• Multi-WAN Active/Passive configuration

    Kiran Jedhe
    Kiran Jedhe
    Hi, I need to set up my v20 OS firewall in active-passive mode. I've already done some configuration, but I'm facing issues with automatic failover due to using "Any" in the NAT rule. Can you provide a straightforward solution using SD-WAN or WAN Link…
    • 1 month ago
    • Sophos Firewall
    • Discussions
  • Sophos XGS: DNAT Through Routed VPN

    FMXio
    FMXio
    Hello everyone, I am attempting to redirect all requests made to 192.168.10.5 to 172.16.10.5. The VPN is working properly on both sides. Sophos XGS: DNAT Through Routed VPN Details: #VPN Working 100% LOCAL-LAN: 192.168.10.0/24 (Sophos) REMOTE…
    • Answered
    • 1 month ago
    • Sophos Firewall
    • Discussions
  • How to Route Traffic through LAN Alias, using them as Virtual Gateways

    Alexandros Livas
    Alexandros Livas
    Hello Team, i have a problem in this scenario. I have configured: LAN1: (Physical interface) 192.168.1.1 LAN1:0 (Alias Virtual Interface) 192.168.1.242 LAN1:1 (Alias Virtual Interface) 192.168.1.241 ISP1: (Configured on WAN Physical interface…
    • 1 month ago
    • Sophos Firewall
    • Discussions
  • Configuration of IP TVs on Sophos Firewal

    Janith Bandara
    Janith Bandara
    I got a Sophos XGS126 on a customer site and I need to configure 7 IP TVs. I need assistant to configure those TVs. Since the TVs using multicast addresses is it possible to configure these without multicast addresses because ISP said that configure TVs…
    • 1 month ago
    • Sophos Firewall
    • Discussions
  • force outgoing through the xfrm interface

    Gib GoDesk
    Gib GoDesk
    Hello, everyone. I created a DNAT rule. I receive the communication on the local interface at the SFW's IP address on the LAN and translate it to another destination that is remote on the VPN. I force a SNAT with the SFW's IP address that is assigned…
    • Answered
    • 1 month ago
    • Sophos Firewall
    • Discussions
  • Blocking Tor Exit Nodes

    Gabriel Doring
    Gabriel Doring
    Hello, One of our clients has asked us to block communication to Tor Exit Nodes, in the Applications and Web options in the Sophos XGS firewall I can only see things related to TOR VPN, TOR PROXY and TOR2WEB or whatever... But I cannot see anything…
    • Answered
    • 1 month ago
    • Sophos Firewall
    • Discussions
  • Multiple Email Addresses for local users on XGS firewall

    Luis Prunn
    Luis Prunn
    Hello community, I am currently working on a SG to XGS migration for one of our customers. The customer had a bunch of local firewall users. Many users have alias email addresses configured on the SG firewall. Unfortunately, I am not sure how…
    • 1 month ago
    • Sophos Firewall
    • Discussions
  • DHCP reservation

    RobertoR
    RobertoR
    I have a few subnets, and all of them have a dhcp server/pool range for specific range. A few of them have a IP reservation (bind mac to IP address). The error/strange behavior I get is if the MAC address is in list for reservation in any of the dhcp…
    • Answered
    • 1 month ago
    • Sophos Firewall
    • Discussions
  • v21 XG Home VPN Hardware acceleration

    MikeyS
    MikeyS
    Good evening, Back testing XG Home, does v21 support hardware acceleration for IPsec and SSL VPN tunnels? I have XG Home installed on a XG230 R2 at mo, I have a XG135 R3 that has pfsense + on it atm, so pending successful testing, planning on dropping…
    • Answered
    • 1 month ago
    • Sophos Firewall
    • Discussions
  • Malware 'Unscannable' was detected and blocked in a download from acroipm2.adobe.com

    Maroun Moussallem
    Maroun Moussallem
    hello, The last two days, we've been receiving an http virus mail from sophos firewall with the following message, (Malware 'Unscannable' was detected and blocked in a download from acroipm2.adobe.com). what we had done so far, full scan launched…
    • Answered
    • 1 month ago
    • Sophos Firewall
    • Discussions
  • Sophos XG Bridge. Mode, DHCP for VLAN takes Multiple Tries Before Getting an IP

    romaelz
    romaelz
    Hi. I've been battling this for days and finally decided to post it here and seek help. I've pfSense as the main router and Sophos XG is in bridge mode (for application filtering purposes). There's 1x VLAN involved. The DHCP works fine for the main…
    • Answered
    • 1 month ago
    • Sophos Firewall
    • Discussions
  • Unscannable content bug in XG?

