• Sophos XG Bridge. Mode, DHCP for VLAN takes Multiple Tries Before Getting an IP

    romaelz
    romaelz
    Hi. I've been battling this for days and finally decided to post it here and seek help. I've pfSense as the main router and Sophos XG is in bridge mode (for application filtering purposes). There's 1x VLAN involved. The DHCP works fine for the main…
    • Answered
    • 1 month ago
    • Sophos Firewall
    • Discussions
  • API Request show only WAF-Rules

    StefanKeel
    StefanKeel
    I'm experiencing with the API and Postman. We use a wildcard-certificate and I wants to update all WAF-Rules at once. Becuase the GUI-way ist very hard (every time set the certificate, all domains will be dropped and the domain from the certificate only…
    • 1 month ago
    • Sophos Firewall
    • Discussions
  • XGS 108 in combination with Asus Router

    Icecoke
    Icecoke
    Hi! I recently got a XGS 108 for home use, however, I am little lost on how to set-up my network now. Currently, I have an ISP modem acting as a bridge, then an ASUS router in a mesh wifi with an access point. The ASUS router is handling DHCP management…
    • Answered
    • 1 month ago
    • Sophos Firewall
    • Discussions
  • Sophos 21 Home Lets Encrypt Secondary Validation Fetch Timeout

    jarrod beebe
    jarrod beebe
    Certificate request fails with secondary validation time out. I can see in the web server protection log viewer that the well known url is being requested with the unique value. I also briefly see that the temporary waf rule is created. Only thing to…
    • Answered
    • 1 month ago
    • Sophos Firewall
    • Discussions
  • Devices connected on wifi but with no internet connection

    Anesu Dangarembwa
    Anesu Dangarembwa
    Good day We are having a challenge, we have a firewall XGS 2100 , some devices that are connecting with wifi, they receive ip address from DHCP in the firewall, we have a firewall rule for the devices with Mac address, but the devices they are not receiving…
    • 1 month ago
    • Sophos Firewall
    • Discussions
  • question about blocking user AD Windows server through Sophos Firewall

    Alfredo Lodos
    Alfredo Lodos
    Good afternoon, I have a Sophos firewall that is integrated with a Windows Server Active Directory.Can a domain user be blocked from browsing the Internet through Sophos, but allow the computer they use to download and update the operating system, and…
    • 1 month ago
    • Sophos Firewall
    • Discussions
  • AD Accounts locked by brute force despite MFA & ACL rule

    Markus Quirmbach
    Markus Quirmbach
    Hello everyone, we have a XGS set up with SSL VPN, the VPN Portal, AD integration and MFA for every user. Currently we are facing brute force attacks on the VPN Portal. We tried to prevent those by setting up an ACL rule which is blocking countries…
    • 1 month ago
    • Sophos Firewall
    • Discussions
  • Firewalls do not connect backup to the internet after ISP goes down and back up

    Nicholas Pick
    Nicholas Pick
    I have two clients that use the same ISP. One client has an XGS87 and the other XGS116. The ISP does scheduled maintenance at night knocking the firewall offline. My clients will have to power cycle the firewalls to get them to connect in the morning…
    • Answered
    • 1 month ago
    • Sophos Firewall
    • Discussions
  • trouble with Diagnose

    GernotMeyer
    GernotMeyer
    Hi all, Sophos XGS SFOS 20.0.2 MR2. When I try to check a ping: It only accepts IP Addresses or names without capital letter! I can resolve blabla.domain.local but not BlaBla.domain.local "Please enter a vlid IP or hostname". Is that bug or…
    • 1 month ago
    • Sophos Firewall
    • Discussions
  • rules

    Serkan Dağlı
    Serkan Dağlı
    1 Firewall 2024-10-26 14:10:51 Appliance Access Denied N/A 0 PortA1.10 10.10.1.3 10.10.1.255 137 …
    • 1 month ago
    • Sophos Firewall
    • Discussions
  • unable to create ip network - "You must enter a network IP address."

    GernotMeyer
    GernotMeyer
    Hi all, I have several SFOS V20 in place. I can nomore add an ip network: "You must enter a network IP address." There is not much room for making things wrong and I did this couple of times before. No problem to add an ip host but no chance for…
    • 2 months ago
    • Sophos Firewall
    • Discussions
  • WAN Link Load Balancing in v20

    Nathan Kuhl
    Nathan Kuhl
    What is everyone's experience with WAN link load balancing in v20? We're a K12 private school with two identical WAN links from different ISPs, Frontier and Comcast. Our goal is to enable WAN link load balancing in an active-active config, weight 1 and…
    • Answered
    • 2 months ago
    • Sophos Firewall
    • Discussions
  • I want to get all the IP host objects that are currently configured through an API call

