Hi all, i have had a look at the Invalid Traffic page but as stated at the bottom doesnt resolve the issue, just reduces the number of logged entries My setup is as follows Core network is TPLink Omada (Manages the vlans) Sophos setup: Port1 …

Hello, I found a solution where IPSec networks are distributed via OSPF and would like to know if this is correct? Can I use this in a productive environment? 1. SSH -> 4. Device Console 2. system ipsec_route add net 192.168.123.0/255.255.255.0 tunnelname…

Good morning. I have been looking for information about the use of Traffic Shaping / QoS and applied what is indicated but in my case it is not working for me. I have 2 offices, each with a Sophos firewall. The server in office A sends data to the…

Hi, we have a problem with transferring syslog from Sophos firewall to the Arcsight SmartConnector. When we try UDP, logs can be seen in connector. However, with TLS communication fails. This is only example, but ours handshake also fails at Change…

Hi Configured one more WAN IP in the Sophos XGS136, link is up but traffic is not moving through new link, checked load balancing, everything is looking fine Pervious link is working fine, however the new link is not working, able to ping 8.8.8…

Hi There I recently acquired a second-hand XG115W. After wiping the SSD, I successfully installed the V20 HOME firmware on it. However, I've encountered this issue after the installation: Ethernet ports 2 and 3 do not function. I can see the activate…

Hey Guys, I am using the Sophos XG as DHCP server which provides two DNS servers. One is a Pihole and the other one is the SophosXG itself. So normally the devices should resolve internal and external domains via Pihole, but when it is not available…

Hi everyone! I’m facing a puzzling connectivity issue in my PABX setup. My NS300 cannot be pinged from my Sophos XG4500 when my SIP router is connected to the core switch. However, I can still make calls outside, which adds to the confusion. Coreswitch…

Hi, not a huge problem, but I cannot find logic behind. I have XGS-136 in main office, and from there I monitor with PRTG 2 distant branch offices, which both have XGS-87. Interesting, that both branch offices experience increase in PING latency at…

Hi Sophos Geeks! I'm having a problem accessing my WEB Application using Public IP in my local network but working if I'm accessing it externally. I already configured the DNAT policy Source zone in Any Zone but still no lock. Currently my version…

Hello everyone, Since yesterday, we have been experiencing a consistent IPS alert from our firewall (XGS Vers. SFOS 20.0.2 MR-2-Build378 ). The affected connection is between our email gateway/proxy in the DMZ and our mail server. Every 30 minutes…

TLDR - IEEE 802.1Q reserves VLAN ID 0 for a special purpose. Sophos XGS firewalls do not implement this special purpose correctly, preventing communication with some ISP Gateway modems. The request for proper implementation of VLAN ID 0 handling is being…

Hi there, since some days, we encounter Bruteforce-Attacks against our Mainfirewall (Sophos XGS): Access from IP address '92.53.xxx.xxx' is blocked for '30' minutes after '5' unsuccessful login attempts I've tried to block all requests from…

hello, I got this intrusion attempt for the first time. just don't know what to do. I looked for any recent downloads and browsing history, and asked the user if he plugged any device to the computer but nothing suspicious found. this is a screenshot…

Hello, I've added a DHCP-Server for an interface on my XG. The interface is an RED-VLAN-Interface and ping from the switch is working. An Accesspoint connected to the switch did not get an IP-Adresse. Today we found out, that we have the same problem…

A customer site has a 2nd gateway that is required to access one of their vendor's systems. Our Sophos XGS has static routes in place to direct any traffic intended for the vendor network to the 2nd router. Rather than adding host entries for the vendor…

Hi Sophos Community After a lot of trial and error I'm hoping you can help me finding a solution to my scenario: In my home setup I have my wan-interface of the sophos in a transit network. My ISP router forwards any traffic to the sophos. Now…

Hello, we also have 2 DVR devices in our network. I can access it via HTTP (Web). I cannot reach the second device. It seems like it is going to log in to the second DVR device, but it doesn't. It gives ERR_CONNECTION_REFUSED error. I tried many things…

HI How can i check the interface counters for WAN interfaces in the Sophos firewall ?

Hi, I have set up a free account with FreeDNS. My public IP address is pointing to the correct subdomain.mooo.com However, I have a query about the hostname, SF only accept: subdomain.mooo.com. But in order to work, you need to include the update…

I'm having an issue where we have two vendor routers that need to be highly available to all branch and data center locations (No changes permitted on the vendor R1 and R2) The networks at all the branch locations consist of a Sophos XG135 as the Gateway…

Hi everyone, I have some problems with the STAS service. The picture shows the topology: I have two locations, the HQ with an XG210, and the branch with XGS136. Both are connected through a VPN tunnel. The STAS server is in HQ location. The communication…

Hi, we have the below IP series in Wan port and alias, all tunnel services are running. now ISP is providing a new alias /29 subnets with different IP series if we add a new alias /29 subnets with the existing setup it will work or not. - Port…

For firewall rules that allows access to a sensitive system (host) and where access is usually not required all the time, it would be nice to have a feature to enable them manually when needed but with a timer that disables the rule after 60 minutes or…

Hello everybody, Just new to the forum so please be gentle. I have 2 WAN's on Port 3 and port 6 What I wanted to do is put the guest and staff wifi to use the connection on Port 6 instead of the main connection on port 3 I made firewalling…