpn. My thought was now, create new ssl vpn profile and give seperate "vpn zone", and allow under Administration>Device Access the Userportal. But no, you cant. Is there anyway to make this happen for single…
    • over 2 years ago
    • Sophos Firewall
    • Discussions
  • Nice Bug on XG/XGS with non-standard port for User-Portal Access

    PhilippRusch
    PhilippRusch
    Hello,MR I think I found a nice bug on Sophos firewall (XG/XGS) Version 19.0 and 19.0.1 As soon as you change the port for "User portal access" from default = 443 to something else, you can access it from any zone, no matter what you checked under…
    • Answered
    • over 2 years ago
    • Sophos Firewall
    • Discussions
  • Pls help me understanding the XG v18 ACL matrix

    J Thai
    J Thai
    Hi everyone, This is the ACL matrix of Sophos XG v18 firewall system. Would you please explain to me in more details about the rows and columns of this ? I would like to know more in partiular about the SSL VPN column : If I uncheck the SSL…
    • Answered
    • over 2 years ago
    • Sophos Firewall
    • Discussions
  • UserPortal Accessible from WAN even though deactivated

    c7lma
    c7lma
    Hey, I don't understand why the UserPortal of my Sophos XG is still accessible from WAN. I had it activated for testing purposes weeks ago, but deactivated once we started to use the Firewall. I can still sign in when just connecting to…
    • over 3 years ago
    • Sophos Firewall
    • Discussions
  • WAN service ACLs

    JJM
    JJM
    I have my service ACLs ticked as follows, but I seem to be having issues with the WAN ones. Even though I have ping/ping6 and SSL VPN ticked for the WAN zone, I am unable to ping the public IP of my WAN interface, or connect using the Sophos VPN client…
    • over 3 years ago
    • Sophos Firewall
    • Discussions
  • Sophos XG - SNMP gets Violation Local_ACL

    Ben Sanderson
    Ben Sanderson
    Setup SNMP on the Sophos - the SNMP Server is located on our Azure VPN. Firewall rules are set to allow all, but getting Error Violation Local_ACL. In Device Access VPN has SNMP checked. Is there a ACL that need to be adjusted I do not see? SNMP is…
    • over 3 years ago
    • Sophos Firewall
    • Discussions
  • External Pings

    Sophos User3768
    Sophos User3768
    I would like to be able to ping our WAN interface from specific external IPs, but the only thing I am seeing I can do currently is allow Ping/Ping6 via the ACLs (Administration > Device Access > Local Service ACLs). When doing so, this seems to open it…
    • over 3 years ago
    • Sophos Firewall
    • Discussions
  • Sophos XG Remote access Web admin.

    R J
    R J
    This is the settings for the device access. I also added the remote IP that is allowed to access the Webadmin via https on the Wan. This works. But when i try it on my phone which has a total different IP it also works. Am i forgetting something…
    • over 3 years ago
    • Sophos Firewall
    • Discussions
  • View related content from anywhere
  • More
  • Cancel
>