    Yashas Manjunath
    Yashas Manjunath
    I am referencing this documentation https://docs.sophos.com/nsg/sophos-firewall/19.5/API/SYSTEM/Host%20and%20Services/IPHost/operations/AddIPHost&EditIPHost.html There's information on how to add or update an existing IP host object. However, I just want…
    • Answered
    • 2 months ago
    • Sophos Firewall
    • Discussions
  • snat multiple gateways

    midnightSun
    midnightSun
    SNAT with multiple WAN gateways isn't working.. WAN Gateway 1 = Port3 - its public with /27 worth of aliases WAN Gateway 2 = Port5 - its public with /28 worth of aliases (IP Host) SNAT with Port3 aliases work for all of the rules I've created…
    • Answered
    • 2 months ago
    • Sophos Firewall
    • Discussions
  • Unauthenticated traffic on WAN - Captive portal

    Gary McDonald
    Gary McDonald
    Hello All, We have a Sophos XGS connected to a metered WAN connection, in order for devices to connect to the internet the user must authenticate to the Sophos captive portal and at which point a weekly data transfer quota is applied. This has been…
    • 2 months ago
    • Sophos Firewall
    • Discussions
  • Traffic Shaping / QoS

    Christian Garcia N
    Christian Garcia N
    Good morning. I have been looking for information about the use of Traffic Shaping / QoS and applied what is indicated but in my case it is not working for me. I have 2 offices, each with a Sophos firewall. The server in office A sends data to the…
    • 2 months ago
    • Sophos Firewall
    • Discussions
  • TLS on syslog

    James Morigan
    James Morigan
    Hi, we have a problem with transferring syslog from Sophos firewall to the Arcsight SmartConnector. When we try UDP, logs can be seen in connector. However, with TLS communication fails. This is only example, but ours handshake also fails at Change…
    • 2 months ago
    • Sophos Firewall
    • Discussions
  • Configured WAN lP in Sophos XGS136, link is up but internet is not working

    Firewall Monitoring
    Firewall Monitoring
    Hi Configured one more WAN IP in the Sophos XGS136, link is up but traffic is not moving through new link, checked load balancing, everything is looking fine Pervious link is working fine, however the new link is not working, able to ping 8.8.8…
    • 2 months ago
    • Sophos Firewall
    • Discussions
  • WAN latency increases towards VPN branch offices

    Andrej Pirman
    Andrej Pirman
    Hi, not a huge problem, but I cannot find logic behind. I have XGS-136 in main office, and from there I monitor with PRTG 2 distant branch offices, which both have XGS-87. Interesting, that both branch offices experience increase in PING latency at…
    • 2 months ago
    • Sophos Firewall
    • Discussions
  • LoopBack NAT is not working upon accessing WEB Application Public IP in Local Network

    Nathaniel Patalod
    Nathaniel Patalod
    Hi Sophos Geeks! I'm having a problem accessing my WEB Application using Public IP in my local network but working if I'm accessing it externally. I already configured the DNAT policy Source zone in Any Zone but still no lock. Currently my version…
    • 2 months ago
    • Sophos Firewall
    • Discussions
  • FW-Rules not working to restrict VPN-Portal?

    bmu
    bmu
    Hi there, since some days, we encounter Bruteforce-Attacks against our Mainfirewall (Sophos XGS): Access from IP address '92.53.xxx.xxx' is blocked for '30' minutes after '5' unsuccessful login attempts I've tried to block all requests from…
    • Answered
    • 3 months ago
    • Sophos Firewall
    • Discussions
  • Loopback for Firewall in LAN (behind Home Router)

    kdoberitz
    kdoberitz
    Hi Sophos Community After a lot of trial and error I'm hoping you can help me finding a solution to my scenario: In my home setup I have my wan-interface of the sophos in a transit network. My ISP router forwards any traffic to the sophos. Now…
    • 2 months ago
    • Sophos Firewall
    • Discussions
  • I cannot reach one of the 2 DVR devices.

    Kenan
    Kenan
    Hello, we also have 2 DVR devices in our network. I can access it via HTTP (Web). I cannot reach the second device. It seems like it is going to log in to the second DVR device, but it doesn't. It gives ERR_CONNECTION_REFUSED error. I tried many things…
    • 2 months ago
    • Sophos Firewall
    • Discussions
  • XGS136 is blocking STAS traffic

    Daniel Zulian
    Daniel Zulian
    Hi everyone, I have some problems with the STAS service. The picture shows the topology: I have two locations, the HQ with an XG210, and the branch with XGS136. Both are connected through a VPN tunnel. The STAS server is in HQ location. The communication…
    • Answered
    • 2 months ago
    • Sophos Firewall
    • Discussions
  • Schedule firewall rule - disable it after some time automatically

    LHerzog
    LHerzog
    For firewall rules that allows access to a sensitive system (host) and where access is usually not required all the time, it would be nice to have a feature to enable them manually when needed but with a timer that disables the rule after 60 minutes or…
    • 2 months ago
    • Sophos Firewall
    • Discussions
  • View related content throughout Sophos Firewall
  • More
  • Cancel
<>