Hallo zusammen, ich muss für einen Kunden eine Dokumentation erstellen mit allen SIDE2SIDE und Remote VPNs für alle 11 XGS Standorte. Könnt euch vorstellen, dass dies einen erheblicher Aufwand bedeutet. Ein XML Export finde ich da nicht grad…

hi, we had an incident where when of our devices had an attempt of access but with failure due to wrong password trials. I an suspecting that this device was on an unknown network outside our organization due to work from home policy we have. Is there…

Good morning. I need to replace a firewall model SG135 with an XGS 2100 (which had SFOS installed a few years ago). The facility has 20 APX320 access points, which are currently being managed by the firewall itself. After reviewing the documentation,…

Hello Community, here's the situation: Head Office (HO) : two WAN uplink connections, both have static IPs. One connection is 'cost based' and slower (backup WAN) and the other is quicker and has no traffic costs (primary WAN). Weights have been configured…

Documentation says for HA active-passive you should select a preferred primary device, because " only the initial primary device holds the licenses and supports services, such as FastPath offloading. ". Does this mean if auxiliary appliance is currently…

I could not figure out the details about traffic matching critera and further filtering within firewall rules. Can someone clarify what will happen if you select "Match known users" and "Block clients with no heartbeat"? Will the rule block no heartbeat…

Good morning everyone. Since the function of a company depends on the LDAP query, I would consider it extremely important to receive a warning. If the LDAP query fails. The MTA then no longer checks users if the connection to LDAP is disturbed (it cannot…

Hello All, We have a Sophos XGS connected to a metered WAN connection, in order for devices to connect to the internet the user must authenticate to the Sophos captive portal and at which point a weekly data transfer quota is applied. This has been…

Lots of posts about this. Here is an example. AD SSO - Cannot establish NTLM authentication channel with xxx Seems like the recommendation is to disable AD SSO in all zones. But what if we want SSO so we can log user web traffic? Why might we want…

Schönen guten Tag zusammen, folgendes ist mir grade aufgefallen. Wenn das ADDS nicht erreichbar ist, lässt der Sophos-MTA, Mails zum E-Mail-Server durch, an Empfänger die es gar nicht gibt! Dann antwortet der Mail-Server postmaster@Domäne.de sorry die…

Hello there, I have a customer who may want to buy a Sophos Firewall with the main reason of using it as a Web Proxy Server. Unfortunately I could not find information regarding WebSocket traffic inspection. My guts tell me that the SFOS will inspect…

Hi all, I was considering purchasing a virtual firewall, but I have a doubt to clear up. The vFW will mainly be used only to create a site to site where there will be about 100 users behind it. (There will be no local users on the LAN instead) In…

hi, i have friewall XGS2100 with Xstream protection. on that i am using ssl vpn for remote connectivity. so should i use ZTNA??? what extra benefits can i get if i use ZTNA?does xstream protection gives us few ZTNA licenses??? if i dont have Microsoft…

Hi all, I have an xgs 3100 firewall on which about 20 ipsec tunnels are attested. All these ipsec have fragmentation problems so I am forced to use mss-clamping. For example without mss-clamping an icmp packet passes as long as I set a size of 1400…

Hi I am new to Sophos, I like to know about something Sophos VPN Local setup I have installed somehow sophos connect by a link provided in community, To use sophos vpn in my local machine, but i cant import anything because i cannot enter into the…

Hi all, i have had a look at the Invalid Traffic page but as stated at the bottom doesnt resolve the issue, just reduces the number of logged entries My setup is as follows Core network is TPLink Omada (Manages the vlans) Sophos setup: Port1 …

Issue Summary: Slow Speed test SSL/TLS Inspection Summary of Call Discussion: Traffic for the test system (172.xxx.xx.8) was passing through rule ID #2. We observed a speed of 36 Mbps with the SSL/TLS inspection rule enabled. After disabling the…

Guten Tag, das neue Gerät XGS 116w erzeugt ein lauteres Betriebsgeräusch da es 2 Lüfter hat diese hört man noch 2 Räume weiter.Der Lüfter ist an der Seite angebracht. Ich benutze die Firewall für das Endpoint Protection. Gibt es eine Möglichkeit das Lüfter…

Dear good evening, I have a firewall migration requirement for a client who has a Sophos XG450 firewall in version SFOS 19.0.2 MR-2 Build472 and wants to migrate to a new XGS4500 computer. Is it possible to do this migration by generating a backup…

I tried to register a RMA firewall with SFOS 21 EAP after it has been claimed in Central. It did not work. Either Administration -> "Registration" failed also Sophos Central -> "Sophos Central registration" failed Live Log found: 1970…

I have XGS 116 with 20.0.1 MR-1-Build342. Using a MAC computer, gets the "File Import Error" error when connecting to VPN using Sophos Connect, the same config file is processed on the device with the windows operating system and it works smoothly.…

Hello, I found a solution where IPSec networks are distributed via OSPF and would like to know if this is correct? Can I use this in a productive environment? 1. SSH -> 4. Device Console 2. system ipsec_route add net 192.168.123.0/255.255.255.0 tunnelname…

Disclaimer : This information is provided as-is for the benefit of the Community. Please contact Sophos Professional Services if you require assistance with your specific environment. Table of Contents Overview Configuration Steps …

[POST DE DEBATE SOBRE O ASSUNTO] Opa pessoal! Em minha infraestrutura eu tenho o escritório na matriz (XGS 3100) conectado a outros quatro escritórios filiais (XGS 136) por Tunel RED, utilizando a configuração RED Server no escritório matriz e RED Client…

Good morning. I have been looking for information about the use of Traffic Shaping / QoS and applied what is indicated but in my case it is not working for me. I have 2 offices, each with a Sophos firewall. The server in office A sends data to the…