I have a setup where branch offices uses resources and services from head office .
Our ISP requested we do BGP configuration for better performamce of their service.
After the configuration and connections established, branch offices are able to use…
I would like to route my WhatsApp traffic through various gateways. I have established an SD-WAN rule, which currently works only with IP addresses. However, as the IP addresses keep changing over CDN, I prefer to use Fully Qualified Domain Names (FQDN…
I work for a small university with a main campus and a single, annex building which is off-site. I have configured a XGS 2100 with an IPsec tunnel between the locations, which is working great. The problem is that I have no internet traffic from my LAN…
Feature Request:
In the SD-WAN Route Section there is no option to filter by users.
There is an option to filter by source but not by user.
Overall the filtering for the Routes section needs to be better like the rules and policies section.
hi all,
how do i change the route precendence from
Static route, SD-WAN route, VPN route.
to
Static route, VPN route, SD-WAN.
so the SD-WAN is the last
when i change, the firewall doesnt require a reboot does it?
thanks,
rob
I am very confused why this isn't working on the Sophos XG but is working if I make a static route on a Windows 10 PC. The below is what I'm trying to accomplish and what the IP and subnets are that are involved. Any assistance in how to accomplish this…
Hi,
When creating and SD-WAN connection group in central, we get to configuring interfaces and have the option of choosing either "SD-WAN profile" or "Primary and Backup gateways".
What is the actual difference here? It's not explained anywhere…
hi all,
want to make WIFI traffic go out a new WAN interface, i think im going to do it like this, what you think
network > interfaces network zone WAN, add ipv4 details and give it a gateway ip rules and policies > nat rules "default SNAT IPv4" change…
I have created an SDWAN routing to route a particular internal network via ISP 2. The problem is even traffic destined to DMZ zone in the same firewall is being routed via this SDWAN policy towards ISP 2 interface.
How can internet from an internal…
Hi
we have two new XGS2100s in HA that have replaced an XG230
On the older XG230 under OS 18.0.5 we had problems with printing from a web server externally to our internal Star CloudPRNT enabled devices (over TCP443).
They are very sporadic and…
Hello
I've got a strange behaviour when upgrading to SFOS 19.5.1 MR-1-Build278 from 19.0.2 MR-2-Build472. (XGS107)
Both of my static routes are not available after upgrade and can't be reestablished.
In Version tree 19.0.x everything is fine,…
So here is the deal - I have an entire network of devices (switches, APs, computers, laptops, servers, printers, IoTs) that was all built on a /16 subnet using public IP space and it is all just using default VLAN/VLAN 1.
176.100.x.x/16. It is slow…
Hi,
I have the the following setup:
Office FW (10.1.0.0/24) <==Policy based ipsec==> DC FW (LAN: 10.2.0.0/24; SSL-VPN: 10.3.0.0/24) <==Route based ipsec==> Partner FW (172.20.32.0/24)
I try to announce the routes for the office (10.1.0.0/24),…
Apologies if this has already been covered.
Sophos XG Firewall (Home Edition) SFVH (SFOS 19.5.1 MR-1-Build278) I have 5 public static IP addresses provided by my ISP. I have a single gateway address of xxx.xxx.xxx.9 I have a single WAN port which has…
Hie Guys, so im try to configure failover using ospf and a static route that uses a different link . so ospf works fine, when the destination network is not reachable the route is removed etc. but when i configure the static route with an administrative…
Hi.
I use a XG with 19.5.1 MR-1-Build278 Firmware.I have a strange behavior. Today, we can't ping our servers located at a "site to site vpn" branch office.
By now, all I can tell is, that the specific static route gets ignored. I see it on the web…
Hi!
I have created an SD-WAN policy so that the devices of a VLAN go out to the Internet through a specific WAN line. It works.
However, the devices of said vlan can no longer access to a device of another vlan when before the sd-wan rule they could…
Hello, hope all of you are ok.
I need help with something. I have 2 sophos, XG310 and XG210, on firmware 19.5.0. Both are in a buildings complex and share a LAN segment. One has GW 10.10.10.1, now Sophos 1 and the other one has GW 10.10.10.2 now Sophos…
Hi Team,
We encountered a problem wherein customer needs the following:
1. Head Office will route their internet connection to Branch Office once they experience no internet on the site.
2. Vice versa, Branch office should route their internet connection…
Hello Community,
We want to create a SD-WAN Route for WAN traffic and Internal Traffic to Data-Center.
Currently we have Branch location connected to Data-Center on IPSec Tunnel created with xfrm interface and BGP for failover. Now few of our key…
Hi all,
currently i am struggeling with the concept for a customer with more then 20 sites/branch offices.
Current setup is with RED-Devices, but the performance and stability is really bad, so we are thinking about using firewalls instead of red…
Hello,
i have issue with v19.5 , i have server in DMZ zone there's a connection between the server the other in other subnet and i made a rule for this, and working fine, and there's rule LAN TO WAN for this server , the problem is when i create SD…
Good day Team
l have just deployed a firewall XGS 2300
The network has 5 branches which are connected using GRE Tunnels. The communication from branches to HQ is working fine. We have a problem with the communication from one branch office to another…
I need to route a single host through a WAN that is not the default wan.
In the previous firmware version I just had to create a firewall rule and specify the gateway, but now...I'm lost.
I've followed this article Sophos Firewall v19: How to Choose…
Hi Guys, This is our network setup. We have couple of websites and Microsoft Direct Access server sitting on our LAN to access resources from outside .
Currently we have PFSence box and all working without any issue.
With Sophos no luck. I appreciate…