• Troubleshoot and Skip Authentication in Direct Proxy Mode

    GabGoe
    GabGoe
    Hi! We are currently migrating our Sophos UTM to a Sophos XGS (SFOS 20) and have some issues with the direct proxy mode. We have to use this mode because we rely on per-connection authentication for multi-user hosts and content restrictions which…
    • 9 months ago
    • Sophos Firewall
    • Discussions
  • WAF Rules Allowing Unexpected Requests

    cm00001
    cm00001
    Hello, I am getting some unexpected and unwanted requests (trying to find exploits) that are handled by one of the WAF Rules: Here's the WAF Rule that is being it with this traffic: Here's how it looks in the Event Viewer: How can I change the…
    • Answered
    • 9 months ago
    • Sophos Firewall
    • Discussions
  • disneyplus.com - required settings?

    Christian Gossmann
    Christian Gossmann
    Hello! I´ve issues accessing disneyplus.com with web filtering enabled. The site is working, but when trying to register or login, nothing happens, except a spinning circle. However, allowing the specific client to access anything without web filtering…
    • 9 months ago
    • Sophos Firewall
    • Discussions
  • support.sophos.com is not showing in Web filter Logs

    midnightSun
    midnightSun
    Anyone else have this issue? community. sophos .com shows up in web filter logs BUT support.sophos.com and www.sophos.com don't. Why is SFOS hiding these logs? I thought it might be some exception but that doesn't seem to be the case.
    • Answered
    • 9 months ago
    • Sophos Firewall
    • Discussions
  • Sophos XGS WAF IPV6

    admin_idl
    admin_idl
    Hello, We have the problem that users who work from home and only have an IPV6 address cannot use the WAF rules and web server access. Can we allow "any IPV6"? "any IPV4" is allowed. What would be the best approach here? Thank You!
    • Answered
    • 9 months ago
    • Sophos Firewall
    • Discussions
  • Blocked peer to peer and torrents , but still can access pirate bay website

    Anesu Dangarembwa
    Anesu Dangarembwa
    Good day we have configured Web filtering to block peer to peer and torrents... but we still can access the Pirate bay website.. I have also added a category to block the urls , but we still can access the sites.. we tryed opening on private browser…
    • 9 months ago
    • Sophos Firewall
    • Discussions
  • Firewall ( SFOS 20 ) block url with 502 bad gateway

    Thomas Meier2
    Thomas Meier2
    Hi there, we want to open the url: https://procurement.cern.ch and get the error: 502 Bad Gateway. If I open the URL without our firewall ( at home...) the website will open ! So the problem is our Firewall with SFOS 20.0.0 GA Build 222. I also…
    • Answered
    • 9 months ago
    • Sophos Firewall
    • Discussions
  • Possible? Webfilter exception for specific filetype on certain website

    seroal
    seroal
    Hi there, is it possible to create an exception for a filetype that should be allowed on a specific website only? We have a webpolicy, that restricts filetypes based on file type category. We want to allow one of that types for a certain website.…
    • Answered
    • 9 months ago
    • Sophos Firewall
    • Discussions
  • Disconnect site when quota timed out

    OldMtnGoat
    OldMtnGoat
    XG SFVH (SFOS 20.0.0 GA-Build222) I have set up a web policy with quota for gaming. I would like it to disconnect user from site after time is used. The way it works now is the user can continue playing as long as they logged in before the quota time…
    • 9 months ago
    • Sophos Firewall
    • Discussions
  • How to Deny Direct IP access from browser ?

    Trio Fandi
    Trio Fandi
    Hi, I need advice how to Deny Direct IP access from browser. So, it only allow access by domain-name. How it done through Sophos Firewall configuration rule? I use Sophos XG 310, SFOS v20.0 Thanks
    • Answered
    • 9 months ago
    • Sophos Firewall
    • Discussions
  • Disable logging for specific content catgories

    itsamemarkus
    itsamemarkus
    Hi everyone, is it possible to disable logging for specific (url) categories? For example disable logging for Health & Medicines Financial services I'm new to sophos firewalls and as far as I know it's only possible to add one web policy to…
    • Answered
    • 9 months ago
    • Sophos Firewall
    • Discussions
  • XGS send EMail Quarantine Digest to all mailboxes

    TechnikBingo
    TechnikBingo
    Hello, I have set up an XGS136 SFOS 20.0.0 at an customer with an OnPrem Exchange 2016, of course set it up with MTA Mode / Reverse Proxy (Thanks for the 1MB Size Limit that is forbidden to edit...) and I am facing issues to set up Quarantine Digests…
    • Answered
    • 9 months ago
    • Sophos Firewall
    • Discussions
  • Quarantine Digest Problem (Sophos XG)

    astiadmin
    astiadmin
    Hallo Community, ich habe heute ein Problem mit dem Versand von Quarantine Digest E-Mails festgestellt bzw. eigentlich sogar zwei: 1) Ein User bekam heute einen Digest mit dem Hinweis auf eine Mail, die am 05.Oktober 2023 (!) kam und in der Quarantäne…
    • 9 months ago
    • Sophos Firewall
    • German Forum
  • IP allowlist for WAF

