Hi all, # XG330 I have a project to set up an SFTP server to transfer data securely from a remote station to the SFTP server located in the DMZ.(Head Ofice) the server is installed, configured and integrated into the dmz. the remote client uses an…

We have 1 WAN IP from our ISP 18 LAN IPs from the ISP Current setup is one CAT6 from ISP to Sophos Firewall. Firewall has the 1 WAN IP interface setup for internet We need a port enabled for on the firewall for a Vendor router to use one of the…

I created a new rule which allows traffic originating from VPN subnet to the external IP address. I verified in the logs that the traffic passes by unobstructed. Also verified in SSL VPN settings that the particular VPN profile contains that IP address…

Hello Sophos Team, is there a Documentation on what URLs / IPs need to be in a Firewall Rule for Destination Host? I know the Ports that are needed: HTTPS / NTP / DNS -> Forwarded to Firewall IP and Uplink to DNS Protection Just found a List for…

Good afternoon I work at Virtual Box. I have three virtual machines. The first is the Sophos firewall, the second is the Windows 10 client. And on the third I have an Ubuntu server. The task is to block traffic from the Windows 10 client to the Ubunu…

Sooo when scanning the system i've noticed 113 is the only port showing as closed / reject. Since the other ports are Drop I've created a rule to drop 113 from all connections but SFOS isn't honoring the rule. Why? Why would they decided to reject only…

Hello dear all, I'm connected with one of my clients via LAN, without going to the internet, just a LAN to LAN connection to have access to their server. But the port open to receive SNMP traffic is blocked from time to time, and I no longer receive…

Setting up Blink Cameras and the XGS126 is blocking communication with the Blink Servers. Have updated the policy to allow 554, 443 and 80 for the camera's IP Group but still no go. Anyone else got this to work ??

Hello, we have a problem with our client where we put Sophos XG135 with latest update 20.0.0 on their network, like every day at the same time somewhere around 12:30-1pm and in the evening around 7-8pm, the internet stops but Sophos continues to work…

I'm having to restart this system to get Firewall / NAT rules enforced when changes are applied. This seems to happen with quite a few people in the community. I've found sometimes disabling the firewall rule that feeds a NAT rule loads the additions…

I like to open the internet access on the firewall. My Firewall is set up as airgap device. One laptop is connected to it to access the web console of the firewall. That laptop can access to the internet. Could you advice me how can I configured my…

Hello All, Yesterday my Firewall start trigger IPS alerts, 8 in totals. I see a specific WAN IP address in the rapport i want to completely block. I have read couple older disscution but nothing fully help me. I have already do this firewall rule: …

Good afternoon I have a problem that when I create a policy for firewalls and it is activated, it does not work. My goal is that I want to block access to the Internet, that is, so that when I go to some web page, my access is blocked, so that a message…

I am facing a very unique scenario where I simply want to disable the one ISP which in going in through Physical port in Firewall when that particular ISP goes down, don't want it as backup or primary, just want that port to turn itself off when ISP goes…

Dear Sophos Support Team XG135 sophos firewall port forwarding not working properly on our customer ..he has remote access on IPPBX branch..how can i solve this issue

I would like to get an opinion on firewalled subnets for security. This would be LAN subnets only. Subnet A is servers and subnet B is desktops. Subnets A and B have outbound internet access only. Subnet B (desktops) need to access Subnet A (Servers)…

I have an IKEV2 vpn server with internal IP 10.83.185.200. I am attempting to portforward traffic from my WAN port to to LAN port. For some reason, I am able to access the vpn server from the LAN side using my public IP. However, when I attempt to access…

Hello all We have 2 different NVR devices integrated to the Sophos XG firewall Lan zone via regular network switch. Is this type of integration without any VLAN definitions and different Ports is preferable ? This screens are latest situation…

How to block malicious IP or IPs on Sophos firewall ?

Hello. We had 2 XG330 firewalls in our environment that failed within a week of each other. I was able to back up the configuration from the working firewall before it failed. We installed 2 new XGS3300 firewalls and restored the configuration to those…

In Sophos XGS 136 firewall , we have four internet providers. Is there any possible to configure specific network to specific user

hello, i have two ip subnet on port-1 Lan interface (Vlan), the host pc can able to ping the Firewall Gw ip but from FIrewall to Host ping not work, i checked the Local windows firewall its already turned off. Now 100.0/22 subnet not reach to 15.0…

My XG 125 is blocking me from reaching hulu.com, and also blocking google shopping when it redirects me to googleadservice.com. As a test, I temporarily bypassed the XG, and I could get to those sites. So I know that the XG is blocking those sites. Then…

we configured Sophos XG in MTA mode. We need to restrict access to Port 25 for SMTP traffic to specific terminals only. Currently Port 25 is accessible from all LAN networks