Hi, I have recently tried to upgrade one of our Sophos XG430 to 19.5 from SFOS 19.0.1 MR-1-Build365 but had to immediately roll it back due to issues. The issues were that we could no longer browse to other network devices via DNS name, we have to…

HOla! tengo un problema y a ver si alguien le ha pasado lo mismo y como puedo solucionarlo. Tengo un DC con DNS "pepito.local" donde tengo un servidor Web publicado al exterior por el dns https://CRM.pepito.com . En la zona LOCAL tengo creada…

Hi, I have a user using SSL VPN (Remote Access) to connect to the office. This worked good over the last months, but we're now having strange issues: After a short ( but undefined) period of time, he's unable to access any internal web resources…

I'm trying to setup DNS Request Route to a DNS server on AWS. Situation is similar to the below but I'm using Sophos Firewall instead of UTM. For SNAT on the Sophos Firewall, I can't seem to use a subnet so can't test the resolution that is mentioned…

Greetings guys, Hope you all doing well, I'm running Sophos XG 85 and 105 at: XG105 (SFOS 17.5.17 MR-17-Build837) XG85 (SFOS 17.5.17 MR-17-Build837) I have multiple network environments where I use Sophos Firewalls XG 85 and 105. When I try…

Good day everyone! I am currently implementing an emergency firewall ruleset, which looks like this: - Allow all communications towards sophos central (for Live Response etc. to work) - Allow all communications coming from the physical Management…

Hello everyone, I need to get some SSL VPN users to a server with a local URL ("">">http://myurl.local"). The steps I followed: 1) My Xgs2300 has the two domain controllers and google's dns as its dns server 2) Configured a VPN policy only for these users…

We have two VLANs which are isolated from the rest of our network. They use external DNS for lookups. When the user hits a content issue, they are redirected to the firewall captive portal. However, because they use the external DNS they are pointed to…

Hey Team, I have tried to work this out from the forums but I'm simply not getting it! The XG has multiple WAN interfaces: - Primary with STATIC network assignment - Failover 1 with DHCP network assignment - Failover 2 with PPPOE credentials Network…

Hello Sophos-Community, this would be great to have on the DNS Controlling side of things. The feature in question is DNS Request Route! My Scenario would be multiple DNS Servers Public or Local with some subnets not having to hit the DNS Request…

I'm trying to get away from setting IP reservations and static DNS entries as it's just a waste of time. I want to just use internal hostnames for a variety of automation stuff. I've set a .local domain for all of my DHCP scopes (three) so I should…

Hi, I've set up a new VLAN (20) bound to the LAN hardware (Port1.20) with IP 192.168.20.1, and assigned it to the DMZ zone. If I run the policy checker using Firewall,SSL/TLS and web method, with the following parameters, it fails URL: dns://192.168…

Every time FQDN hosts object is being added to firewall it causes dnscache to restart. During restart name resolution using firewall fails. New FQDN host object being added to firewall, notice how PID changes for dnscache process. Instead of reloading…

Dear one query, I do not have an internal DNS server to resolve my zimbra internally, I have searched for a DNS service in sophos, I have added the FQDN and internal IP but it does not resolve, does anyone know how said DNS service is applied?

Google searching not successful; how do I set up the DHCP server "dns settings" to push from an XG to a remote Red60 (i.e. client laptop needs to see our domain suffix + name servers)

Are there any plans for Sophos XG to implement DNS sinkholing where malicious DNS requests are resolved to a "Black Holed" IP address and once a host tries to communicate with this IP address, we can identify the infected host. This would save a hugh…

I recently updated to SFOS 19.0.1 MR-1-Build365. Since the update my DNS host entries aren't working on all VLANs except the VLAN the firewall is connected to. They were previously working in 18.5 and I haven't made any configuration changes. I have…

Hi all, we have the following setup: - XGS 126, configured for SSLVPN - The global SSLVPN settings contain the IPs for both internal AD DNS servers and the AD FQDN (i.e. contoso.local) - The internal DNS is configured for Split-DNS to resolve external…

Hi, Please forgive this question. I am a complete novice so not sure even if this is possible. My situation: I have one server with a static IP On this server I have various web applications that are being served on different ports. Ie: Service 1…

Hello, I need to see the DNS queries generated from my LAN zone to the WAN zone of the XG Firewall. Through the DHCP of the firewall I am assigning the same Firewall as the DNS server. But I cannot identify or find anything in the logs or reports that…

Greetings everyone! I'm going to replace my UTM tonight with my new XGS136. Our domain controller will be primary DNS, and the XGS will be secondary. On the domain controller I set the forwarder to be the firewall. These are my settings. Have I set…

Hello All, I'm switching over to an XG firewall, and I can't get my Domain Controllers' DNS to resolve their forwarders. I can see the packets being allowed out and seem to have upstream bandwidth, but in Live Connections under DNS the downstream…

I have a Sophos XG 85 v17 with a site-to-site vpn running to a Ubiquiti UDM Pro. The tunnel is working great despite DNS not resolving from either end through the tunnel. The XG subnet is 10.10.10.0/24 and the Ubiquiti subnet is 10.0.0.0/24. I can ping…

Hey, So I have this DHCP VLANS all like this and DNS like this From any computer in VLAN 100 I can ping another computer in VLAN100 like this ping cws-yellow-room But, if I try to ping a server (by name and not…

Hi, I have a question about Web content filtering using either Web proxy or DPI-SSL and DNS requests/resolution. I have Sophos firewall set up in bridge mode with Netgear router as the gateway and for DNS. The Netgear router handles DHCP and DNS…