Apologies I know it's been mentioned before, but I'm in the process of moving from pfsense + to XG Home. Got a variety of loose ends to sort out and DNS over TLS is one of them. Is this forthcoming within the v21 release cycle? I'm sorting Wireguard…

I’m in the process of getting Sophos XG Home as an alternative to pfsense. I’m 90% there, but is there a way to do DNS Rebinding, particularly for plex? i don’t want to open ports as I accessed everything via a VPN with pfsense and it worked perfectly…

Hey Guys, I am using the Sophos XG as DHCP server which provides two DNS servers. One is a Pihole and the other one is the SophosXG itself. So normally the devices should resolve internal and external domains via Pihole, but when it is not available…

Hi folks, a question about XG ability to decode DNS over HTTPS and TLS, can the current version of XG decode DNS requests sent to it using HTTPS or than TLS? Ian

From my Android phone using openvpn and the ovpn config from my Sophos box, I can connect to my network. I can get to my servers from using their IP, but I cannot get hostnames to resolve. In System > Administration I have DNS turned on for VPN 10…

Hi all, we moved from LANcom to Sophos XGS SFOS 20.0.2. Fine so far. We migrated last night. Now it comes more and more, that some webclients are unable reach some URLs. Every clients are able to resolve every DNS name. But when putting that DNS…

Hey Folks, while deploying one XGS after another we noticed that Client-IPs in reports e.g. aren't resolved into DNS Names like on our SG/UTM Models. We created a DNS request route: 168.192.in-addr.arpa and domain.local pointing to the internal Windows…

I am working on migrating functionality from UTM to SFOS on XGS3300 hardware. This organization subscribes to this DNS filtering service: https://www.cisecurity.org/ms-isac/services/mdbr In the UTM, it was easy to bottleneck DNS queries so they are…

hello, Can I have a detailed procedure to configure my sophos xg106 as a dns server ? Thanks

Hi experts, I have an external web site hosted in the AWS, and the DNS domain name is registered in my local DNS server (Windows 2019 with AD and DNS). I have configurated the DNS options in Sophos XGS as shown below. The website does open for internal…

Referencing this previous post: Webpages SLOW to load That post is over 7 years old and locked, so I am posting here. I recently started having this same issue...Web pages take 30+ seconds to load for all users on network A number of coincidental…

Hello, I'm not an expert (for the moment) on Sophos. For a customer that has an XG Firewall, he asked to configure a SSL VPN connection. As I already done this some years ago on a privous Sophos Router, it should be possible ;-) But the LAN/WAN…

Hi, I've deployed doznes of SSL VPN clients, having DNS set to on-premises AD LAN DNS server 10.1.1.10 in General SSL VPN settings for all clients. Now when client with laptop connects to SSL VPN, I can see his/her default DNS resolving goes through…

Hi there, After the firmware update to SFOS 20.0.1 MR-1-Build342, we have rolled out the Sophos Connect Client v2.3.1. It turns out that DNS resolution does not work with IPsec. It looks like the wrong DNS servers are being entered here (ipv6). With SSL…

I've got a Site connected with RED60 The RED itself uses a single IP Subnet /31 IP Address and has 4 VLAN with /26 Subnets attached. In the Mgmt VLAN are Sophos APX Accesspoints connecting to Central. That setup was running up and fine for years…

Hi I have XGS4300 (SFOS 19.5.4 MR-4-Build71),DNS change Automatically in Sophos Firewall it can possible or not can you please guide how to resolve this issue.

Hello, We have an application that requires reverse DNS lookup. When users are on SSL VPN they are getting a new IP address via dhcp on the firewall frequently and the Ip Address does not get a PTR record created in the reverse lookup. I've seen…

Recently, I had a problem with a client and their VPN. I noticed that when connecting to the VPN using Sophos Connect, all the DNS requests I make are resolved by the XG. In other words, when I run an nslookup google.com while connected to the VPN, the…

I am using Sophos Firewall SFOS 20.0.0 GA-Build222. How do I setup DNS over TLS (with Cloudflare)? I can't find any instructions on the Sophos help pages.

Hello, regarding to this post: LLMNR disabled - DNS resolution no longer works over VPN when will version 2.3 of sophos connect be published? kind regards

I have some services running on a local server behind a reverse proxy and those services are protected from access outside IP subnets not specified in the reverse proxy settings. In my local router, I have the addresses for all these services listed…

On my phone connected via OVPN I can access local network resources by IP but name resolution won't work. VPN: SSL VPN (remote access) I have Policy Members setup Use as default gateway is on Permitted network sources IPv4 is set to my local LAN VPN…

Hi All... Customer has XG135 (SFOS 19.5.3 MR-3-Build652), Sophos is the main DHCP server for the network, for the last few months we have been battling with a strange issue. Sophos LAN IP is 172.16.0.10 Internal Microsoft DNS server 172.16.0.1.…

Good evening everyone, a customer of mine has currently patched an XGS firewall (SFOS 20.0.0 GA-Build222). The customer had a vulnerability scan with a result of 1 Medium CVSS. Namely: DNS Server Recursive Query Cache Poisoning Weakness www.tenable…

Hi, when using SSLVPN in split-tunnel mode, DNS resolution to internal resources is not possible. A ping returns "Host not found". When I perform a nslookup, the XGS is contacted and resolves successfully. I've also tried several VPN clients, including…