Hi there,
I have a single static public IP that I'm using for SSL VPN incoming connections and for exposing a host (PBX) along with the following services: 80, 443, 5060, 5061, and RTP range 9999-15000.
The PBX manufacturer provides a DNS service…
Hi,
Our certificate for the site expires today and we've tried uploading a new one and it's imported but it's listed as untrusted.
It's an Alpha SSL certificate and our service provider gave us the .csr and .key file. We copied the contents of the…
On Sophos Firewall, if I update and regenerate the default CA, what are the implications? I have a firewall that is setup, the default CA hasn't been customised so far.
I need to setup a S2S IPsec VPN with certificates and wanted to customise this before…
While troubleshooting a SSL VPN connection I tried different certificates, which I successfully added as "trusted" in the Certifcates section of the WebUI.
When I download the ovpn-config file from the VPN portal I found that every time I try a new…
Hi,
One thung bothers me regarding SSL certificates. I will have some 30 SSL VPN users on XGS , and I intend to install commercial SSL certificate. But it only has 1 year validity.
Does it mean I will need to push .OVPN config to end users every year…
Dear All,
I am facing with a Problem in sophos xg web server Protection, I have created all needed ruls and upload the ssl certificat to xg but in web application rule under the Host server when I select the HTTPS in the dropdaown menu I dont see me…
I have a dedicated VLAN in our network and a dedicated AD username for guest users. I am not using Sophos wireless network, I use another brand wireless network.
I am using SFOS 19.5.3
Every time my guest users browse the internet after logging into…
Hey everybody,
as we could not find any working solution in the discussion forum that does the Lets encrypt Process on the Sophos itself, we setup a process to run the whole thing on the sophos firewall it self.
Our blog post https://blog.helsinki…
Hi,
We have a XGS2300 (SFOS 19.5.3 MR-3-Build652 with an SSL Remote Access VPN with OpenVPN clients.
Not sure if this was a Sophos or OpenVPN issue but I had to start somewhere.
I had a user call last last night with a Peer Certificate Verification…
Hi folks,
a question about decrypt and scan that has me puzzled for sometime.
The users have the XG certificate installed and functioning correctly except for Apple sites.
I have web policies blocking advertisements and use the XG proxy, this functions…
Hi Team,
I uploaded a new PositiveSSL Cert (mail.company.com) for our Exchange On-premise email and I am getting an error "Certificate Authority: Invalid or Not Installed"
We have a wildcard certificate (*.company.com) and it was recently renewed…
Hi,
What am I doing wrong?
I have been administrating a new XGS 136 firewall and for some reason accessing the admin console on the LAN side has always reported the https certificate as not valid despite the fact the ApplianceCertificate is trusted…
Hello everyone, Recently i noticed a bunch of tickets regarding the following.
i want to go on facebook, but facebook is blocked.
instead of the blocked page i get Error code: SEC_ERROR_UNKNOWN_ISSUER(firefox) or NET::ERR_CERT_AUTHORITY_INVALID…
buenas tardes quiero subir mi certificado ssl generado por godaddy.com y me pide una frase compartida.
la cual no tengo idea donde se pone.
me podrían ayudar.
gracias
adjunto imagen
Disclaimer : This information is provided as-is for the benefit of the Community. Please contact Sophos Professional Services if you require assistance with your specific environment.
Table of Contents
Overview
Update
My Setup
Certbot…
Hello. We have a client using Sophos Firewall installed in a VM. ( Firmware 17.5.12) They are have expired SSL CA Certificate and when they applied new SSL CA Certificate, it shows error and VPN users unable to connect. So, now they are using expired…
Having issue registering firewall, guides show to clear certs, but im getting a notice saying the touch is not a valid command.
Clear certs post Sophos Firewall: Purging expired certs from Sophos Firewall
Rest certs post Registration loop
thanks…
Our WMS is sending notification emails but they are bouncing on the firewall but there no logs on the firewall
The vendor for the WMS system sent us the logs from their side and the certificate being displayed is saying Cyberoam and we are using sophos…
Hi.
I am facing an issue with the Web Application Firewall.
I have several WAF rules configured, some using SSL and other are not. They point to a central web server. The domain name is used to differentiate each web app and that is forwarded on to…
We use a Sophos XGS87 (SFOS 19.5.3 MR-3-Build652) and we want to use POP3 Scanning in legacy mode.
In document ( https://doc.sophos.com/nsg/sophos-firewall/18.5/help/en-us/webhelp/onlinehelp/AdministratorHelp/Email/HowToArticles/EmailConfigurePOPIMAPScan…
Hallo all,
I am currently looking for a lean solution to build a rule per firewall that only applies to authenticated users. I have connected the firewall to the AD and installed the "Client Authentification Agent" on the (Windows) client. The user…
Good Day, I am trying to download our Self-Signed Certificate from the Firewall to deploy to all users to prevent users from seeing a certificate error when signing on to the Sophos Connect SSL VPN.
There is no download button on the firewall what…
I have import both Certificate and Root CA in Certificate Authorities Menu.
But Certificate status Not Trusted persist.
I saw a weird description in subject of certificate appears in Sophos. There is a different description between Certificate Menu…
Good afternoon,
When we accessed Sophos through the browser, we got an insecure certificate alert.
We imported a new certificate into Sophos (the same used on our website), but the following message appears in the certificates menu: Certificate…
Hi Sophos Community,
We've had it reported to us by those that use the monitoring software that https decryption has stopped working. We aren't exactly sure when it stopped working, but it appeared to have done some time after moving to 19.5. Though…