Hi everyone, i have a change request that some domain names should not be resolved from an internal DNS server but all others should. This setup is necessary so that one application can work (Skype for Business). Say we have a partner contract with…

Hi, We have one Sophos instance which works great, It's configured to communicate to 2 different subnets (LAN and DMZ) but we are now adding a second LAN and a second DMZ on a different AWS Availability Zone. Is it possible to add a route to these…

Sophos UTM, SG v9.7 Does Sophos support "reverse proxy" / WAF content caching ?

Hi, i have a utm9 with 9.705-3 firmware. i need to drop and regenerate all otp tokens, to re-enroll a lot of users. how can i drop all of them? currently nobody are using this feature, because a bug in previous software release causes the generation…

Hi community. Sophos SG 125 HA Cluster [Master/Slave] After Updating to the latest Firmware we cannot login to Webadmin because after successful Login it stops working while showing "Please wait, logging in" banner. I tried several things without…

Hi All, Sophos UTM / Sophos XG – GeoIP classification database changed to GeoLite2. Customers who faced wrong IP classifications in the past might notice new classification due to the use of another database. More information regarding the same available…

Our Daily Executive Report frequently mentions a certain User/Host in Top 10 Servers section by URL and IP address. Its using relatively a lot of traffic, the IP address resolves to some Swiss, cloud based hosting company. I check the most obvious…

Right now the users can simultaneously access their local network as well as the vpn network. Could someone help me to configure ssl-vpn in such a way that when a user is connected to vpn network the local network must be disabled and all the traffic…

Hi all, I'd appreciate some help on this matter, basically we have purchased an extra range of IP addresses from our ISP which we want to apply to different webservers. Now the way I thought this was done on the UTM and the way that others have detailed…

Hi, we had a planned power failure 2 weeks ago, and since then four of 13 wireless AP´s AP55 are inactive. We got some other AP55´s with no problems. The AP´s itself were not affected by the power failure. They can be pinged in the network. A restart…

I have a strange connecting issue with a Windows 10 machine. The serves is on 9.510-5 and has an intel I350 adapter, the PC Win10Pro 1803, it has an intel I218-V nic. I use L2TP over IPsec with a preshared key. If I boot up the PC and try to connect…

I have had and recently had an issue where after I changed the password on WebAdmin for UTM, I would not be able to ssh in but the passwords would work in console. I recently had the same issue and I simply upgraded the UTM from 9.509 to 9.510 and resolved…

Running 9.509-3 on SG330 I re-opened a tab in Chrome (latest as of today) and I was still logged in as one of my user that I helped troubleshooting last week. I don't think the session times out, I didn't have to login as all. I think that's…

Hello, We've just added a secondary WAN which is much faster then the first one and i was wondering if there's any way to force SSL VPN users go through it when accessing our internal network? Cheers, Zak.

I'm trying to set up rules to limit download speeds for Windows Updates. In theory, this should be easy: set up a Traffic Selector rule for Windows Update from Any to Any and use that, right? Except... it seems Sophos UTM doesn't recognize Windows Update…

Hi all am using UTM9 i cant find packet logging, if its not the same name what is the name for logging per IP thanks

Hi team, I am new to Sophos hardware and chasing my tail on a solution to slowness on our internet link. Model SG230 FW 9.509-3 PV 146428 RAM 8GB I've noted Http proxy not running - restarted alerts and followed some other forum posts to try and identify…

Hi folks, I have 4 VPCs in AWS I need to forward my all outbound traffic through sophos UTM which available in AWS marketplace. So, Can I launch one sophos UTM in any of the VPC, and connect other VPCS with this sophos? Requirement: All…

Sometimes our ISP is causing us grief and there are connectivity problems. I have set up UTM to check connectivity by pinging global DNSes (like 1.1.1.1 or 8.8.8.8); the UTM also sends out emails whenever connectivity fails. Unfortunately, these emails…

Every once in a while I get a hit in Advanced Threat Protection for C2/Zbot-A. Those are single hits, with pretty benign destinations (usually targetting one of the DNS servers used by our infrastructure). The first time it happened I scanned the specific…

So here is our current setup. Since we upgraded to 9.5.09-3 we have been having delays with DNS. In the Firewall logs I can see the DNS requests going out but the DNS in Windows sometimes comes back without results. I am testing right from the GDC server…

Our Sophos has been detected to have a security issue. Please see the listed threats provided by the Security Compliance Team. They have advised that OpenSSH 7.4 has been released to fix these. Is it possible to have the said OpenSSH Version? Threat1…

Hello! Approximately one week after upgrading the PostgreSQL database to 64 Bit, we had a problem with Node2-passive (active/passive configuration) in HA. Node2 coredumped continuously, filling up the Hard Disk with the fast-growing kernel-log (50+…

I have an SG310 and an AP55 Access Point. I have a switch with 3 VLANS: - VLAN 1 is the default / LAN - VLAN 150 is called Management - VLAN 30 is WiFi If I plug my AP55 Access Point into a switch port that is untagged on VLAN 1, the AP55 gets an…