    TimAlbertson
    TimAlbertson
    We have several XG firewalls reporting this. Other layers in the defense report nothing. Endpoints are a mix of Defender/Huntress and also Sophos MDR. All scans are clean. Anyone else seeing this particular alert regarding the FQDN from Adobe? Alert…
    • Answered
    • 1 month ago
    • Sophos Firewall
    • Discussions
  • XGS 3300 wrong Gateway

    Bart van der Horst
    Bart van der Horst
    Hi, I've got the following case: HA XGS3300 Three WAN connectinons P2 ISP 1 P4 ISP 1 P6 ISP 2 P2 and P4 are BGP. P6 is stand alone. All internet connections are working. When configuring SNAT and or SD-WAN all traffic for WAN is over…
    • Answered
    • 1 month ago
    • Sophos Firewall
    • Discussions
  • API Request show only WAF-Rules

    StefanKeel
    StefanKeel
    I'm experiencing with the API and Postman. We use a wildcard-certificate and I wants to update all WAF-Rules at once. Becuase the GUI-way ist very hard (every time set the certificate, all domains will be dropped and the domain from the certificate only…
    • 1 month ago
    • Sophos Firewall
    • Discussions
  • XGS 108 in combination with Asus Router

    Icecoke
    Icecoke
    Hi! I recently got a XGS 108 for home use, however, I am little lost on how to set-up my network now. Currently, I have an ISP modem acting as a bridge, then an ASUS router in a mesh wifi with an access point. The ASUS router is handling DHCP management…
    • Answered
    • 1 month ago
    • Sophos Firewall
    • Discussions
  • Sophos 21 Home Lets Encrypt Secondary Validation Fetch Timeout

    jarrod beebe
    jarrod beebe
    Certificate request fails with secondary validation time out. I can see in the web server protection log viewer that the well known url is being requested with the unique value. I also briefly see that the temporary waf rule is created. Only thing to…
    • Answered
    • 1 month ago
    • Sophos Firewall
    • Discussions
  • Devices connected on wifi but with no internet connection

    Anesu Dangarembwa
    Anesu Dangarembwa
    Good day We are having a challenge, we have a firewall XGS 2100 , some devices that are connecting with wifi, they receive ip address from DHCP in the firewall, we have a firewall rule for the devices with Mac address, but the devices they are not receiving…
    • 1 month ago
    • Sophos Firewall
    • Discussions
  • question about blocking user AD Windows server through Sophos Firewall

    Alfredo Lodos
    Alfredo Lodos
    Good afternoon, I have a Sophos firewall that is integrated with a Windows Server Active Directory.Can a domain user be blocked from browsing the Internet through Sophos, but allow the computer they use to download and update the operating system, and…
    • 1 month ago
    • Sophos Firewall
    • Discussions
  • AD Accounts locked by brute force despite MFA & ACL rule

    Markus Quirmbach
    Markus Quirmbach
    Hello everyone, we have a XGS set up with SSL VPN, the VPN Portal, AD integration and MFA for every user. Currently we are facing brute force attacks on the VPN Portal. We tried to prevent those by setting up an ACL rule which is blocking countries…
    • 1 month ago
    • Sophos Firewall
    • Discussions
  • XGS 107 und WLAN Call

    Jörg Schwarzrock
    Jörg Schwarzrock
    Hallo zusammen, ich habe eine XGS 107 bei einem Kunden laufen und dieser möchte nun auch WLAN Calls tätigen. Es sind seit längerem normale AVM 2400 APS hinter der XGS eingerichtet. Nun blockiert mir die XGS die WLAN Calls, AP probeweise direkt…
    • Answered
    • 1 month ago
    • Sophos Firewall
    • German Forum
  • SD WAN Routing with xfrm interface

    Giacomo de Giorgis
    Giacomo de Giorgis
    Hi community, I need help to complete this configuration. A customer needed to improve the VPN configuration beween his hq to the Oracle datacenter. He had 4 classic IPSEC vpn PROVIDER1-ORACLEIP1 PROVIDER1-ORACLEIP2 PROVIDER2-ORACLEIP3 PROVIDER2…
    • 1 month ago
    • Sophos Firewall
    • Discussions
  • Problem with VLAN configuration SOPHOS, PROXMOX

    Dominik Potocki
    Dominik Potocki
    Hi. I have a problem with receiving network traffic in PROXMOX_DMZ. I want two networks to be available in this PROXMOX_DMZ: 1. DMZ NETWORK 2. DMZ VLAN 1721 My devices and the connections between them Incoming traffic to the microtik ISP -> PORT WAN/vmbr0…
    • 1 month ago
    • Sophos Firewall
    • Discussions
  • Lots of discarded IPv6 packets in firewall log.

    JohnHilton
    JohnHilton
    Hi all, Started to have this issue the last day in the office 30mins before i left for the weekend. Basically our network has been going very slow and i have lots of this in the firewall..... like non stop. Am i right to believe fe80: is internally…
    • 1 month ago
    • Sophos Firewall
    • Discussions
  • Unconfigured VoIP Functionality on XGS 116 – Assistance Needed

    John Spurlock
    John Spurlock
    I am reaching out regarding an XGS 116 recently purchased by a client. Interestingly, VoIP functionality—both inbound and outbound—is fully operational without any specific configurations applied to the device for the VoIP provider. There are currently…
    • Answered
    • 1 month ago
    • Sophos Firewall
    • Discussions
  • How to config traffic using SD WAN routes instead of default gateway route ?

    Anhar Panduwinata
    Anhar Panduwinata
    Need help on this issue, I tried to configure the SD WAN routes destination to use SD WAN profile, but the traffic keep going through default. I have tried to disable the Underlay SD WAN route and access speedtest.net (I put speedtest.net as destination…
    • 1 month ago
    • Sophos Firewall
    • Discussions
  • View related content from anywhere
  • More
  • Cancel
<>