• priority is zone or network?

    Ahmad SyafiqAhmad Dzahari
    Ahmad SyafiqAhmad Dzahari
    Hi sophos team, I just want to confirm that if i create a rule is zone LAN to zone DMZ and network is (GF)10.10.0.0 to (SERVER)192.168.1.1/32 is that same with zone ANY to zone ANY and network is (GF)10.10.0.0 to (SERVER)192.168.1.1/32? the priority…
    • over 8 years ago
    • Sophos Firewall
    • Discussions
  • Business Application Rule didn´t work with WAN IP Alias

    BerndBauer
    BerndBauer
    Hi sophos community, a new day a new problem with my new xg 210 firewall with the latest mr2 firmware. I configured the wan interface with ip alias: I created the new business application rules with the non-http based policy template: …
    • over 8 years ago
    • Sophos Firewall
    • Discussions
  • Short Firewall Timeouts

    RustySchärli
    RustySchärli
    Hello Forum! i very like the sophos xg firewall im running it on a virtual hyper-v machine on my home domain-network. Everything works fine but one thing. I'am a Gamer and i play World of Warcraft (even though warlords of draenor sucks...) the problem…
    • over 8 years ago
    • Sophos Firewall
    • Discussions
  • Stacking Rules to achieve a goal? Need a little input.

    ScottBrown
    ScottBrown
    I have two groups of users, lets call them "common" and "power". I want "common" to have access to "Health and Medicine" , the "power" group to have access to "business appropriate" sites, I want a physical machine to have "unlimited access. To this end…
    • Answered
    • over 8 years ago
    • Sophos Firewall
    • Discussions
  • Remote Web Workplace policy? XG125

    MikeO'Connell
    MikeO'Connell
    when I navigate to remote.xxxxx.com out of the office, i get redirected to the sophos login page. I should be getting a sbs2011 remote web workplace login. any ideas.. The VPN has the same address and that is working, I have all of the same ports opened…
    • over 8 years ago
    • Sophos Firewall
    • Discussions
  • Cannot block multiple IPs (IP groups)

    oxident
    oxident
    Hi! It seems that I cannot block (drop or reject) traffic from specific IP addresses. I've set up the following policy on the very top of the list: Source: WAN Networks: (two IP-Lists: one with some countries and one with a some specific IPs which…
    • Answered
    • over 8 years ago
    • Sophos Firewall
    • Discussions
  • What is Proxied, Via: HTTP/1.1 sophos.http.proxy:3128

    MikeSampson
    MikeSampson
    I am troubleshooting the streaming issue with HTTP malware scanning enabled and noticed this which I do not see in UTM 9. Still need to keep HTTP malware checks off when using XG. Testing before I switch from UTM 9 to XG. On UTM 9 I do not see the proxy…
    • over 8 years ago
    • Sophos Firewall
    • Discussions
  • Add a URL exception

    TronyTigno
    TronyTigno
    Hello. I am trying to add a URL exception that is normally blocked by a web category. It's just a single domain so I just need an exception. I've done the following steps: Objects > Content > URL Group Create a group and add the URL(s) Protection…
    • Answered
    • over 8 years ago
    • Sophos Firewall
    • Discussions
  • Drop rule not shown in logging, always shown rule ID0 local acl

    mjoschi
    mjoschi
    Hello, I created an any any drop rule with logging and placed it at the bottom. Checking the Security Logs it shows always Rule ID0 with local accl dropping the unwanted traffic instead of showing rule id 10 (my deny rule). Anyone having the same issue…
    • over 8 years ago
    • Sophos Firewall
    • Discussions
  • How to setup (network) policies

    timoline
    timoline
    Hello, I'm trying to setup some policies: Currently i'm trying to setup it like this way: 1 Policy A - Lan-> Wan - block web category filter A 2 Policy B - Lan-> Wan - block web category filter B 3 default network policy - Lan ->Wan - Default open…
    • Answered
    • over 8 years ago
    • Sophos Firewall
    • Discussions
  • Problem with port forward rules interfering with LAN->WAN masquerading

    JonathanTrott
    JonathanTrott
    If I create a Business Application Rule for ports 80 and 443 to an internal web server, and I have that policy rule above the generic Lan->Wan allow all rule then the outgoing web traffic from the web server is not masqueraded. All other machines on the…
    • over 8 years ago
    • Sophos Firewall
    • Discussions
  • Application Rule

    feroz syed
    feroz syed
    hello again,, I have Fw policy rule where "IP ADDRESS" category was restricted, because many VPN Applications like Hotspot shield, Super vpn using this category to connect their server. now the problem is social network applications like Twitter also…
    • over 8 years ago
    • Sophos Firewall
    • Discussions
  • Outgoing/Incoming traffic from Different LAN Subnet

    ChrisBacker
    ChrisBacker
    I have setup a different LAN subnet (192.168.2.0/24) for a guest wireless network and it connects back to my XG 230 on Port 3. So I have two wireless networks, one for just laptops, a private network (10.1.1.0/24) and one guest network. If i connect to…
    • over 8 years ago
    • Sophos Firewall
    • Discussions
  • http-based policy gives "You must enter a valid domain name" when entering wildcard domain

    JeroenAartse
    JeroenAartse
    I want to add an http-based policy for a wildcard domain. But when I add *.domain.com, I get the message "You must enter a valid domain name.". According to the manual this sould work (page 34-35 on www.sophos.com/.../Sophos-XG-Firewall-Administrator…
    • over 9 years ago
    • Sophos Firewall
    • Discussions
  • How to Disable Virus Scans and Content Filtering for Streaming URLs Like Hulu, Netflix Just for the Devices Like Roku, Apple TV, FireTV

    TalaRyu
    TalaRyu
    Changed form UTM 9 to XG firewall and have to get used to the menu system and layout. I am trying to get Hulu to steam to my Roku. But when the Roku calls for the stream it starts to load and drops out. The Web filter log viewer shows it is allowed. On…
    • Answered
    • over 9 years ago
    • Sophos Firewall
    • Discussions
  • Need help getting HTTP based policy to work

    JohnFox
    JohnFox
    Has anyone been able to set up an HTTP/S server using the HTTP based policy? I tried to do so, and was unable to get it to work. I have since created two non-HTTP based policies (one for port 80 and one for port 443) and now my server is reachable but…
    • over 9 years ago
    • Sophos Firewall
    • Discussions
  • WAN to LAN Inbound NAT - How To?

    Enigy
    Enigy
    I just recently installed the Sophos XG platform, coming from a UTM 9 firewall. Question is, how do I create an inbound NAT to forward HTTPS (tcp 443) to an internal web server? I've played around with the policy settings and cannot seem to figure out…
    • Answered
    • over 9 years ago
    • Sophos Firewall
    • Discussions
  • View related content from anywhere
  • More
  • Cancel
<