I am running into issues with getting information on how to get get ABS Type Classification to install the XGS firewalls on board ships. The customer does not want to install the XGS firewalls without type classification and/or some time of approval by…
Good day
We are having a challenge, we have a firewall XGS 2100 , some devices that are connecting with wifi, they receive ip address from DHCP in the firewall, we have a firewall rule for the devices with Mac address, but the devices they are not receiving…
Good afternoon, I have a Sophos firewall that is integrated with a Windows Server Active Directory.Can a domain user be blocked from browsing the Internet through Sophos, but allow the computer they use to download and update the operating system, and…
We have AD synced Groups. We use them for FW Rule permissions, SSL VPN access and MFA control on the Firewall.
Now we have this scenario:
User XY is member of these groups:
Group A (used for a firewall rule) Group B (all members of the company,…
Hello everyone,
I have issue with routing over VPN IPsec tunnel. In my setup there are two Sophos XGS116 firewalls running SFOS 20.0.2 MR-2-Build378 located on HQ site and BO site. Each site has stabile ISP connection with static IPv4 address. VPN IPsec…
Hello everyone,
we have a XGS set up with SSL VPN, the VPN Portal, AD integration and MFA for every user. Currently we are facing brute force attacks on the VPN Portal. We tried to prevent those by setting up an ACL rule which is blocking countries…
Hi,
Good day!
I'm currently experiencing an issue where I can’t access my GUI. I checked the Tomcat service, and it shows as "stopped." I’ve tried restarting it several times, but it still won’t start. I even attempted a factory reset, but the Tomcat…
Hi community,
I need help to complete this configuration.
A customer needed to improve the VPN configuration beween his hq to the Oracle datacenter.
He had 4 classic IPSEC vpn
PROVIDER1-ORACLEIP1
PROVIDER1-ORACLEIP2
PROVIDER2-ORACLEIP3
PROVIDER2…
Hi all,
Started to have this issue the last day in the office 30mins before i left for the weekend.
Basically our network has been going very slow and i have lots of this in the firewall..... like non stop. Am i right to believe fe80: is internally…
Hi All
On 21GA we are trying to set up the thread feed firehol_level1 feed
https://iplists.firehol.org/files/firehol_level1.netse t
The feed is retrieved but not loaded into the system, all their other feeds do work unless they are to big to load…
I am reaching out regarding an XGS 116 recently purchased by a client. Interestingly, VoIP functionality—both inbound and outbound—is fully operational without any specific configurations applied to the device for the VoIP provider. There are currently…
Hello,
I am converting our customers from primitive FWs to Sophos XGS's and testing TLS decryption.
Would anyone be so kind to walk me through what is happening in specific case below:
Setup: TLS enabled, any of default profiles, Sophos CA as trusted…
Need help on this issue, I tried to configure the SD WAN routes destination to use SD WAN profile, but the traffic keep going through default.
I have tried to disable the Underlay SD WAN route and access speedtest.net (I put speedtest.net as destination…
Hi all,
I'm using OSPF but don’t want to redistribute all routes. On Cisco, I would probably use a route map to filter which routes need to be advertised. Here with XGS, I have unchecked "Redistribute connected" and "Redistribute static." I’m using…
I have two clients that use the same ISP. One client has an XGS87 and the other XGS116. The ISP does scheduled maintenance at night knocking the firewall offline. My clients will have to power cycle the firewalls to get them to connect in the morning…
Hi, all of a sudden we see that our FreePBX installations triggers Network-attacks in our XGS.
"Attacker" is our FreePBX, 192.168.1.22 - "Victim" is the IP of our SIP-Trunk Provider. Attack : PROTOCOL-VOIP Contact header format string attempt. This…
Hi,
we're experiencing a problem with Ipsec Vpn (site2site) from Sophos to Cisco.
In the Ipsec tunnel we have two subnet (subnet1 e subnet2) at sophos vpn side and one subnet (subnet3) in the remote site managed by cisco.
It seems that only on subnet…
Hi,
I have forced a rule where users has to vpn no matter what when they are outside our network domain.
I was able to perform a file provisioning that auto connect users to VPN, however I still have one issue is that sometimes, before connecting…
We are experiencing an ongoing connectivity issue with the Microsoft Teams App when conducting online meetings in our organization. Whenever a meeting is scheduled and participants are invited, only the initially invited users can communicate effectively…
Hello community,
we wanted to add rdp files to the list of blocked e-mail attachements.
Under blocked filetypes we added "rdp" but such attachements are not blocked. Other filetypes like f.e. "xls" are blocked correctly.
Do we have to add the rdp…
We use a lot of single user RDP sessions so I've configured STAS with Registry Read polling and it works except for two issues:
- When the polling happens every three minutes, the live users for the RDP sessions drop out for up to 10 seconds.
- If…
Hello Good Day,
I m using Sophos XGS 136 and web policy roles are working well but after a while when I search for sex images they appear but do not open the website.
So please how to not appear in searching engine.
Hi team ,
We have configured the SSL VPN in the firewall and allowed a single IP address in the permitted network resources, When we connect with VPN from other network, It will show the entire /24 network IP address as well as a single IP in the…
Hi,
I have a proxmox hypervisor I use it to spin up VMs and LXC containers, and I use MAC addresses to enforce some rules on my Sophos firewall. how can I add a MAC range so all the new VMs that have random generated MAC addresses (under the same vendor…