• IPv6 Configuration and to NAT or not

    tomrgsd
    tomrgsd
    We have been allocated an IPv6 /48 from our ISP. I plan on using Global/Public IPv6 addresses for my clients utilizing /64 networks from that /48. Kinda one of the main goals for IPv6 to not have to NAT behind a public address. I am able to successfully…
    • 8 months ago
    • Sophos Firewall
    • Discussions
  • SFOS 20.0.0 GA-Build222 - Schedule for 2nd WAN PPPoE port not working

    techno.kid
    techno.kid
    Hi everyone, I can confirm that (to me :-) there seems to be a bug if you have more than one WAN interface with PPPoE: The " Schedule time for reconnect" under "Network" -> "Interface" -> WAN-Port will not be respected though it will show correctly…
    • Answered
    • 8 months ago
    • Sophos Firewall
    • Discussions
  • DNS Server Recursive Query Cache Poisoning Weakness | Sophos XGS

    Marcel Jordan
    Marcel Jordan
    Good evening everyone, a customer of mine has currently patched an XGS firewall (SFOS 20.0.0 GA-Build222). The customer had a vulnerability scan with a result of 1 Medium CVSS. Namely: DNS Server Recursive Query Cache Poisoning Weakness www.tenable…
    • 9 months ago
    • Sophos Firewall
    • Discussions
  • Firewall SG230 MAC interfaces

    Nfo99
    Nfo99
    Hello, We are doing inventory work and we want to know the MACs of the interfaces of our 2 Sophos firewall but I don't see any information online Someone can help me out? Thanks and regards
    • Answered
    • 9 months ago
    • Sophos Firewall
    • Discussions
  • AD User permissions not correct using API

    Rodrigue GRIMAUD
    Rodrigue GRIMAUD
    Hello, Using the Sophos API (v20) ( https://docs.sophos.com/nsg/sophos-firewall/20.0/API/index.html ), authentication works whether it's a local account or an Active Directory account. However, when creating a VLAN through the API, an error occurs…
    • 9 months ago
    • Sophos Firewall
    • Discussions
  • Sophos XG internal Active Directory DNS Server for local Domain DNS resoultion - dont work

    ADMIN Thomas Lietzow
    ADMIN Thomas Lietzow
    Hello, I have the following problem. We have two Active Directory Windows DNS servers on the internal LAN. They have entered the Sophos XG Firewall as a DNS server as a forwarding. The Sophos XG Firewall itself queries public DNS servers on the…
    • 9 months ago
    • Sophos Firewall
    • Discussions
  • IPv6 LTE Router Telekom

    PifPof
    PifPof
    hi Community. we have a lte router with a static IPv6 IP-Address on the WAN-Side. I turned on the DHCP for IPv6 as you can see below: and as you see, the xgs gets an ipv6 address: The Sophos Cluster has v20 installed and I can see the cluster…
    • 9 months ago
    • Sophos Firewall
    • Discussions
  • changing physical LAN ports to a different interface.

    Network Inter-State
    Network Inter-State
    I'm upgrading my firewall and trying to figure out a simple way to switch my regular LAN from port1 to portF1 after importing the backup. I want to upgrade from the regular 1-gig connection to a faster 10-gig SFP connection. The tricky part is that there…
    • 9 months ago
    • Sophos Firewall
    • Discussions
  • DHCP Client Options for WAN interface (FTTH)

    JeanP
    JeanP
    Hi, There has been several discussions / requests on the forum to have the possibility to configure DHCP client options on the WAN interface as their ISPs'DHCP servers require these options set to provide a lease. (from what I found, ref here or here…
    • 9 months ago
    • Sophos Firewall
    • Discussions
  • internal DNS Server get's requests from Sophos - don't know where from

    GernotMeyer
    GernotMeyer
    Hi all, sophos XGS3300 with SFPS 19.5. In my internal network I want to decommission an old Windows Domain Controller. That DC still logs multiple DNS requests from the Sophos (Azure Cloud and other requests) per Minute. I removed that DC as Authentication…
    • 9 months ago
    • Sophos Firewall
    • Discussions
  • DHCP addresses used/available

    TimAlbertson
    TimAlbertson
    Has Sophos figured out a way for firewall admins to see a numerical count of active DHCP leases? OR are we still relegated to paging through and counting the leases?
    • 9 months ago
    • Sophos Firewall
    • Discussions
  • URL prioritizes

    Tharindu Premarathne
    Tharindu Premarathne
    Hi All, One of our customers requests me to prioritize specific URL traffic to all the users (sample URL - example.example.com/.../ . Does anyone have an idea how to do this task? He has two WAN links and I tried the SD-WAN routes but had no luck…
    • Answered
    • 9 months ago
    • Sophos Firewall
    • Discussions
  • DHCP requests not routing over IPSEC

    Stuart James
    Stuart James
    I have a DHCP server running at head office on 192.168.100.21 which is a Windows Server that has a Sophos as it's gateway The branch office has a Sophos There is an IPSEC tunnel between the two Sophos units The branch office has a DHCP relay pointing…
    • Answered
    • 9 months ago
    • Sophos Firewall
    • Discussions
  • Vlan add via Cli

