Hello, everyone.
I created a DNAT rule. I receive the communication on the local interface at the SFW's IP address on the LAN and translate it to another destination that is remote on the VPN. I force a SNAT with the SFW's IP address that is assigned…
I hope this message finds you well. I am reaching out to request assistance with an issue I am encountering related to a proxy error with the sophos XG 330 (Fw1=SFOS 17.5.12 MR-1). I’ve noticed that when I try to connect to the web console, I receive…
Hey Folks,
some of our XGS FWs have reported by mail, a new firmware update would be available for download/installation.
Central instead isnt reporting anything, and still shows firewall is up to date. Even when i upload the firmware file manually…
Hallo,
seit gestern bekommen Benutzer, welche nur auf der Sophos lokal angelegt sind folgenden Fehler:
17711 - User failed to login to SSLVPN through AD authentication mechanism because of wrong credentials.
Warum sucht die Sophos nun plötzlich…
Hello community,
I am currently working on a SG to XGS migration for one of our customers.
The customer had a bunch of local firewall users. Many users have alias email addresses configured on the SG firewall.
Unfortunately, I am not sure how…
Hi!
Recently I want to configure a VIP with SSL termination on my Sophos Firewall 20 running as a VM. I have the SSL cert imported (+CA - there was no Let's encrypt E5 CA so I added it).
I want to start from something really simple - Outside LAN to…
Hi, I can't seem to find a clear answer as to why the auto generated MTA firewall rule is needed. As I understand it, in MTA mode emails are being 'handled' by the firewall rather than just traffic passing through it, so access should be controlled by…
Disclaimer: This information is provided as-is for the benefit of the Community. Please contact Sophos Professional Services if you require assistance with your specific environment.
Table Of Contents:
Overview
Steps to Reproduce
Workaround…
I received a message from SSL VPN and Captive portal about a certificate issue. I created a locally-signed certificate and installed it on the client’s machine, but the error related to the certificate still appears. Could you please advise on this?
Hi
I am planning to migrate my XG-115 to XGS-118 in December 2024.
Ability to fully utilise 1000 Mbps fiber internet connection is one of the deciding factors.
Does anyone have tried this with XGS-118? If yes, what was the result?
Good morning.
I am having problems with a server when accessing remote servers through an IPsec tunnel.
SITE A has to access SITE B's servers and vice versa
The problem is that for approximately a week one of the servers at SITE A (192.168.200…
Hello there,
I recently read an article about an operation that Sophos started back in 2020 with gathering telemetry data from it´s devices. This was probably the beginning of a massive surveillance that now have been presented by Sophos as "defensive…
I’m trying to move Office 365 connector authentication from IP-address to certificate. A Let’s Encrypt certificate has been created (on SFOS 21) and added to the SMTP TLS configuration under the Email > General tab. When changing the Office 365 connector…
I have a few subnets, and all of them have a dhcp server/pool range for specific range. A few of them have a IP reservation (bind mac to IP address). The error/strange behavior I get is if the MAC address is in list for reservation in any of the dhcp…
This is an issue that I have seen with multiple customers. The VPN connection as Tunnel interface is established. The XFRM is configured to be non-overlapping in any sense with other IP subnets on the Firewall. Even then the gateway shows down. Here is…
Hello everyone,
I can not seem to find an answer to this question and hope that someone can clear this up.
We are currently migrating from the old VPN Client (SG) to the new Sophos Mobile Connect Client (XGS). Both are using SSL VPN Config.
…
Disclaimer: This information is provided as-is for the benefit of the Community. Please contact Sophos Professional Services if you require assistance with your specific environment.
Table of Contents:
Overview
Configuration on Sophos Firewall…
hello,
The last two days, we've been receiving an http virus mail from sophos firewall with the following message, (Malware 'Unscannable' was detected and blocked in a download from acroipm2.adobe.com).
what we had done so far, full scan launched…
What's "best practice" regarding HA link network? - at the moment my HA link network (physical port / peer2peer) is zone DMZ -> not cool because SSH access for DMZ zone must be activated or HA will not work anymore -> SSH access from DMZ zone on all HA…
Schönen guten Morgen an euch alle!
Ich kämpfe zur zeit bei dem ein oder anderen Kunden mit folgendem Thema. Es laden Mails in der Mail-Quarantäne, die laut Mail Protokoll abgelehnt wurde mit dem Grund DKIM Verifizierung fehl geschlagen. Wenn ich mir…
Hi.
I've been battling this for days and finally decided to post it here and seek help.
I've pfSense as the main router and Sophos XG is in bridge mode (for application filtering purposes). There's 1x VLAN involved. The DHCP works fine for the main…
Hi,
we are using standalone firewall, recently we purchase one more firewall XGS3300 we want to put both firewall in HA
i read some KB article what they suggest
1.existing firewall connect DMZ Zone port to new firewall
2.model version ports…
We have several XG firewalls reporting this. Other layers in the defense report nothing. Endpoints are a mix of Defender/Huntress and also Sophos MDR. All scans are clean. Anyone else seeing this particular alert regarding the FQDN from Adobe?
Alert…