• SSL VPN Route Issues to VPN Clients Firmware 20.0.2 MR2, and Version 21

    Cameron Savage1
    Cameron Savage1
    This problem is occurring on Sophos Firmware 20.0.2 MR-2-Build378 as well as SFOS 21.0.0 GA-Build169. The problem also occurs on an XG with a firmware of 20.0.2 MR-2. Route Precedense has been set the following ways: static vpn sdwan | vpn static sdwan…
    • 6 days ago
    • Sophos Firewall
    • Discussions
  • How can I prevent OSPF from distributing WAN subnet

    Bill Roland
    Bill Roland
    Hi all, I have an XG firewall (v21) that I would like to use OSPF to distribute a couple of routes to my main network which is also using OSPF. I configured it and it is passing routes but it is also passing the subnet for the WAN interface, which I…
    • Answered
    • 16 days ago
    • Sophos Firewall
    • Discussions
  • SDWAN and Loopback NAT

    Bart van der Horst
    Bart van der Horst
    Hi, I've got the following case on a customer site: Internal webserver on LAN, needs to be accessed from same or different internal LAN on the external IP, normally I use a loopback NAT rule and this works. Since a few weeks we had to switch to…
    • Answered
    • 1 month ago
    • Sophos Firewall
    • Discussions
  • Wie verarbeitet die Sophos DNS Anfragen bei mehr als einem Internet Anschluss

    Patrick81
    Patrick81
    Schönen guten Tag zusammen, hier habe ich eine Frage die mich grade brennend interessiert. Ich habe zum Beispiel in der Sophos unter Netzwerk -> DNS 8.8.8.8 und 8.8.4.4 eingetragen. Weiter hat die Sophos 3 Internet Anschlüsse. Für jede Internetverbindung…
    • Answered
    • 1 month ago
    • Sophos Firewall
    • German Forum
  • Multi-WAN Active/Passive configuration

    Kiran Jedhe
    Kiran Jedhe
    Hi, I need to set up my v20 OS firewall in active-passive mode. I've already done some configuration, but I'm facing issues with automatic failover due to using "Any" in the NAT rule. Can you provide a straightforward solution using SD-WAN or WAN Link…
    • 1 month ago
    • Sophos Firewall
    • Discussions
  • How to Route Traffic through LAN Alias, using them as Virtual Gateways

    Alexandros Livas
    Alexandros Livas
    Hello Team, i have a problem in this scenario. I have configured: LAN1: (Physical interface) 192.168.1.1 LAN1:0 (Alias Virtual Interface) 192.168.1.242 LAN1:1 (Alias Virtual Interface) 192.168.1.241 ISP1: (Configured on WAN Physical interface…
    • 1 month ago
    • Sophos Firewall
    • Discussions
  • force outgoing through the xfrm interface

    Gib GoDesk
    Gib GoDesk
    Hello, everyone. I created a DNAT rule. I receive the communication on the local interface at the SFW's IP address on the LAN and translate it to another destination that is remote on the VPN. I force a SNAT with the SFW's IP address that is assigned…
    • Answered
    • 1 month ago
    • Sophos Firewall
    • Discussions
  • XGS 3300 wrong Gateway

    Bart van der Horst
    Bart van der Horst
    Hi, I've got the following case: HA XGS3300 Three WAN connectinons P2 ISP 1 P4 ISP 1 P6 ISP 2 P2 and P4 are BGP. P6 is stand alone. All internet connections are working. When configuring SNAT and or SD-WAN all traffic for WAN is over…
    • Answered
    • 1 month ago
    • Sophos Firewall
    • Discussions
  • SD WAN Routing with xfrm interface

    Giacomo de Giorgis
    Giacomo de Giorgis
    Hi community, I need help to complete this configuration. A customer needed to improve the VPN configuration beween his hq to the Oracle datacenter. He had 4 classic IPSEC vpn PROVIDER1-ORACLEIP1 PROVIDER1-ORACLEIP2 PROVIDER2-ORACLEIP3 PROVIDER2…
    • 1 month ago
    • Sophos Firewall
    • Discussions
  • How to config traffic using SD WAN routes instead of default gateway route ?

    Anhar Panduwinata
    Anhar Panduwinata
    Need help on this issue, I tried to configure the SD WAN routes destination to use SD WAN profile, but the traffic keep going through default. I have tried to disable the Underlay SD WAN route and access speedtest.net (I put speedtest.net as destination…
    • 1 month ago
    • Sophos Firewall
    • Discussions
  • Sophos XGS OSPF

    Dominic Pageau
    Dominic Pageau
    Hi all, I'm using OSPF but don’t want to redistribute all routes. On Cisco, I would probably use a route map to filter which routes need to be advertised. Here with XGS, I have unchecked "Redistribute connected" and "Redistribute static." I’m using…
    • 1 month ago
    • Sophos Firewall
    • Discussions
  • Guest network on separate public IP

    jtaylor
    jtaylor
    We have a /29 subnet from our ISP. I want to use a dedicated public address for our guest network traffic. I've added an alias on the PPPoE port and thought I could then just use an SD-WAN rule to route the traffic, but the alias doesn't appear in the…
    • Answered
    • 2 months ago
    • Sophos Firewall
    • Discussions
  • Distribute IPSec site-to-site network via OSPF