    Electronic Repair & Logistics IT department
    Electronic Repair & Logistics IT department
    Using Web Server Protection, I want a web server to only be reachable from some IP lists or IP host groups. How can I achieve this? In Access permission , Allowed client networks , it seems that I can only choose individual IP hosts of networks. Am…
    • Answered
    • 9 months ago
    • Sophos Firewall
    • Discussions
  • Block specific search terms in Google/Bing XG Home

    Kevin Roth
    Kevin Roth
    Hi all, I have recently purchased an XG 125 rev3 and installed Sophos home on it. I have been playing with the web filter and have found that it works very well for the most part. However, I have been unsuccessful in blocking specific search terms…
    • 9 months ago
    • Sophos Firewall
    • Discussions
  • Device authenticates instead of user

    Attila KEREKES
    Attila KEREKES
    Hi! We're using web category filtering with Active Directory groups. The proxy logs show that sometimes the user's devices are authenticating on proxy instead of user. The access rights are set to the users, not the devices. Because of this the proxy…
    • Answered
    • 9 months ago
    • Sophos Firewall
    • Discussions
  • Block traffic to WAF correctly

    AquaNerd
    AquaNerd
    I'm struggling to block access to the WAF, I am trying to block all but Cloudflare IP ranges from accessing the WAF however there is still traffic hitting the WAF from non cloudflare IP's. If you are a non cloudflare IP then you get a forbidden page instead…
    • 9 months ago
    • Sophos Firewall
    • Discussions
  • Port 80 and 443 open from external if using external IP address. Support says it goes to first rule that matches the port and ignores host name???

    AllanD
    AllanD
    We just had a PCI compliance scan and we failed because HTST wasn't enabled. Looking through everything HTST is enabled on all of our Web Server Protection rules including the default one. The PCI scanning company said the server replying is using apache…
    • Answered
    • 9 months ago
    • Sophos Firewall
    • Discussions
  • How to "drop" mails instead of "reject"

    Markus Quirmbach
    Markus Quirmbach
    Hi all! I hope this is just a small question and easy to answer. We have a XGS 2300 with SFOS v20 deployed and we use it as our snmp proxy. We get a lot of mails from "spameri @ tiscali.it" which are rightfully rejected. Now, I would like to set up…
    • 9 months ago
    • Sophos Firewall
    • Discussions
  • Configure Smarthost for Outgoing Mails (only for one domain)

    GernotMeyer
    GernotMeyer
    Hi all, I have multiple Domains mananged in my LAN. Sophos XGS3300 protects that mails. Now I want only one internal domain to use a smarthost for outgoing mail. All other domains should proceed directly via MX. How to manage that? Mail Policies…
    • 10 months ago
    • Sophos Firewall
    • Discussions
  • Cloudflare protected Websites disconnects when Sophos Firewall TLS Decryption is enabled

    Markus Heilgemeier
    Markus Heilgemeier
    Hello together, i have the issue that some Websites like https://www.mediamarkt.de , https://www.poco.de , https://moemax.de are disconnecting the TCP Stream when our Sophos Firewall is running TLS Decryption against them. Once the TLS Decryption…
    • 10 months ago
    • Sophos Firewall
    • Discussions
  • Exposed host and HTTPS Certificates

    pospo2435
    pospo2435
    Hi there, I have a single static public IP that I'm using for SSL VPN incoming connections and for exposing a host (PBX) along with the following services: 80, 443, 5060, 5061, and RTP range 9999-15000. The PBX manufacturer provides a DNS service…
    • 10 months ago
    • Sophos Firewall
    • Discussions
  • WAF Exceptions not applying

    Stuart James
    Stuart James
    I'm getting an error on a URL with WAF for Static URL Hardening. I've added an exception but still getting the same error. What am I missing?
    • 10 months ago
    • Sophos Firewall
    • Discussions
  • Mail and webserver issues under XGS136W

    LAHCEN DAOUDI
    LAHCEN DAOUDI
    Hi community Please i have this issue for our customers, we migrated from UTM9 under SG135 series to new series XGS136W before we start you can find current configuration. Appliance are connected to ISP Modem (Router) via port 2(WAN) Port 1…
    • 10 months ago
    • Sophos Firewall
    • Discussions
  • Sender address

    Stojan Cergol
    Stojan Cergol
    Hello, I am experiencing an issue with the Sophos XGS firewall on the latest firmware. The issue is with the Email application; specifically, incoming mail from the MailGun service is marked as b ounce+7bbc1d.e9c62-admin=acme.com . It happens that…
    • 10 months ago
    • Sophos Firewall
    • Discussions
  • View related content from anywhere
  • More
  • Cancel
<>