• Static Route Bypasses Firewall Rules? Azure configuration

    Kenneth Primmer
    Kenneth Primmer
    I've done a fair bit of searching and reading on this forum and cannot find answers to the behavior I'm seeing. Here's the overview followed by my questions. I have an XG Firewall deployed in Azure. Setup is pretty much spot on the documentation for…
    • Answered
    • over 2 years ago
    • Sophos Firewall
    • Discussions
  • How to manage asymetric route with Sophos XG v.18

    ITA_Fabio
    ITA_Fabio
    Hi everyone, Maybe I'm doing something wrong but I can not have all my offices browse each other on MPLS connection... First of all each office has a connection, managed externally by one ISP, with its own router and each is part of a big MPLS. On…
    • over 2 years ago
    • Sophos Firewall
    • Discussions
  • Connection issues internal ressources after routing subnets via Sophos XG

    Nafets
    Nafets
    Hello community, until now we had several "old" vlans which are routed over the core switch. Any traffic between the vlans and the corresponding subnets is allowed. No acls, no packetfiltering. Now we created new vlans with new subnets and tried to…
    • over 2 years ago
    • Sophos Firewall
    • Discussions
  • SSLVPN traffics redirect to IPSec issue

    HPC Kronos
    HPC Kronos
    Hi all, I have a HQ site and a branch site. There's a policy-based ipsec site2site connection established the sites. Branch site has SSLVPN(OpennVPN 10.81.255.0/24) server running and is used as default gateway. Branch site also has an internal…
    • over 2 years ago
    • Sophos Firewall
    • Discussions
  • How do I assign certain routes to each of my interface ?

    J Thai
    J Thai
    Hello everyone, Sorry for being a noob here. I have the following network map layout: I use a dual-WAN bandwidth aggregation configuration rather than a failover one for most of the interfaces. However, I look forward to: Assign my TrueNAS server…
    • Answered
    • over 2 years ago
    • Sophos Firewall
    • Discussions
  • Sophos XG RED through specific gateway

    Oliver Martin
    Oliver Martin
    We have the following scenario: Sophos XG135 (SFOS 18.5.2 MR-2-Build380) Port 1 gateway to fibre internet Port 2 Gateway to VDSL Port 3 Gateway to LTE Port 4 LAN Clients Port 5 LAN Server Port 6 DMZ The XG connects multible IPSEC tunnels via Port…
    • Answered
    • over 2 years ago
    • Sophos Firewall
    • Discussions
  • Sophps XG making sure traffic only goes through Sophos

    NA NA3
    NA NA3
    Am I missing something here ? I've installed Debian 3cx and Gateway is Sophos XG (static ip and gateway set on network)... however even without Sophos running i can still get normal access to 3CX just fine, which proves despite setting static IP and…
    • over 2 years ago
    • Sophos Firewall
    • Discussions
  • Conection between two sophos - cannot ping

    Tomáš Mrakava
    Tomáš Mrakava
    Hello I have two sophos connect together. Sophos1 - switch - Sophos2 I have multiple VLANS between them. All vlans have owen subnet. Phisical interface has also owen subnet. I cant ping betwen vlan interface. Whatever i use. But Phisical interface…
    • Answered
    • over 2 years ago
    • Sophos Firewall
    • Discussions
  • Sophos XG - Default Route Failover

    warnox
    warnox
    Hi, I'm attempting to get WAN failover working across sites using OSPF (default information originate). The issue is with getting the local default route disabled in case the local Internet connection drops. Can you please let me know what is the correct…
    • over 2 years ago
    • Sophos Firewall
    • Discussions
  • Asymmetric routing

    Markus Ottmann1
    Markus Ottmann1
    Hi community, for reasons of simplification let´s assume that our XG450 ( SFOS 18.5.2 MR-2-Build380) has 4 ports configured: Port 1 - Zone WAN - IP 1.1.1.2/24 Gateway is 1.1.1.1 Additional Alias: 1.1.1.3/32 Port 2 - Zone DMZ1 - IP 2.2.2.1/24 used…
    • Answered
    • over 2 years ago
    • Sophos Firewall
    • Discussions
  • IGMP Service setting in NAT and firewall

    Distel HU
    Distel HU
    Hi Everybody. I am running SFOS 18.5.2 MR-2-Build380 on an Intel iCore 5 based PC as "Sophos XG Firewall" in connexion with an ASUS Router operating as Access Point and my ISP operator TV Box which is connected to Asus Router. As the "Sophos Firewall…
    • over 2 years ago
    • Sophos Firewall
    • Discussions
  • Multiple questions/issues regarding SSLVPN

    RCA_Sophos
    RCA_Sophos
    Hi all, we have recently replaced a customers firewall with two XGS 126 in active/passive cluster. During the implementation we experienced some issues we wanted to discuss here to find a solution, if possible. I already did some research in the Sophos…
    • over 2 years ago
    • Sophos Firewall
    • Discussions
  • Sophos XG Ver18 dual BGP Failover and Failback and Preference

    premvishwakarma
    premvishwakarma
    Hi, I have Sophos XG330 and two BGP link configured in LAN Zone. Both link are active and working. I would like to configure failover/ Failback and set primary and secondary link. Does SD WAN Policy Routes help to achieve this ?? I have tried…
    • over 3 years ago
    • Sophos Firewall
    • Discussions
  • STAS authentication over SD-WAN