    Patrick's
    Patrick's
    Hello, I found a solution where IPSec networks are distributed via OSPF and would like to know if this is correct? Can I use this in a productive environment? 1. SSH -> 4. Device Console 2. system ipsec_route add net 192.168.123.0/255.255.255.0 tunnelname…
    • Answered
    • 2 months ago
    • Sophos Firewall
    • Discussions
  • Failover for Adjacent Vendor Routers on Separate Networks over SD-WAN

    Andrew Schoonover
    Andrew Schoonover
    I'm having an issue where we have two vendor routers that need to be highly available to all branch and data center locations (No changes permitted on the vendor R1 and R2) The networks at all the branch locations consist of a Sophos XG135 as the Gateway…
    • 3 months ago
    • Sophos Firewall
    • Discussions
  • 2 WAN Links One Firewall

    BobbyDigital
    BobbyDigital
    Hello World, I have to Internet gateways from my ISP as part of a package deal. I would like to use one internet gateway as my production traffic and the other gateway as my lab traffic. None of the resources behind need to talk to each other. I just…
    • 3 months ago
    • Sophos Firewall
    • Discussions
  • Sophos XG WAN Failback delayed

    Alex Loecherer
    Alex Loecherer
    clear 840 / 5.000 Übersetzungsergebnisse Übersetzung Is there a way to delay the failback in the event of a WAN failover? Our customer gets his Internet access…
    • Answered
    • 3 months ago
    • Sophos Firewall
    • Discussions
  • VoIP Traffic Through Secondary WAN Port

    daniel_schmidt
    daniel_schmidt
    Hi All. Firstly, thank you for your time to help! Let me give you a quick breakdown of my network and then I will explain what I am trying to do. I have a XGS 2100 running on v20 SFOS. I have 2 ISP connections, a primary and a backup. (I have set…
    • 3 months ago
    • Sophos Firewall
    • Discussions
  • Enable Routing for public IP on the Lan Interface

    Luke Haase
    Luke Haase
    Hello everybody! Right now I have the situation where I want to have multiple public Servers behind a sophos virtual firewall. For the Sophos i have a seperate public IP. I have a public IP Subnet for the servers that is routed via the public IP of…
    • 4 months ago
    • Sophos Firewall
    • Discussions
  • Route IPv6 to DMZ

    pgross
    pgross
    Hi there, we have a /64 subnet (with gateway) and a /56 assigned by the ISP. No PD in place. I've assigned an address from the /64 subnet together with the gateway to the WAN interface, which is now reachable via IPv6. I'd like to assign IPv6 Addresses…
    • 4 months ago
    • Sophos Firewall
    • Discussions
  • Can't contact local DNS from SSL VPN (with 2 WAN)

    Lau Rent
    Lau Rent
    Hello, I'm not an expert (for the moment) on Sophos. For a customer that has an XG Firewall, he asked to configure a SSL VPN connection. As I already done this some years ago on a privous Sophos Router, it should be possible ;-) But the LAN/WAN…
    • 5 months ago
    • Sophos Firewall
    • Discussions
  • Please allow rule renaming

    huang xing
    huang xing
    HELLO When we create a routing rule (or other items that do not support renaming), and feel that the name is unreasonable or needs to be changed for other reasons, we find that the name cannot be modified and can only be rebuilt or copied. This is a…
    • 5 months ago
    • Sophos Firewall
    • Discussions
  • specific users to make use of just one of the ISPs

    Akshay Waje
    Akshay Waje
    Kindly help. I configured a load balance on two ISP links for my users. Among those users, I want some specific users to make use of just one of the ISPs only whole the rest use both.
    • 5 months ago
    • Sophos Firewall
    • Discussions
  • Routing Traffic via Sophos XGS Firewall for Peered Workload VPC

    Yuvraj Singh
    Yuvraj Singh
    Hello Team, I've successfully configured the Sophos XGS in my security account and routed internal traffic via the Sophos LAN ENI instead of using a NAT gateway, which is functioning well. Now, I have another workload VPC in a separate account that…
    • 5 months ago
    • Sophos Firewall
    • Discussions
  • Sophos XGS bgp routing preference

    admin_idl
    admin_idl
    Hello, we use 2 internet lines and have set up 2 route based vpn tunnels. BGP is used as the routing protocol. What settings can we make so that the 1st internet connection is used first and the 2nd internet connection is only used if this is not available…
    • Answered
    • 6 months ago
    • Sophos Firewall
    • Discussions
  • Different default WAN gateways for different VLAN groups

    Administrator User484
    Administrator User484
    Hello. I wonder if Sophos Firewall could be set up to have each VLAN having different WAN gateways ? For example, VLAN 1 will go to WAN 1 and VLAN 2 will go to WAN 2, so that there will virtually be two networks. Originally, I was thinking to set…
    • 6 months ago
    • Sophos Firewall
    • Discussions
  • View related content from anywhere
  • More
  • Cancel
>