hi Community. we have a lte router with a static IPv6 IP-Address on the WAN-Side. I turned on the DHCP for IPv6 as you can see below: and as you see, the xgs gets an ipv6 address: The Sophos Cluster has v20 installed and I can see the cluster…

I'm upgrading my firewall and trying to figure out a simple way to switch my regular LAN from port1 to portF1 after importing the backup. I want to upgrade from the regular 1-gig connection to a faster 10-gig SFP connection. The tricky part is that there…

Hi, There has been several discussions / requests on the forum to have the possibility to configure DHCP client options on the WAN interface as their ISPs'DHCP servers require these options set to provide a lease. (from what I found, ref here or here…

Hi all, sophos XGS3300 with SFPS 19.5. In my internal network I want to decommission an old Windows Domain Controller. That DC still logs multiple DNS requests from the Sophos (Azure Cloud and other requests) per Minute. I removed that DC as Authentication…

Has Sophos figured out a way for firewall admins to see a numerical count of active DHCP leases? OR are we still relegated to paging through and counting the leases?

Hi All, One of our customers requests me to prioritize specific URL traffic to all the users (sample URL - example.example.com/.../ . Does anyone have an idea how to do this task? He has two WAN links and I tried the SD-WAN routes but had no luck…

I have a DHCP server running at head office on 192.168.100.21 which is a Windows Server that has a Sophos as it's gateway The branch office has a Sophos There is an IPSEC tunnel between the two Sophos units The branch office has a DHCP relay pointing…

hi . i want to use the CLI to add VLAN ID to the lan interface . how can i do that ? i tried using the Device concole but i find that i can do that only for bridge interface. Thanks

Hello, I configured my XGS to use traffic shaping for Teams and Zoom (Applications - Traffic Shaping defaults). Do you confirm that I don't need to select also "Apply application-based traffic shaping policy" under the proper firewall traffic rule…

Instead of manually entering DNS IP addresses into the DNS fields, it would be nice if we could use an IP host instead. Say you wanted to use google as your DNS. A user could create an IP host called "Google DNS servers" of the two IP addresses 8.8.8…

Need help Sophos XG Bridge Mode in Multi Vlan Enviroment I am attempting to setup XG in bridge mode on a multi VLAN line between switch infrastructure and the main routing equipment (The trunk from the switches to the router). Based on the documentation…

Good day l have a client with a sophos xg 310, they did a security audit report on their network. and the report came with this queries for DNS server allows cache snooping. l want to Restrict the processing of DNS queries to only systems that should…

I have 2 WAN links from the same provider with the same gateway. Would it be possible to aggregate the connections (bonding) for double the speed?

Hello, When I use Sophos as the DNS server, I sometimes get a timeout for the DNS resolution. I also tried it directly from the XGS CLI. CLI: XGS107_SN01_SFOS 19.5.4 MR-4-Build718# nslookup google.de. 1.1.1.1 Domain Name Server# 1.1.1.1 Domain Name…

Hello Sophos Community, I am currently working on a sophisticated DHCP setup on my Sophos system and need some advice on how to achieve specific configurations. Any guidance or insights from the community would be greatly appreciated. My goal is to…

Good afternoon, Can you tell me where I can find example messages for syslog? Since in the documentation below the table with examples is empty. Or is it necessary to use the legacy option in this case? Any suggestions on where they can be found are welcome…

Hello In Port 1 I set static DHCP for 1 client. If this client tries to connect to port 5 using DHCP (in this case I did not set any static DHCP) the client will not receive any IP. If I remove the static DHCP entry for port 1, client will receive…

Hi, I want some local DNS servers to do DNS over TLS (DoT) and have configured them accordingly. I created a rule allowing TCP 853 for those hosts - both IPv4 and IPv6. Because of IPv6 is assigned via PD I used the client MAC address (on local LAN…

hi, if I scan the WAN IP from my Sophos Firewall, i can see open Ports, like: PORT STATE SERVICE 21/tcp open ftp 22/tcp filtered ssh 23/tcp filtered telnet 25/tcp filtered smtp 53/tcp filtered domain 80/tcp open http 110/tcp filtered pop3 111/tcp…

Hello All, Using Sophos XG310 Firmware 18.5.4 MR-4 Build 418 I have an unusual issue, essentially all workstations on the LAN of the Sophos Firewall are unable to access play.google.com Originally it appeared to be due to perhaps Web Filtering or…

hello configuring DHCP lease on XGS 107 firewall in "DNS server" section there is only 2 fields, is there a way to have the DHCP provide 3 DNS to clients Thanks Elie

Hello everyone, I'm testing the following configuration: ISP modem home network - > Sophos XG in router mode - > UDM-SE I've a number a VLANs configured on UDM and Sophos and everything communicates fine. My current configuration has all…

Dear Team, We have to add two interface as a bridge - like A1 and A2 with sub interfaces (Vlan interface). Below are the configuration steps which I had created yesterday for bridge interfaces- 1. Created Zone (Common ZONE) 2. having created…

I am using sophos xg430 firewall. I have noticed a strange behaviour that when a new interface is added, the adjacent interfaces becomes unresponsive. Either we have to wait for almost 10 hours to have the interface to respond/we need to reboot the firewall…

Hello, I've Sophos XG installed in between ISP modem and router. The XG in bridge mode with LAN and WAN bridged together. The router and LAN all have internet access. However, Sophos XG doesn't - what I mean by that I can't update firmware for instance…