• XGS4300 Web filter cloudflare-ech Problem.

    MustafaTASCI
    MustafaTASCI
    Hello; There is a situation I just noticed on the XGS4300 fully licensed firewall. In URL category lookup, the URL appears in the adult category. However, users can access this adult site even though all adult categories are blocked in the web filter…
    • 1 day ago
    • Sophos Firewall
    • Discussions
  • Sophos is unable to forward mails to internal servers - need some tries

    GernotMeyer
    GernotMeyer
    I have a Sophos SFOS V21. different internal servers (Ubuntu postfix and MS Exchange). Since a couple of days mails are no more forwarded directly to the internal servers. Stuck in mail queue with "static smtp defer (-53)" or (100). Server timed out DT…
    • 4 days ago
    • Sophos Firewall
    • Discussions
  • Mail protection: Migrate quarantined e-mails from old firewall to new one

    Blubb
    Blubb
    I'm migrating from XGS 136 to a new XGS 138. I saved the configuration of the old XGS and restored it to the new one. I am using the email protection feature. When I switch to the new firewall there are no spooled and no quarantined mails because they…
    • 9 days ago
    • Sophos Firewall
    • Discussions
  • restricting file types

    Moeed Aziz
    Moeed Aziz
    Hi, I am trying to restrict the video file types from being downloaded but its not working. I have not applied the Sophos certificate in my domain, but i did apply the certificate to this specific computer that i am testing on. Can i not apply the…
    • 8 days ago
    • Sophos Firewall
    • Discussions
  • Sophos WAF strange characters accessing Home Assistant

    pa300
    pa300
    Got strange characters in Sophos XG WAF v21. It's like Sophos cannot encode some characters. Using LE certificate. It works fine if I access home assistant locally. Output How to troubleshoot this?
    • 12 days ago
    • Sophos Firewall
    • Discussions
  • Firewall Email Protection Logs Empty

    Trio Fandi
    Trio Fandi
    Hi, I just installed a Mailcow mail server, add Firewall rule to allow SMTP services and DNAT + SNAT to our mail server. It's works both inbound and outbound email delivery. Now I try to configure Email Protection in MTA mode, following this guidance…
    • Answered
    • 13 days ago
    • Sophos Firewall
    • Discussions
  • PDF gefiltert obwohl in white list markiert

    T-W
    T-W
    Hallo, wir haben unsere XGSnoch relativ neu und nach einigen Monaten ist es soweit, dass sie meist das tut, was wir von ihr wollen. Jetzt aber folgendes: Ab und zu werden pdf Dateien vom MIME gefiltert. In anderen Fällen kommen diese aber wie gewünscht…
    • 15 days ago
    • Sophos Firewall
    • German Forum
  • unable to access http website in win 11 only

    Ravin
    Ravin
    Hi Team, Issue: A Windows 11 PC (PC1) is unable to access a specific HTTP website through the office network. However, the same website is accessible via a mobile hotspot. In contrast, a Windows 10 PC (PC2) can access the website without issues on the…
    • 16 days ago
    • Sophos Firewall
    • Discussions
  • Google Chrome games

    Christian Garcia N
    Christian Garcia N
    Good morning. I'm trying to block google chrome games, that is, when they enter chrome they type "solitaire" and it lets them play directly from the browser. I am trying with web blocking and application filtering but it still does not block the use of…
    • 18 days ago
    • Sophos Firewall
    • Discussions
  • No way to allow web proxy access from the WAN interface?

    dirkkotte
    dirkkotte
    Is it correct, that it is not possible to access the web proxy via the WAN interface, even if there is a suitable ‘Local service ACL exception rule’ ... or does anyone have a solution for this? I always get: ‘Appliance Access - Denied’ Background: in…
    • Answered
    • 19 days ago
    • Sophos Firewall
    • Discussions
  • Sophos Firewll doesn't af DKIM information to outgoing messages

    Michael Forum
    Michael Forum
    Trying to use DKIM on Sophos Firewall, XGS107 (SFOS 21.0.0 GA-Build169) and I'm stuck. I've been through some of the documents posted here, trying to apply some of the suggested solutions. Anny suggestions would br greatly appreciated. The firewall…
    • 23 days ago
    • Sophos Firewall
    • Discussions
  • Sophos Firewall Blocking Page

    Kramnai
    Kramnai
    Hi! I am currently exploring Sophos based on my prior experience with it back in 2014. I am gradually migrating from my MikroTik setup to a Sophos Home Firewall, primarily due to its advanced security features. I have set up Sophos Home Firewall on…
    • Answered
    • 25 days ago
    • Sophos Firewall
    • Discussions
  • Define exception for email protection in MTA mode with *.outbound.protection.outlook.com

