I am working on migrating functionality from UTM to SFOS on XGS3300 hardware.
This organization subscribes to this DNS filtering service: https://www.cisecurity.org/ms-isac/services/mdbr
In the UTM, it was easy to bottleneck DNS queries so they are…
I need some help to understand why this firewalls IPv6 gateway is constantly reported as failed.
It's XGS126 with SFOS 20.0.1
Because of that Gateway errors I reconfigured it from being an active gateway to a backup failover gateway only.
I have…
Hello Everyone,
I am having a little configuration issue with my web server on a VLAN. All my VLANs have internet access but I can't seem to access my web server from outside my network. Can anyone post an example firewall rule from Public IP to VLAN…
I am not planning to use Sophos Central, my XG firewall is standalone.
I have a fairly complex security stack setup with a separate IDS/IDS and SOAR type system along with a honeypot outside my firewall protected zones.
I would like to automate whenever…
Hi,
my current network looks like this. This is a double NAT scenario but works quite well.
Now I got a Unifi USG for testing purposes. I'd like to add it between the Sophos XG and the Unifi Switch. The Sophos should keep on managing DHCP, DNS…
Hello,
we got 2 new XGS450-firewalls. Currently the configuration is blank.
The firewall should manage the vlan traffic.
We have 3 branches. They are connected with a cisco mpls-network.
Our internet-firewall in the mpls network:
Should be…
Hi experts, I have an external web site hosted in the AWS, and the DNS domain name is registered in my local DNS server (Windows 2019 with AD and DNS). I have configurated the DNS options in Sophos XGS as shown below. The website does open for internal…
Hello,
I refer to
RE: DHCP Static IP mapping for same client multiple networks?
With the update from SFOS 20.0.0 GA-Build222 to SFOS 20.0.1 MR-1-Build342 the Sophos
system dhcp conf-generation-method has been set to old again:
console> system…
hello,
I noticed that when I execute the `snmpwalk` command on the OID `.1.3.6.1.2.1.31.1.1.1.18` (ifAlias), the result comes back empty.
When I execute the OID `.1.3.6.1.2.1.2.2.1.2` (ifDescr), it returns the interface name. For example: eth7.
…
We have a Sophos XG135 firewall running SFOS 20.0.1 MR-1-Build342).
We have a cloud 8x8 VOIP phone soultion which is having intermittant audio issues.
We have been asked to run their network diagnostic tool which is reporting back UDP port 443 outbound…
Referencing this previous post: Webpages SLOW to load
That post is over 7 years old and locked, so I am posting here.
I recently started having this same issue...Web pages take 30+ seconds to load for all users on network A number of coincidental…
Hi,
I'm using a XGS116 with SFOS 20.0.1 MR-1-Build342.
I've got a public subnet 1 (2.1.1.0/30) assigned by the ISP. 2.1.1.1 is their gateway. 2.1.1.2 is used as static IP of PortF1 (ISP1). I've got a backup connection on Port3 (ISP2). I've defined…
Good day
We have an XG 35 ON VERSION 20.0.1
There is a phone that is connecting to the network.. and when it connects the network it is getting 192.168.10.1 which is the ip addresss of the firewall ..
Our DHCP is the firewall , and the DHCP pool…
In the IPv6 training, a manually configured IPv6 link-local address for the gateway was considered "best practice". fe80::1 would be a good choice... Is it possible to configure this with sophos firewall? ...or why this should not be done?
thx in a…
Hi,
here is my setup, i have 2 VLAN ( 20 and 30 ) and both have DHCP enabled, and both have similar setting.
VLAN is supposed to be used for Administration purposes and VLAN 30 for production traffic.
VLAN 20 does not have access to Internet…
Guten Morgen ,
ich habe einige XGS die ich verwalte. Komme ursprünglich aus der Pfsense und OPnsene Richtung und bin nun bei Sophos und bin begeistert was die XGS doch alles so können. Jetzt ist mir aufgefallen das die XGS selbst keinen NTP Server…
Hello,
I'm reconfiguring my fw (latest OS version), changing the zone and IP of my reverse proxy, from LAN to DMZ.
Externally I'm able to reach my web sites with the RP on LAN, but if I change the zone and internal IP in firewall rule and NAT rules…
I noticed a strange mixing of DHCP settings when having 2 reservations for one client MAC address.
console> system dhcp static-entry-scope show global
I have a VLAN on the XGS lets say VLAN10 Net: 10.1.2.0/24 GW: 10.1.2.1
On that VLAN is a XGS DHCP…
I've got a Site connected with RED60
The RED itself uses a single IP Subnet /31 IP Address and has 4 VLAN with /26 Subnets attached.
In the Mgmt VLAN are Sophos APX Accesspoints connecting to Central.
That setup was running up and fine for years…
We are using BGP as the routing protocol to our ISP who provides us with two indepent WAN links and gateways which we can use as active/active or active/backup as we like.
It seems that any setting in the Routing -> Gateway section of SFOS and the corresponding…
Hi I have XGS4300 (SFOS 19.5.4 MR-4-Build71),DNS change Automatically in Sophos Firewall it can possible or not
can you please guide how to resolve this issue.