• WAN Link Manager - What does Manual activation of gateway look like?

    DavidSain
    DavidSain
    There is an option to set the gateway to be activated manually. Is the process just to login to the firewall and change it from backup to active or is there something that becomes apparent when there is a gateway failure? I checked this documentation…
    • Answered
    • 6 months ago
    • Sophos Firewall
    • Discussions
  • Adding WAN interface removes active WAN interface from Default SNAT rule, taking network down

    DavidSain
    DavidSain
    Customer is installing a new ISP connection but will have the old one for a while as they have WAF to an internal server, and DNS pointing to current ISP PIP. Left Port2 configured as it was. WAN zone, with static IP info. Configured Port3 to be the new…
    • 7 months ago
    • Sophos Firewall
    • Discussions
  • XGS2100 - VLAN gateways

    André Pinto
    André Pinto
    Hello, Please some help understanding the following scenario: VLAN ID - 400 VLAN ID - 410 On the network with vlan ID 400 I can use the ip gateway from VLAN ID 410 and it works! Rules are applied correctly (from VLAN ID 400). This happens in all the…
    • 7 months ago
    • Sophos Firewall
    • Discussions
  • Assistance with Sophos NGFW Configuration for Inter-VM Communication

    Arkadiusz Parafiniuk
    Arkadiusz Parafiniuk
    Hello, I'm kinda new to networking and I'm currently working on a network lab to enhance my understanding of firewall concepts. My setup consists of the following: Virtual Machines: Kali Linux VM (IP: 192. 168. 10. 128) Windows VM (IP: 192. 168…
    • 7 months ago
    • Sophos Firewall
    • Discussions
  • Conflicts between Public Wi-Fi IP Address and internal LAN (through VPN)

    cm00001
    cm00001
    Hello, Today I found a case that I've intermittently found in the past, but I decide to bring it up in the forum and try to find a permanent solution. I connected to a public WiFi network with an iPad. The network provided the following through…
    • 7 months ago
    • Sophos Firewall
    • Discussions
  • How to change Packets TTL (Time to Live) value in firewall?

    Dev Sky
    Dev Sky
    Is there a feature in Sophos Firewall to change TTL value of packets so that the authorized users in my network cannot share internet access by creating their personal WiFi Hotspot to connect unauthorized users to access the internet through my network…
    • 7 months ago
    • Sophos Firewall
    • Discussions
  • Appliance Access is Denied and Webex audio problems

    StefanS
    StefanS
    Hi there, Need your help and expertise. We have an HA here with Sophos XGS2300 (SFOS 19.5.3 MR-3-Build652). The following problem occurs in particular with Webex Audio / Video. From external to internal and vice versa, the audio and video channel is established…
    • Answered
    • 7 months ago
    • Sophos Firewall
    • Discussions
  • Keep alive interval of a wan interface XGS116

    Eva Pavli
    Eva Pavli
    Hello, I need your kind assistance regarding a new Sophos XGS116 that I am using. Can you please tell me how to set the keep alive interval of a wan interface? It is set to ping at 8.8.8.8 but I do not know the interval of pings, how often they are. …
    • Answered
    • 7 months ago
    • Sophos Firewall
    • Discussions
  • WAN Link Failover not working

    Sandra Koehler
    Sandra Koehler
    Hello, We just added a secondary ISP and I set it up as a new WAN interface. A laptop plugged into it gets an IP address and can get out to the internet, so I know it is working. I configured WAN failover (active-backup) and initially didn't modify…
    • 7 months ago
    • Sophos Firewall
    • Discussions
  • Server Load balancing in Sophos Next-gen firewall

    ab awal
    ab awal
    Two on-premises servers are presented. Now is it possible to configure load balancing from Sophos Next-gen firewall? If possible then what kinds of requirements are needed?
    • Answered
    • 7 months ago
    • Sophos Firewall
    • Discussions
  • Help with configuration WAN interface as a bridge in Sophos Firewall

    LuisAyalaMagni
    LuisAyalaMagni
    Hello guys, my client is migrating from ISP to another. As you can see in the picture, this is gonna be the new topology. Is it possible to configure this way? I want to join Port2 and Port3 as a LAG interface; Port4 and Port5 as another LAG interface…
    • 7 months ago
    • Sophos Firewall
    • Discussions
  • VOIP SIP Hunting Group Reply Packets

    Gerd Rehders1
    Gerd Rehders1
    Hi, I observe a strange behavior regarding UDP Reply Packets on multiple WAN interfaces. Since we have configured a SIP hunting group with our telephone provider, the provider sends option pings on the 3 existing WAN interfaces. 3 DNAT rules are set…
    • 7 months ago
    • Sophos Firewall
    • Discussions
  • Changing Default IP address & Configuring Management Port

    Reem Jalal Eddine
    Reem Jalal Eddine
    Hi, I am new to sophos firewall world. Yesterday, I discovered that my firewall is still accessible using the default ip address that was assigned for initial configuration. I have discovered that Port 1 has this IP but there is no ethernet plugged…
    • 7 months ago
    • Sophos Firewall
    • Discussions
  • Change hardware for interface

