Hello Team. I recently deployed a sophos xgs 3300 firewall. I am very green in regards to the firewall but I have managed to set it up and get the LAN and remote sites to access the network services. The challenge I am facing is making my public servers…

Dear Team, How to configure NVR rule on firewall. So that I can access the cameras through static IP from anywhere. Regards, Satpal.

On one of our XGS-firewalls, we need a NAT rule for HTTP/HTTPS. On this firewall, it's not possible to create or renewal a Let's Encrypt Cert. We need to disable the NAT rule, then it works to create/renewal the certificate. But this can't be the…

Hi all, I have a XG135 firewall and several RED devices, I also have several devices from Ubiquiti (UNVR and CloudKeys) and they are causing problems. Ubiquiti support keeps telling me that I need to allow access on UDP port 123 which they use for NTP…

Hi, I’m using a third-party threat feed with Sophos and under the impression that it should provide WAN to LAN protection. However, I’ve conducted a test and observed unexpected behavior. Here’s what I did: Created a custom text file list containing…

Hello, Since the XG Firewall does not have countries for IPv6, I have created my own countries based on published IPv6 address ranges which can be found here https://www.ipdeny.com/ I created a LAN to WAN rule to block access to a country and a WAN…

Hello, Need your recommendations, we want to implement a SFTP server to exchange data from and to one of external partners. I am planning to add the server to DMZ group and just restrict FTP protocol to it. Create a NAT rule also i want to force the…

Hi all, We are having a few problems with our VOIP phones. I believe it may be to the firewall, but I not 100% sure. I need to allow an IP address range and some ports. I have created a firewall rule, but I cannot see that any traffic being logged…

Hello everyone, I am attempting to redirect all requests made to 192.168.10.5 to 172.16.10.5. The VPN is working properly on both sides. Sophos XGS: DNAT Through Routed VPN Details: #VPN Working 100% LOCAL-LAN: 192.168.10.0/24 (Sophos) REMOTE…

Hi, I've got the following case: HA XGS3300 Three WAN connectinons P2 ISP 1 P4 ISP 1 P6 ISP 2 P2 and P4 are BGP. P6 is stand alone. All internet connections are working. When configuring SNAT and or SD-WAN all traffic for WAN is over…

Good day We are having a challenge, we have a firewall XGS 2100 , some devices that are connecting with wifi, they receive ip address from DHCP in the firewall, we have a firewall rule for the devices with Mac address, but the devices they are not receiving…

Good afternoon, I have a Sophos firewall that is integrated with a Windows Server Active Directory.Can a domain user be blocked from browsing the Internet through Sophos, but allow the computer they use to download and update the operating system, and…

1 Firewall 2024-10-26 14:10:51 Appliance Access Denied N/A 0 PortA1.10 10.10.1.3 10.10.1.255 137 …

We have a /29 subnet from our ISP. I want to use a dedicated public address for our guest network traffic. I've added an alias on the PPPoE port and thought I could then just use an SD-WAN rule to route the traffic, but the alias doesn't appear in the…

SNAT with multiple WAN gateways isn't working.. WAN Gateway 1 = Port3 - its public with /27 worth of aliases WAN Gateway 2 = Port5 - its public with /28 worth of aliases (IP Host) SNAT with Port3 aliases work for all of the rules I've created…

Hi Sophos Geeks! I'm having a problem accessing my WEB Application using Public IP in my local network but working if I'm accessing it externally. I already configured the DNAT policy Source zone in Any Zone but still no lock. Currently my version…

Hi there, since some days, we encounter Bruteforce-Attacks against our Mainfirewall (Sophos XGS): Access from IP address '92.53.xxx.xxx' is blocked for '30' minutes after '5' unsuccessful login attempts I've tried to block all requests from…

Hi Sophos Community After a lot of trial and error I'm hoping you can help me finding a solution to my scenario: In my home setup I have my wan-interface of the sophos in a transit network. My ISP router forwards any traffic to the sophos. Now…

Hi everyone, I have some problems with the STAS service. The picture shows the topology: I have two locations, the HQ with an XG210, and the branch with XGS136. Both are connected through a VPN tunnel. The STAS server is in HQ location. The communication…

For firewall rules that allows access to a sensitive system (host) and where access is usually not required all the time, it would be nice to have a feature to enable them manually when needed but with a timer that disables the rule after 60 minutes or…

Hi Team, Kindly schedule support call for Gmail block setting in Firewall.

Hello there, I have been searching long time to do the following with Sophos XG 230 Firewall. But still could not find solution. Can anybody help 1. Block Microsoft 365 One Note alone. Rest of the Microsoft 365 should work. Blocking One Note on Application…

Hello, We've seen a message on the Sophos Firewall WEB-UI leading us to this article: "Multiple failed login (brute force) attempts for WAN-facing portals on Sophos Firewall" https://support.sophos.com/support/s/article/KBA-000009932?language=en_US…

Hi Folks, I'm moving from UTM to SFOS. Getting it setup with the basics was all fine but something I've been wanting to try for a while was to remove the masq rules as sophos is my back firewall in a back to back config. I ran into an issue though…

If you are not registered in Active Directory, you cannot access the internet. How can I do it?