We manage 241 firewalls via Central for our customers. We have management from the internet locked down. When performing a packet capture in the WebUI, there is a "Display Filter" button. If I want to filter on a specific rule, I have entered the Rule…

We have a sophos xgs with several ipsecn vpns site to site running. the Sophos XGS is responding to some VPNs that are without fixed public ipv4 adresses. One VPN incoming has no fixed static ip adress, but i need to enter that ip-adress at xgs to…

SFOS 19.5.1 I have wireless protection enabled in SFOS using a Sophos AP. I recently created an MAC host group with a whitelist of MAC addresses of devices that can connect to the wireless network. Recently an Android device that was previously authenticated…

Where can I find a description of the messages I find in the networkd.log? I'm looking for how to tell what might be going wrong with the wan dhcp request on my port2 on one of my XGS107's that is unable to renew an ip address. Can I disable the GuestAP…

I have used WinSCP with my XG firewall to read the logfiles because I'm not a linux propeller-head guru. Now I'm having an odd WAN dhcp problem on my new XGS firewall, when I go to the logs up pops a dialog box saying /logs/tslog is empty. What's up with…

Hello, We have received the alert notification "Reports disk Usage reached 90% exceeding the higher watermark of 90%". Kindly guide me before doing purge how I can download that data and then purge.

How does one enable logging (so one can see it in the Log Viewer in the management web interface) of IPS events. Every time I have a IPS problem, I get email notifications but the IPS Log Viewer tab is empty - how can i get it to populate? Regards…

I have a firewall rule (rule 20) which is a "log and drop" rule at the bottom of the IPv6 rules. But I'm seeing something very weird: some of the time it says "Denied" and some of the time it says "Allowed". There are no exceptions in the rule. Not only…

I have an XG125w (SFOS 18.5.2 MR-2-Build380). A while back, I had a website that needed a web exception for SSL/TLS decryption and scan. The domain needed did not appear in the SSL/TLS log viewer. I opened a ticket with support and they gave me some…

I am very disappointed in the error reporting functionality of the XG v18 firewall. Actually, the error reporting just isn't useful at all. Today I have a bounced message due to certificate issue on the recipient end. But the only way I know that is a…

Hi I have noticed weird logging and reporting behavior on the XG when transfering more than 4GB during one connection session. I tried to reboot the firewall, but no difference. You can see results of some of my tests below. Reports and policy counters…

Hi, I have tried opening a support ticket as well as searching on these forums but I cannot seem to get a straight answer. I'm using an XG450. With Covid making work from home mandatory for a lot of employees, management is now asking me to produce…

How can i see if and where a Host- or Group-Definition ist used in XG Konfiguration? With UTM every Entry had a Button for this. why is it not realized in actual Software Release

Hello, I have been testing the use of clietless access VPN with a customer and we found that there's not info on the reports for this VPN. We are using those bookmarks to give access through RDP to some servers. Alls the bookmarks works and the users…

I created and deleted some local users on XG. Logging for creation is OK - I can see who created a user and see the username of the new user. When deleting, the user name field is empty and the usernames that had been deleted are not logged. It just…

Hi; Is it possible to export the log viewer to the dhcp logs that appear in the Log Viewer. date - based. 2018-10-16 23: 08: 27SYSTEMmessageid = "60020" log_type = "Event" log_component = "DHCP Server" log_subtype = "System" status = "Renew" leased_ip…

I am unable to find the logs for the remote SSL vpn users on the reports dashboard. I am able to find only the username and internal ip the sophos xg has issued to the user. I cant see time, date of connection including what public ip address from where…

Hello, Does anyone know a a scriptable way to retrieve the system/event logs of the firewall? please let me know some automated method. thanks

Hi all, I trying integrate sophos XG with iView (SIVOS 03.01.2) , but nothing is sent to iView by XG ( SFOS 17.1.0 GA) . My configuation: iView: XG: what happened?

Wow....I have a much faster internet connection that I could possible imagine...and one that would have 99.9% of the worlds population in envy! Never even knew I had a connection that was 214TB :) Joking aside - is there anyway to be able to fix the…

I'd like to get a feel for what applications are being used on the network but it seems the Application log only shows what is blocked. Is there any way to monitor application usage without actually blocking them?

Hello, I am looking for a way to dump all of the admin logs. If I am in the GUI log viewer, the section titled 'Admin' is what I am looking for, but I want those logs going back further than the GUI provides. I have looked in the /log directory from…

Hi Guys, I am new to Sophos XG Firewall and currently i am working to integrate Sophos XG with OSSIM for security event monitoring (SIEM). I am able to forward all logs to the OSSIM but there is one more logs that i can not send to the SIEM, yes it…

Hey Guys I've enabled outbound spam filtering on my XG 115W firewall as I was ending up on email blacklists. I've also got an Exchange 2010 server running behind the firewall. I'm getting some weird outgoing email traffic in my XG firewall. In the…

I can't remove the logs even after flush/purge the reports. Why? it's possible to do it? By the way ATP logs are enable in the settings but don't appear in the logs even with I filter, do I have to enable the log in the LAN->WAN firewall rule? or…