    FFin
    FFin
    In many customer-projects we need to change the interface <-> hardware-port associaton within network-projects. I'm aware that you can use XML export/import to do this, but there still the risk to forget about some dependencies and failing manual config…
    • Answered
    • 7 months ago
    • Sophos Firewall
    • Discussions
  • Break trunk LACP without losing attached DHCP reservation

    Nabil R1
    Nabil R1
    Hi all, I need some help with redoing my firewall setup. It was done a while ago and I’ve made some mistakes that I’d like to correct but want to minimise the amount of work. Here’s what I have : my firewall is a 6 ports firewall. 2 have been…
    • 8 months ago
    • Sophos Firewall
    • Discussions
  • Internet IPv4 Predefined Host Errors, Suggestions

    RichardR
    RichardR
    There are some errors in the predefined "Internet IPv4..." hosts. This list is the clearly wrong ones imho. Internet IPv4 (129-169) should be "(128-169)" Internet IPv4 (191-191.1) seems completely mislabeled, and likely incorrectly defined altogether…
    • Answered
    • 8 months ago
    • Sophos Firewall
    • Discussions
  • IPv6 - Two addresses being issued by XG Firewall DHCPv6 server?

    Casual_User
    Casual_User
    I've been looking at a strange issue on my devices regarding IPv6 addressing (at least an issue I think is strange). I am not using SLAAC. I have a Sophos XG acting as a DHCPv6 server issuing a private IPv6 prefix, let's call it AAAA:AAAA:AAAA:AAAA:.…
    • Answered
    • 8 months ago
    • Sophos Firewall
    • Discussions
  • Sophos XG 136 Firewall SFOS 20.0.0 GA-Build222 IPv6 No Internet

    Erika Koelle
    Erika Koelle
    Need some help getting our Sophos XG 136 (LAB) Firewall working with IPv6. ABCDC01: Role = Windows Server 2019 Domain Controller IPv6 = fc00:2222:3333:4444:cccc:dddd:eeee:10/64 IPv4 = Not Enabled Gateway = fc00:2222:3333:4444:cccc:dddd:eeee:ffff…
    • 8 months ago
    • Sophos Firewall
    • Discussions
  • DNS Server in DHCP options keeps changing to Sophos IP

    Rog163
    Rog163
    Hi All... Customer has XG135 (SFOS 19.5.3 MR-3-Build652), Sophos is the main DHCP server for the network, for the last few months we have been battling with a strange issue. Sophos LAN IP is 172.16.0.10 Internal Microsoft DNS server 172.16.0.1.…
    • Answered
    • 8 months ago
    • Sophos Firewall
    • Discussions
  • VLAN limit on physical interface

    René Gagneur
    René Gagneur
    Hello! We are planing micro segmentation of our server farm and thus will need a bunch of vlans in the range of 200-300, but there seems to be a limit on how many vlans can be added to a physical interface according to this kb: https://support.sophos…
    • 8 months ago
    • Sophos Firewall
    • Discussions
  • SG Firewall SFOS next maintenance release schedule to fix DHCP next server options

    Rick Dunn
    Rick Dunn
    We have been asking for the DHCP option for TFTP boot options to be fixed and the reply was It is planned to be fixed in the upcoming v20.0.1 MR-1 Can you please post the schedule for the net coming maintenance to be ready for release?
    • Answered
    • 8 months ago
    • Sophos Firewall
    • Discussions
  • Unable to get SNMP data from XG firewall

    SETRA ANDRIAMPARAMALALA
    SETRA ANDRIAMPARAMALALA
    Hello, I have been trying and failing to get SNMP monitoring working for my Sophos XG firewall using PRTG. I have done the following to try and get this working: Enabled the SNMP agent in the firewall config Added the SNMP manager address and…
    • 8 months ago
    • Sophos Firewall
    • Discussions
  • SNMP monitoring IPsec and vpn Tunnel traffic

    SETRA ANDRIAMPARAMALALA
    SETRA ANDRIAMPARAMALALA
    Is there any way to use SNMP to monitor traffic flow through an IPsec tunnel? I'm successfully capturing port traffic with SNMP but would also like to capture the traffic between our two sites via an IPsec tunnel.
    • Answered
    • 8 months ago
    • Sophos Firewall
    • Discussions
  • Fix Datto Firewall Monitor

    Marjoriel Ancog
    Marjoriel Ancog
    Hello, Can someone help me with my Datto RMM Monitor for Sophos? The policies have been installed way back, but when we replaced the firewall from one of our sites, the Datto Sophos Monitoring is now offline. I am new to both Datto and Sophos community…
    • Answered
    • 8 months ago
    • Sophos Firewall
    • Discussions
  • Can't ping Synology NAS from another VLAN

    Kam
    Kam
    Hi all, I have a huge problem with simple ping to NAS VLAN from any other VLAN. I tried almost everything and it just doesn't work. My infrastructure: Sophos firewall with NAS VLAN 2, no DHCP, Synology has fixed IP X.X.2.100 on port 2 with gateway…
    • 8 months ago
    • Sophos Firewall
    • Discussions
  • View related content throughout Sophos Firewall
  • More
  • Cancel
<>