• my network exposed

    Feras Alkhfajy
    Feras Alkhfajy
    hello today i tried to ipscan my network with a very larg range to check my network, the result shows there are many ranges that i am not aware of and they are not in my network, i ping them and i was able to run some ips in the browsers shows they…
    • Answered
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • 3CX Full Cone error

    LeeShellard
    LeeShellard
    Hi I have a XG and im trying to get 3CX working correctly. I have nat and firewall rules set but when i run a test from 3cx I'm getting the full cone error i cant see what I'm missing
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • Firewall Rules - Why don't they default to "none" for the Rule Group.

    Steve Klassen
    Steve Klassen
    I appreciate the fact that Firewall Rules can be grouped, as this makes for more flexibility in the sorting and managing of rules versus not. However... the default option for firewall rules is "Automatic" which if you forget to change, jams it into the…
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • InactiveRpcError when using Sophos FW

    Imesh Liyanage
    Imesh Liyanage
    A few users in our network use Python & Java scripts to connect to some services on AWS. The scripts work fine when bypassing the Sophos FW or using mobile hotspots. But when using Sophos the users see errors like this in their terminals: Exception…
    • Answered
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • Unable to access company websites inside the local area network

    Anesu Dangarembwa
    Anesu Dangarembwa
    Good day we are unable to access company websites inside the local area network. The websites are hosted outside our LAN.. We can ping the public IP address for the websites. Traceroute to the public IP address of the websites is completing And…
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • Opening a port for a web app connecting to a database

    Nurdin Nurdin
    Nurdin Nurdin
    I have a web App opening with localhost:8443 and connecting to an SQL database in another server at port 1433. I have installed another DB in the same server where the WebApp is. When I try to connect to the database that is in the same VM as the WebApp…
    • Answered
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • Firewall block with reason Heartbeat but User and Computers have green HB

    LHerzog
    LHerzog
    We have a firewall rule allowing access to an internal server. Source and Destination HB must be green, also the rule has "Block clients with no heartbeat" enabled. The rule exists unchanged for years but recently we noticed users complaining that they…
    • Answered
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • Docker L3 network routing notworking Sophos XG fireall

    Opizol
    Opizol
    Hello! I'd like to ask for your help, I've been using this great firewall for several years, but now I'm stuck. I have a small network at home in which I installed a docker host for testing purposes. I have found the best way to allow the docker containers…
    • Answered
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • VPN Firewall Rules - Match Known Users issue on Sophos XGS v19.5.2

    Muhammad Abdullah Siddiqui
    Muhammad Abdullah Siddiqui
    Hi, We have 2 types of IPsec and L2TP VPN users. one which have Intercept X on their systems and another which are normal users without Intercept X. Now we want to restrict users to access only from their specific machines. Like the users which have…
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • Cross VLAN communication

    JamesTaco
    JamesTaco
    First, thank you, 2nd, sorry ;-) I just got my XGS4500 setup, very basic default setups. We use Unifi switches, we are migrating from a Meraki. We have all our Wifi working, all the VLANs and whatnot - but our printers (for whatever reason…
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • XGS126 (SFOS 19.5.2 MR-2-Build624) Problems forwarding traffic

    Claudio Teixeira
    Claudio Teixeira
    Hello everyone, I joined the Sophos community, after having tried UTM9, I was delighted with its simplicity and functionality/security, so I decided to migrate my company's firewall system to XGS 136, I thought well if UTM is already good, this one should…
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • xg / xgs - allow ip from specific asn number only

    peterson
    peterson
    i would like to allow ip addresses from a company such as cloudflare. however, their ip addresses will be changing. i would like to allow their ASN number so that i don't need to keep track of their ip addresses changes. is this possible?
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • Network firewall rule ignored

    Gary McDonald
    Gary McDonald
    Hi All, We have a network firewall rule setup to allow traffic to a WAN destination. However we can see in the logs that the traffic is getting blocked by the web filter component. We have a user network rule further down the list that allows access…
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • XG550 Cluster: Object ##ALL_IPSEC_RW not working anymore