    Michael Reed
    Michael Reed
    I have two Sophos XG Firewalls ( SFOS 18.5.1 MR-1-Build326) Both are managed by Sophos Central and I used the platform to create an SD-WAN between the two offices. I am trying to get the Branch Office XG to access the AD at Head Office in order…
    • over 3 years ago
    • Sophos Firewall
    • Discussions
  • MPLS Connectivity Issues after switch from UTM to XG 18.5

    sys8dmin
    sys8dmin
    Hi all, We recently switched from a UTM software install to a pair of XG3100s running in HA active/passive. Since the switch over we have had an issue with clients at our branch offices communicating with servers and devices on our LAN. Network…
    • over 3 years ago
    • Sophos Firewall
    • Discussions
  • 2 networks

    James Ridings1
    James Ridings1
    I need 2 networks to talk with each other using 1 ip address. The 2 sites are physically connected with a Metro E (Dark fiber), this connection is a dedicated fiber between the 2 sites. Each site has its own network. Site A has the IP’s that Site B needs…
    • over 3 years ago
    • Sophos Firewall
    • Discussions
  • Best way to route

    randanon
    randanon
    So as of right now I have Sophos running on a r610 server with Proxmox and I am only using 2 of the 1 gig nic. My question is what's the best way for me to disable to home cable modem DHCP and force connected clients through Sophos. Would setting the…
    • Answered
    • over 3 years ago
    • Sophos Firewall
    • Discussions
  • Apple Bonjour Forwarding

    Dardan Selimi
    Dardan Selimi
    Hey folks, I am trying to forward Apple Bonjour request from one VLAN to another VLAN. The scenario is the following: VLAN 10: Airplay devices (broadcasting) Wired clients VLAN 20: client devices (MACOS) WiFi clients The goal is to have…
    • over 3 years ago
    • Sophos Firewall
    • Discussions
  • MTU/MSS Oddness?

    Amir Khanna
    Amir Khanna
    We have an IKEv2 IPSec tunnel between two Sophos XG Firewall appliances in a corporate system for a remote site. We don't have any specialized MSS or MTU settings other than what the IPSec tunnel already applies. Our IPSec configuration profile for…
    • over 3 years ago
    • Sophos Firewall
    • Discussions
  • How to log Drops from advanced-firewall checks

    AndreasHämmerle
    AndreasHämmerle
    Hello, We have a clients-server based application, where the server is in a different vlan as the clients. The communication between both vlans is routed via SophosXG VLAN Interfaces. (XG430 / 18.5MR1) The GUI firewall rules are configured to…
    • over 3 years ago
    • Sophos Firewall
    • Discussions
  • RFC1918 WAN Interface

    EinMarco_DE
    EinMarco_DE
    Hey there! Simple (and maybe stupid) question: If I have a network like this: WAN | PPPoE Router (192.168.1.1) | (192.168.1.10) (Zone: WAN, Default gateway 192.168.1.1) Sophos XG (192.168.5.1) (Zone: LAN) | LAN (All IPs are with /24 subnet mask…
    • over 3 years ago
    • Sophos Firewall
    • Discussions
  • DNS server behind XG firewall NAT

    Youcef Rahmouni
    Youcef Rahmouni
    Hello community, Recently i was asked to migrate an existint configuration from a router to XG firewall and here is the scenario : an application running in my local server with the name : transmission.local.co IP@ is 192.168.62.11 DNS serve r…
    • over 3 years ago
    • Sophos Firewall
    • Discussions
  • Set static route in XG210 VLAN

    SHtan
    SHtan
    Why does the XG210, for the purposes of configuring a static route, require a different Gateway IP address from the VLAN Interface IP address? Trying to get my head around to understanding this static routing thingy on the XG210.
    • Answered
    • over 3 years ago
    • Sophos Firewall
    • Discussions
  • Inter VLAN Communication is not working

    UJay
    UJay
    Hi I am using Sophos XG115 as the firewall and i do have a layer 3 switch (Unifi 8 port POE 60W switch) which leverages VLANS created & tagged at XG115. Users in different VLANs want to connect to devices (e.g. Network Printer and Network Attached…
    • Answered
    • over 3 years ago
    • Sophos Firewall
    • Discussions
  • Routing issues with IPsec (Remote Access)

    Daniel Hargrove
    Daniel Hargrove
    Hi, I am sure this is something that is really easy to fix but I seem to be having some issues with the IPsec (Remote Access) setup. I have followed a detailed setup guide and while I can connect OK, once connected I cannot seem to ping anything on…
    • Answered
    • over 3 years ago
    • Sophos Firewall
    • Discussions
  • View related content from anywhere
  • More
  • Cancel
<>