Hi all, We have a Sophos XGS firewall and we have imported a self signed certificate from our organization to the firewall which is used for the admin console and user portal under Admin console and end-user interaction -> certificate. We have also…

I HAVE A WEBSITE ON MY LOCAL SERVER 172.16.1.1 port 80 , and it's working when i try to access it from the internet but only with http ; when i choose https 443 it shows an eeror msg 'this webisite is unsecure click on link to proceed " ; so i brought…

Hello, Is there a SSL expert in the house? I was on a PUBLIC WiFi AP yesterday and was shocked to find out my websites SSL from DigiCert was not used. In fact, the WiFi said that my SSL Certificate is coming from Sophos. Below I will display what…

Greetings everyone! This is my first time installing a renewed SSL certificate for our email server in our new XGS firewall. Where are all the places the new certificate needs to go? I've uploaded it in certificates. Applied it in email general…

Good Afternoon, We have recently performed a migration from Sophos UTM to Sophos XGS and I am currently working on re-instating the SSL VPN service for use by our third party support companies. We operate two DCs with services either 'homed' in a specific…

Greetings everyone, In XG firewall, I need to install and configure a renewed SSL certificate from Go Daddy. We have an Exchange server on premise. I've uploaded it into certificates. Applied it in firewall HTTPS OWA SMTP rule. Applied it in email…

Our customer recently updated the windows system patch. After the update, open the Outlook client, and always pop up a certificate warning. As shown in the figure below, please help analyze the cause of this problem, whether it is related to XG Firewall…

Hello, do you know if is possible to use a third party wildcard certificate to configure an SSL remote access on an XG firewall? Thank you in advance, Marco.

I am currently using SFOS 19.5.1 MR-1-Build278. I am hosting Emby (similar to Plex, I used Plex as it is more popular) container on my Qnap NAS, being protected by WAF. I have my own domain name from Porkbun, and I was able to generate SSL (Letsencrypt…

Hi foks, I am running v19.5.1 on the XG and macOS13.3 on the mac book pro and mc air. A couple of sites no longer work and the default is https even though I enter hrttp.If I use a hotspot the issue is not observed. I have a mac mini in which the…

Noticed some issues today with some popular SSL sites (linkedin, live, . These issues existed for some days but no one complained. The traffic was scanned by TLS/DPI engine and the servers had certificates issued by "DigiCert SHA2 Secure Server CA"…

We're having a strange situation again after it happened last week already on our SFOS 19.0.1 XG430: Some users browse to a website that has no exceptions on our firewall for decryption. The browser (firefox or chrome) show an error that the site…

I uploaded the certificate in every format (.pem,.pfx,.Cer) but none of showing trusted and always showing RED (X) in trusted for certificate issued from Digicert website. Please assist me to fix on this issue at earliest. Please find the attached screenshot…

Hi, purchased an XGS2100 to replace our SG230 for our Public WiFi connection. The device is not on a domain and has its own internet connection. It is only used for members of the public to get access to the internet on their own personal devices…

Hi folks, we are currently in the rollout of SSL-VPN Configurations and noticed performance issues at users which are using LTE Internet connections with latency. So we want to improve performance by switching from tcp to udp at the sophos firewall…

hi, i have XG430 , created a firewall rule and selected with following web filtering checks: Block QUIC protocol Scan HTTP and Decrypted HTTPS Scan FTP for Malware Decrypt HTTP during web proxy filtering. SSL and TLS inspection is enabled when user…

Remote Access VPN IPSEC with Authentication type certificate does still lead to invalid connection .scx file on SFOS 19.5.0 GA-Build197, SFOS 19.5.1 MR-1-Build278 and SFOS 19.5.2 MR-2-Build624 if the "Organization name" in the Certificate does contain…

I have been using SG135 UTM for 5 years and I decided to upgrade to XGS136. Just like in the UTM, I want the web admin certificate to be valid. I have made a locally signed self-certificate, installed and trusted but I'm still having issues above. I have…

Using XG 19.5.0 GA. I can only download the ApplianceCertificate as a *PEM. file. I am certain it was letting me choose the other formats once before. Now the only file format it allows to download is default.pem and appliancecertificate.pem which cannot…

Hi all, We are receiving this security alert on Outlook 365, since ever we installed the Sophos XGS136 firewall. Please guide me to solve this issue. Thanks,

Continuing on the discussion below: community.sophos.com/.../507230 Is there an easy way to do this from front end? This has become a common occurrence now, with the latest incident involving Google's certs. The given workaround requires usage…

Hello, I regenerated the appliance certificate and I have had a problem where the certificate does not match the IP If I select check settings here I get the IP address does not match. Is there a way to fix this?

I've Just installed the home version of the firewall. I'm new to all of this so I need the guide. I have to say the Sophos website is quite hard to find things in! The email i received with the code has links to guides but every time i click on the…

I have sophos firewall connected in bridge mode. I have a synology server on my home network with adguard home on it. I'm learning everything slowly but I have a problem with the error NET::ERR_CERT_AUTHORITY_INVALID it is the main one when I enter the…

Hey guys, reaching out for some much-needed help. Have read similar posts but nothing makes sense to me in them. I have purchased a certificate as well as created a local active directory certificate server. (All Witchcraft to me) Have installed them…