If you are not registered in Active Directory, you cannot access the internet. How can I do it?

Hello, Over the holiday weekend we upgraded our XG330's from 19.5.4 to 20.0.2 MR-2-Build378. After the upgrade none of our wildcard FQDN rules are resolving/working. They worked perfectly fine prior. This is causing quite a bit of issues for user authentication…

Hallo zusammen, seit Donnerstag bekomme ich ständig die Warnung mit folgender Nachricht: Message: Access from IP address '92.53.65.166' is blocked for '5' minutes after '5' unsuccessful login attempt. Unsere Firewall ist Alert for XGS2100…

On September 4, our Firewall VPN Portal was attacked from IP 92.53.65.166 (Russia) with hundreds of login attempts for different usernames. After bloicking this, today (September 8) we have been hammered by another attack, this time from hundreds of different…

Since today we have been experiencing massive password spraying attacks on many Sophos firewalls, especially on the VPN portal, which listens to port 443. Apparently these are attacks from Russia with the IP 92.53.65.166. How can I create a rule to prevent…

Hello: I have a WAN port (Port 2) that is connected to our ISP with an IP block of 65.170.xxx.xxx/29. We have another block of IP addresses from the same provider at 63.162.xxx.xxx/29. Both come in thru the same ISP router (Cisco 4300). There are 4…

Hi all, can someone provide a hint, how to access a device where all LAN-Interfaces are "tagged" and "LAG"-ports? I've restored a migrated config and now the only untagged port is the WAN-port (can#t ping or access these port) I am able to access…

Hello, i need some help. I have a Branch Office wiht a XG125 and SFOS 20 MR1 up and running. Laptop connects over a APX320 AP and get a WiFi IP Address. Laptop was able to connect through Microsoft Always ON VPN (IKEv2) with UDP 500/4500 find to…

Hi community, While troubleshooting an issue with a webservice on an internal network I found out after a packet capture on both the client and the Sophos Firewall (unable to capture on the webservice device) that the Sophos Firewall captures packets…

Hello, I try@home to migrate from UTM zu SFOS. On the good old UTM there was only one LAN Interface. This was the gateway for some PCs. At the network configuration on the UTM, I configured the real-router-getway as gateway in this one UTM NIC. It…

Hello Community, I am currently in Poland setting up a second S2S tunnel and I am struggling with the fact that the xfrm interface of the tunnel cannot be found under the interface to which the tunnel is bound. What am I doing wrong? Attached are some…

Hello!! In my home network, I have a mini PC with two ports running Proxmox and a virtualized Sophos Firewall Home Edition. I have purchased a mini PC with four ports to replace the one I currently have. While I wait for it to arrive, I decided to…

Hello Community, I am facing a challenge in getting a rule to block social media and video hosting to work. I created an application filter and web policy to block all social media and video hosting. Created the rule and placed it at the top. It blocked…

Hi all, any hints to configure mobile WAN as backup line? wired WAN is default but when line is down mobile WAN should jump in place. Mobile WAN must be turned on or not? WWAN Interface must be to automatic or manual? Thanks for help …

Good morning. I have a problem in identifying which server makes requests to another when the requests arrive to a loopback to access internal servers when pointing to their public ip's. Example: server with ip 192.168.1.20 resolves DNS that points…

I have a dual WAN setup, for this example, I'll call them A and B. A is my primary WAN, and B is my failover backup WAN. A uses starlink, and B uses a local ISP. I use another app to monitor pings to my ISPs to see if they are up. Unfortunetly…

Hi, Can we enable botnet prevention on the SFOS firewall. Please provide any kind info related to this.

DHCP requests not routing over IPSEC This has nothing to do with v21.0. It is possible in v18.0. You just have to run a whole stack of CLI commands because the GUI is inadequate. A post by a Sophos staff member to a closed thread which no-one…

Hey there, How much of an impact to the internet speed does it make, if I create a new firewall exception? Since the firewall has to go through the entire ruleset, it should slow down every request a little bit. Is there an upper bound of…

Hi. RusDesk remote control app, suddenly can no longer connect to the network. I did some tests and I realized that if I bypass the Firewall (XGS 136 sfos 20), Rustdesk works perfectly. I have not implemented any rules to block it, so I suppose Sophos…

have created a new alias port (Port 5:0) on our Sophos XG 210 (SFOS 20.0.2 MR-2-Build378) and created a local host at internal IP of 10.0.0.71). I have also created a firewall rule to allow access to this host from several specified remote hosts that…

Dear Member I hope this message finds you well. I am currently encountering a significant amount of network traffic related to the Attack-FILE-IMAGE ImageMagick SyncExifProfile Out Of Bounds Array Indexing alert. the firewall ais detecting and dropping…

Hello: Yesterday I started seeing these IP_SPOOF violations from our remote site that is on the allowed list in the DNAT firewall rule. They are unable to connect or ping our DNAT devices setup behind the firewall. We can connect to them with out…

Hi Comcast has provided us with EDI service consisting of one /30 network to connect to the internet and a /25 for our additional Public IP addresses. One approach would be to use a basic router with one port connected to the /30 network and do a…

hi, we have webserver in LAN zone that server access through private IP address IN LAN zone. issue-Right now user in china and access webserver through Vpn but in china vpn not connected only indian sim with roaming will work.how to access webserver…