    Rejep Annamuhammedov
    Rejep Annamuhammedov
    hi . i want to use the CLI to add VLAN ID to the lan interface . how can i do that ? i tried using the Device concole but i find that i can do that only for bridge interface. Thanks
    • Answered
    • 9 months ago
    • Sophos Firewall
    • Discussions
  • Question about traffic shaping

    eclipse79
    eclipse79
    Hello, I configured my XGS to use traffic shaping for Teams and Zoom (Applications - Traffic Shaping defaults). Do you confirm that I don't need to select also "Apply application-based traffic shaping policy" under the proper firewall traffic rule…
    • Answered
    • 9 months ago
    • Sophos Firewall
    • Discussions
  • Use IP host list as DNS server options?

    alan weir
    alan weir
    Instead of manually entering DNS IP addresses into the DNS fields, it would be nice if we could use an IP host instead. Say you wanted to use google as your DNS. A user could create an IP host called "Google DNS servers" of the two IP addresses 8.8.8…
    • 9 months ago
    • Sophos Firewall
    • Discussions
  • Sophos XG Bridge Mode in Multi Vlan Enviroment

    Samir Saraveli
    Samir Saraveli
    Need help Sophos XG Bridge Mode in Multi Vlan Enviroment I am attempting to setup XG in bridge mode on a multi VLAN line between switch infrastructure and the main routing equipment (The trunk from the switches to the router). Based on the documentation…
    • 9 months ago
    • Sophos Firewall
    • Discussions
  • DNS server allows cache snooping (dns-allows-cache-snooping)

    Anesu Dangarembwa
    Anesu Dangarembwa
    Good day l have a client with a sophos xg 310, they did a security audit report on their network. and the report came with this queries for DNS server allows cache snooping. l want to Restrict the processing of DNS queries to only systems that should…
    • 10 months ago
    • Sophos Firewall
    • Discussions
  • WAN Link Aggregation on XG?

    Daniel Gilbert
    Daniel Gilbert
    I have 2 WAN links from the same provider with the same gateway. Would it be possible to aggregate the connections (bonding) for double the speed?
    • 10 months ago
    • Sophos Firewall
    • Discussions
  • Installing Sophos XG v20 Firewall home edition and SETTING up ALL ports as a router

    alex makura
    alex makura
    Hi, I have gone through a fair bit of posts and how-to online, so I decided to post the question here, after 5 days researching this. ---------------------- My setup: Motherboard with 1 built-in 1000mb/s ethernet port, 2x PCI-e cards HP NIC 2 ports…
    • 10 months ago
    • Sophos Firewall
    • Discussions
  • DNS timeouts when using XGS107 as dns server

    Alexander Ruch
    Alexander Ruch
    Hello, When I use Sophos as the DNS server, I sometimes get a timeout for the DNS resolution. I also tried it directly from the XGS CLI. CLI: XGS107_SN01_SFOS 19.5.4 MR-4-Build718# nslookup google.de. 1.1.1.1 Domain Name Server# 1.1.1.1 Domain Name…
    • 10 months ago
    • Sophos Firewall
    • Discussions
  • Advanced DHCP Configuration with MAC Address Filtering and Custom Options in Sophos

    Nick Dann
    Nick Dann
    Hello Sophos Community, I am currently working on a sophisticated DHCP setup on my Sophos system and need some advice on how to achieve specific configurations. Any guidance or insights from the community would be greatly appreciated. My goal is to…
    • 10 months ago
    • Sophos Firewall
    • Discussions
  • Sample of syslog messages for Sophos Firewall

    Evgenii Panarin
    Evgenii Panarin
    Good afternoon, Can you tell me where I can find example messages for syslog? Since in the documentation below the table with examples is empty. Or is it necessary to use the legacy option in this case? Any suggestions on where they can be found are welcome…
    • 10 months ago
    • Sophos Firewall
    • Discussions
  • Issue with static DHCP in 1 interface and dynamic DHCP in other interfaces

    eclipse79
    eclipse79
    Hello In Port 1 I set static DHCP for 1 client. If this client tries to connect to port 5 using DHCP (in this case I did not set any static DHCP) the client will not receive any IP. If I remove the static DHCP entry for port 1, client will receive…
    • 10 months ago
    • Sophos Firewall
    • Discussions
  • DNS over TLS (DoT) causes "Invalid Traffic" but only on IPv6

    w0rmh0le
    w0rmh0le
    Hi, I want some local DNS servers to do DNS over TLS (DoT) and have configured them accordingly. I created a rule allowing TCP 853 for those hosts - both IPv4 and IPv6. Because of IPv6 is assigned via PD I used the client MAC address (on local LAN…
    • 10 months ago
    • Sophos Firewall
    • Discussions
  • View related content throughout Sophos Firewall
  • More
  • Cancel
<>