    Nafets
    Nafets
    (We are using XG550 active passive cluster with firmware 19.0.2) Hi community, today I have a strange problem again. As SOPHOS told us not to use custom network objects for ipsec/sslvpn related firewall rules, I created a firewall ruleset based…
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • A little annoying bug in group management

    rfcat_vk
    rfcat_vk
    Hi, when you attempt to delete a group and it is in a firewall rule you are disshown a message advising the that group exists in firewall rules or policies. If the group is in a SSL/TLS rule you are shown a message cannot be deleted, which is not very…
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • Problems with zones and firewall rules

    wolfman1
    wolfman1
    Hi, I am facing a problem with the LAN zone attached to multiple interfaces. FW: SFOS 19.5.2 MR-2-Build624 Setup: Port1: LAN (192.168.30.254/255.255.255.0) Port2: WAN Port3: LAN (192.168.32.254 /255.255.255.0) I've created the following test rule…
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • drop rule traffic not hit

    satyabrata bastia
    satyabrata bastia
    HI, I am using sophos-xg210 firewall any traffic that is not matched existing rule that will hit drop rule
    • Answered
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • Restricting Site (e.g. youtube) Access time to entire VLAN`

    UJay
    UJay
    Hi I am using XG-115 as my firewall and already got number of rules. I also have a couple of VLANs. I followed the below guidance given by Sophos tech support team. The rule works well with individual hosts. but when I replace the individual host…
    • Answered
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • how to enable chromecast on Sophos XG

    Alexander Weinbacher
    Alexander Weinbacher
    Hello, I need your help for making chromecast work again on my LAN. I had to restrict the protocols on my LAN. My current setup is: Sophos XG, all devices on the LAN are allowed to use: http, https, smtp, smtps, imap, ping: As a result,…
    • Answered
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • In the firewall log, "rule" and "ID" don't match the actual firewall rule

    alan weir
    alan weir
    SFOS 19.5.1 MR-1-Build278 I was checking the logs when I noticed this strange peculiarity, in the log, the "firewall rule" is actually the firewall ID #. The log is showing that the firewall rule with the name "Allow outbound" is firewall rule 1,…
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • Firewall Rules And Policies

    Tan Ah Kow
    Tan Ah Kow
    For user based firewall rules, how to match users - that is add users to authenticate in a database? I added an "any" "any" rule to allow all traffic to pass through, but it does not work, any possible reason why? Does sophios have any cli interface…
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • do i need to change my DNAT inbound interface to correct ISP

    Sophos User1175
    Sophos User1175
    hi all, got a DNAT like below, blanked the fields out due to privacy do i need to change my inbound interface and outbound interface to the correct ISP as i have two ISPs, so it could be going out wrong ISP, or will it pick the right ISP to go out…
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • New to Sophos XG - Issue with sepaerate wireguard server

    John Tankard
    John Tankard
    Hi All, I am new to Sophos XG coming from pfsense and have to say I will be staying, great NGFW. I have a slight issue though, one which I am sure is simple to solve. I have used the server access assistant (DNAT) to create a port forward rule from…
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • Sophos XG firewall not ping Airtel Gateway with Static IP

    Partha Goswami
    Partha Goswami
    Hi, I am using Sophos XG firewall with Airtel ISP static IP now, when I am configuring Sophos XGS firewall OS its not pinging gateway even. But i have tested with old sonicwall firewall its no issues, even Sophos UTM 9.0 has no issues like this, Kindly…
    • Answered
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • Minecraft Server Authentication Servers are Down

    Caleb Sjostedt
    Caleb Sjostedt
    Hi all, I've been having an issue with my Minecraft server I host since switching over to Sophos. The Minecraft server functions normally with DNAT and the server is accessible from outside, except for this error below. Here are my FW/NAT rules…
    • Answered
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • View related content throughout Sophos Firewall
  • More
  • Cancel
<>