Trying to use DKIM on Sophos Firewall, XGS107 (SFOS 21.0.0 GA-Build169) and I'm stuck. I've been through some of the documents posted here, trying to apply some of the suggested solutions. Anny suggestions would br greatly appreciated. The firewall…

Hi! I am currently exploring Sophos based on my prior experience with it back in 2014. I am gradually migrating from my MikroTik setup to a Sophos Home Firewall, primarily due to its advanced security features. I have set up Sophos Home Firewall on…

Hello, We are using onbox email protection with our SFOS 20.0.2, XG-System. I defined an FQDN-Host object as having the FQDN-wilcard *.outbound.protection.outlook.com. This object is listed correctly under the tab "FQDN-Host" at the "Hosts and Services…

Hi, I've got to send mails through a smarthost in the MTA on port 587 with tls, but MTA is only doing plaintext. It was working on v20 in v21 not.

Hi. I have a default firewall policy configured like this and web filtering is not configured to any other firewall rule. I do not use HTTPS decryption. Web filter works and I get a block message for denied HTTP sites and certificate error for…

Hello, on our Sophos XGS 126 with SFOS 20.0.2 MR-2-Build378 we have the problem that all quarantine digests get stuck in the mail queue. All other mails are delivered without any problems. In SMTP logs I can find: R=router_for_notifications…

When I import the url files in existing url categories, we're facing the below issue.

I want to configure my Sophos Firewall so that only Firefox can access the internet from a PC, and all traffic must go through the Sophos explicit web proxy (configured on port 3128). Direct HTTP/HTTPS traffic from the PC should be blocked entirely. …

I have my certificates in a folder and I'm looking for a script that will update them when there is a change so that waf will continue working without manual intervention. I have very little experience scripting, I can read and understand more or less…

Hi! Recently I want to configure a VIP with SSL termination on my Sophos Firewall 20 running as a VM. I have the SSL cert imported (+CA - there was no Let's encrypt E5 CA so I added it). I want to start from something really simple - Outside LAN to…

Hi, I can't seem to find a clear answer as to why the auto generated MTA firewall rule is needed. As I understand it, in MTA mode emails are being 'handled' by the firewall rather than just traffic passing through it, so access should be controlled by…

I’m trying to move Office 365 connector authentication from IP-address to certificate. A Let’s Encrypt certificate has been created (on SFOS 21) and added to the SMTP TLS configuration under the Email > General tab. When changing the Office 365 connector…

Hi, We purchased WAF License to publish Exchange OWA, HTTPS. What is the proper way to publish on-premise Exchange 2013 on XG Firewall? Thanks.

Schönen guten Morgen an euch alle! Ich kämpfe zur zeit bei dem ein oder anderen Kunden mit folgendem Thema. Es laden Mails in der Mail-Quarantäne, die laut Mail Protokoll abgelehnt wurde mit dem Grund DKIM Verifizierung fehl geschlagen. Wenn ich mir…

Trying to create a WAF rule and it's thowing an error " Service is already configured on the specified port, choose another port" I've checked all firewall rules, NAT rules, admin/user settings, SSLVPN and can't find this port being used anywhere. …

We're discovering a strange issue with HTTPS decryption and ChatGPT in all browsers we use. ChatGPT is unusable when we're logged in with the ChatGPT-licensed Microsoft Account. Any chat request generates this or similar errors: On the of SFOS 20…

Hello. I am starting to get acquainted with Sophos Firewall sf01v (sfos 21.0.0 ga-build169). I have configured blocking of sites (for testing I have prohibited access to facebook.com). Tell me how to configure an exception for access to facebook for certain…

Hello, I am converting our customers from primitive FWs to Sophos XGS's and testing TLS decryption. Would anyone be so kind to walk me through what is happening in specific case below: Setup: TLS enabled, any of default profiles, Sophos CA as trusted…

Hallo, Ich möchte in meiner Sophos XGS136 für gewisse Clients eine Art Whitelist erstellen, dass nur aufgeführte Seiten und Cloud-Anwendungen benutzt werden können. Hierzu kann ich ja eine Regel erstellen, die die bestimmten Clients als Quelle beinhaltet…

We are experiencing an ongoing connectivity issue with the Microsoft Teams App when conducting online meetings in our organization. Whenever a meeting is scheduled and participants are invited, only the initially invited users can communicate effectively…

Hello community, we wanted to add rdp files to the list of blocked e-mail attachements. Under blocked filetypes we added "rdp" but such attachements are not blocked. Other filetypes like f.e. "xls" are blocked correctly. Do we have to add the rdp…

Hallo zusammen, nachdem ich das Problem mit den Zertifkiaten in folgendem Thread gelöst habe, Sophos XG Lets Encrypt Zertifikat stehe ich jetzt vor dem Problem die WAF ein zu richten. Hier mal die Konfig wie es bei mir im Netz aussieht: Router…

I need to block thumbnail for websites can we do it with Sophos Firewall

Hello Good Day, I m using Sophos XGS 136 and web policy roles are working well but after a while when I search for sex images they appear but do not open the website. So please how to not appear in searching engine.

Hello everyone!! I have a problem accessing a certain GitHub URL. For example, when I try to update Pi-hole the address objects.githubusercontent.com cannot be resolved: At first, I thought it was an issue with Pi-hole itself or with openDNS…