Anyway to turn these off from showing in the logs? Thx

Hello everyone, we have a XGS set up with SSL VPN, the VPN Portal, AD integration and MFA for every user. Currently we are facing brute force attacks on the VPN Portal. We tried to prevent those by setting up an ACL rule which is blocking countries…

Hallo zusammen, seit Donnerstag bekomme ich ständig die Warnung mit folgender Nachricht: Message: Access from IP address '92.53.65.166' is blocked for '5' minutes after '5' unsuccessful login attempt. Unsere Firewall ist Alert for XGS2100…

On September 4, our Firewall VPN Portal was attacked from IP 92.53.65.166 (Russia) with hundreds of login attempts for different usernames. After bloicking this, today (September 8) we have been hammered by another attack, this time from hundreds of different…

Since today we have been experiencing massive password spraying attacks on many Sophos firewalls, especially on the VPN portal, which listens to port 443. Apparently these are attacks from Russia with the IP 92.53.65.166. How can I create a rule to prevent…

Hallo, wir haben zwei Sophos durch einen SSL-VPN Tunnel verbunden. Ich möchte gern durch diesen Tunnel auf das User-Portal zugreifen. Die Pakete kommen auch dort an, aber laut trace gibt es einen Verstoß gegen die ACL: Violation; Local_ACL Lt…

Dears, I have a two firewalls, main firewall and a secondary firewall, and there is a connection between them through a VPN, in the past, access to the remte firewall from the main headquarters was through the VPN port, but now, when I want to enable…

hi, if I scan the WAN IP from my Sophos Firewall, i can see open Ports, like: PORT STATE SERVICE 21/tcp open ftp 22/tcp filtered ssh 23/tcp filtered telnet 25/tcp filtered smtp 53/tcp filtered domain 80/tcp open http 110/tcp filtered pop3 111/tcp…

First off I understand the security implications of enabling web admin access via WAN. I've added a Local services ACL exception rule to permit one IP to the WAN interface for SSH/HTTPS access, however I still cannot enable https on the WAN interface…

So i'm a bit confused and could use some help. After running NMAP on my public IP for a sanity check i was greeted with ports showing open that shouldn't be available to the WAN port. I don't have any services checked on my local service ACL for WAN Starting…

Hallo zusammen, folgendes Szenario: ich möchte von zu Hause aus auf die Web-GUI der XGS116w (Testumgebung in meinem Unternehmen) zugreifen. Habe eine Local service ACL exception rule erstellt die den Zugang von der entsprechenden IP erlaubt. Und…

Hello, I configured a SD-RED-20 with a wireless Module and wanted to test it. The Problem is that the wireless Module isn't showing up in the AP list. When i looked in the Logs i saw that the DHCP-Request is being blocked because of Local ACL. …

Im using the Sohpos UTM Virtual Applicance MR2 Version .. I have noticed that despite creating a drop rule for all zones, networks and services, the ACL still stands in control and firewall rules take no effect, only if the LAN Access at ACL device access…

Hi, We are trying to implement local service ACL on LAN side but it's not working. After checking on community found multiple posts but none works. Below are the Drop all rule and ACL snaps: Device Access: Added another drop management portal…

Hi, i'm working on getting the correct ICMP firewall rules on my Sophos Firewall. For doing this i've created a Local Service ACL Execption rule using the service "Ping/Ping6" for my WAN zone and allowing only some common route we use, excluding the…

Hello, I'm running web server on port 443 in DMZ zone with another service running on port 7xxx. I can browse web page because of waf rule, but I can not connect to service on port 7xxx from WAN, Packet capture show ACL Violation Show…

Hi, I set up an IPsec VPN but I am getting Local_ACL violations... I want to access it from my LAN PC 172.16.16.19 The Firewalls WAN IP is 192.168.178.50 Traffic is allowed I only added 1 Firewall-Rule. I pass everything to everything... …

So most users using the remote access vpn. My thought was now, create new ssl vpn profile and give seperate "vpn zone", and allow under Administration>Device Access the Userportal. But no, you cant. Is there anyway to make this happen for single…

Hello,MR I think I found a nice bug on Sophos firewall (XG/XGS) Version 19.0 and 19.0.1 As soon as you change the port for "User portal access" from default = 443 to something else, you can access it from any zone, no matter what you checked under…

Hi everyone, This is the ACL matrix of Sophos XG v18 firewall system. Would you please explain to me in more details about the rows and columns of this ? I would like to know more in partiular about the SSL VPN column : If I uncheck the SSL…

Hey, I don't understand why the UserPortal of my Sophos XG is still accessible from WAN. I had it activated for testing purposes weeks ago, but deactivated once we started to use the Firewall. I can still sign in when just connecting to…

I have my service ACLs ticked as follows, but I seem to be having issues with the WAN ones. Even though I have ping/ping6 and SSL VPN ticked for the WAN zone, I am unable to ping the public IP of my WAN interface, or connect using the Sophos VPN client…

Setup SNMP on the Sophos - the SNMP Server is located on our Azure VPN. Firewall rules are set to allow all, but getting Error Violation Local_ACL. In Device Access VPN has SNMP checked. Is there a ACL that need to be adjusted I do not see? SNMP is…

I would like to be able to ping our WAN interface from specific external IPs, but the only thing I am seeing I can do currently is allow Ping/Ping6 via the ACLs (Administration > Device Access > Local Service ACLs). When doing so, this seems to open it…

This is the settings for the device access. I also added the remote IP that is allowed to access the Webadmin via https on the Wan. This works. But when i try it on my phone which has a total different IP it also works. Am i forgetting something…