    PhilippRusch
    PhilippRusch
    Hello, We are using onbox email protection with our SFOS 20.0.2, XG-System. I defined an FQDN-Host object as having the FQDN-wilcard *.outbound.protection.outlook.com. This object is listed correctly under the tab "FQDN-Host" at the "Hosts and Services…
    • Answered
    • 25 days ago
    • Sophos Firewall
    • Discussions
  • V21 send through smarthost on port 587

    Bart van der Horst
    Bart van der Horst
    Hi, I've got to send mails through a smarthost in the MTA on port 587 with tls, but MTA is only doing plaintext. It was working on v20 in v21 not.
    • 26 days ago
    • Sophos Firewall
    • Discussions
  • Web filter log inconsistency

    Ilkka Ruuskanen
    Ilkka Ruuskanen
    Hi. I have a default firewall policy configured like this and web filtering is not configured to any other firewall rule. I do not use HTTPS decryption. Web filter works and I get a block message for denied HTTP sites and certificate error for…
    • Answered
    • 27 days ago
    • Sophos Firewall
    • Discussions
  • Quarantine Digest stucks

    Dennis Kirschner
    Dennis Kirschner
    Hello, on our Sophos XGS 126 with SFOS 20.0.2 MR-2-Build378 we have the problem that all quarantine digests get stuck in the mail queue. All other mails are delivered without any problems. In SMTP logs I can find: R=router_for_notifications…
    • Answered
    • 1 month ago
    • Sophos Firewall
    • Discussions
  • URL WEB categories

    Edward Raja
    Edward Raja
    When I import the url files in existing url categories, we're facing the below issue.
    • 1 month ago
    • Sophos Firewall
    • Discussions
  • Using the firewall as a web proxy.

    Jason Black
    Jason Black
    I want to configure my Sophos Firewall so that only Firefox can access the internet from a PC, and all traffic must go through the Sophos explicit web proxy (configured on port 3128). Direct HTTP/HTTPS traffic from the PC should be blocked entirely. …
    • Answered
    • 1 month ago
    • Sophos Firewall
    • Discussions
  • Update certificates via API

    l0rdraiden
    l0rdraiden
    I have my certificates in a folder and I'm looking for a script that will update them when there is a change so that waf will continue working without manual intervention. I have very little experience scripting, I can read and understand more or less…
    • 1 month ago
    • Sophos Firewall
    • Discussions
  • WAF - VServer config problem

    Shadow82
    Shadow82
    Hi! Recently I want to configure a VIP with SSL termination on my Sophos Firewall 20 running as a VM. I have the SSL cert imported (+CA - there was no Let's encrypt E5 CA so I added it). I want to start from something really simple - Outside LAN to…
    • Answered
    • 1 month ago
    • Sophos Firewall
    • Discussions
  • Email Protection auto generated MTA Firewall Rule

    jtaylor
    jtaylor
    Hi, I can't seem to find a clear answer as to why the auto generated MTA firewall rule is needed. As I understand it, in MTA mode emails are being 'handled' by the firewall rather than just traffic passing through it, so access should be controlled by…
    • Answered
    • 1 month ago
    • Sophos Firewall
    • Discussions
  • XG MTA to Office 365 Connector “Empty Certificate”

    AndersK
    AndersK
    I’m trying to move Office 365 connector authentication from IP-address to certificate. A Let’s Encrypt certificate has been created (on SFOS 21) and added to the SMTP TLS configuration under the Email > General tab. When changing the Office 365 connector…
    • 1 month ago
    • Sophos Firewall
    • Discussions
  • publish Exchange 2013 on XG

    CreateShare
    CreateShare
    Hi, We purchased WAF License to publish Exchange OWA, HTTPS. What is the proper way to publish on-premise Exchange 2013 on XG Firewall? Thanks.
    • 1 month ago
    • Sophos Firewall
    • Discussions
  • Sophos MTA DKIM Verifizierung

    Patrick81
    Patrick81
    Schönen guten Morgen an euch alle! Ich kämpfe zur zeit bei dem ein oder anderen Kunden mit folgendem Thema. Es laden Mails in der Mail-Quarantäne, die laut Mail Protokoll abgelehnt wurde mit dem Grund DKIM Verifizierung fehl geschlagen. Wenn ich mir…
    • 1 month ago
    • Sophos Firewall
    • German Forum
  • WAF rule - service already configured

    Stuart James
    Stuart James
    Trying to create a WAF rule and it's thowing an error " Service is already configured on the specified port, choose another port" I've checked all firewall rules, NAT rules, admin/user settings, SSLVPN and can't find this port being used anywhere. …
    • Answered
    • 1 month ago
    • Sophos Firewall
    • Discussions
  • View related content from anywhere
  • More
  • Cancel
>