• Sophos XGS 107 firewall - do not relay IPv6 DHCP to LAN

    fsdfdssd
    fsdfdssd
    Hello, I have XGS 107 running in my setup. WAN is external network not managed by me. It looks like devices in the LAN network acquire Global IPv6 addresses instead of Link-Local addresses , which messes up a bit internet in my LAN network. Same setup…
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • Local admin services available on WAN port despite ACL not reflecting that

    Dahvid Schloss
    Dahvid Schloss
    So i'm a bit confused and could use some help. After running NMAP on my public IP for a sanity check i was greeted with ports showing open that shouldn't be available to the WAN port. I don't have any services checked on my local service ACL for WAN Starting…
    • Answered
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • Allow Port in Sophos Firewall

    Prasad Prasad
    Prasad Prasad
    Hi Everyone, I am new to Sophos firewall and I dont know much about this. Can any one tell me how to allow following port in Sophos XG135 (C1B0Cxxxxxxxxxx) CLOUC uses the following Ports HTTP, HTTPS and 9443 for the web console 5060 and 5061 TCP…
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • Error querying FQDN host in XGS firewall. There are multiple IPs for FQDN hosts in the internal network, and the firewall can only find one

    cy z
    cy z
    I am currently migrating the SG firewall configuration to XGS. After completing the configuration migration, it appears that the XGS firewall cannot query FQDNs properly. The same FQDN can be queried for two IPs in the SG firewall, but only one can be…
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • DNS over TLS / HTTPS with TLS Inspection

    Markus Flüß
    Markus Flüß
    Hello everyone, today the first occurences of DNS over TLS showed up in one of our customers logs. We have TLS Inspection rolled out at the company and are asking ourselves if the TLS Inspection also inspects DNS over TLS traffic and DNS over HTTPS…
    • Answered
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • Sophos XGS Firewall and Sonos in different VLAN - Multicast setup

    LHerzog
    LHerzog
    Has someone managed to get Sonos devices to work when they are on a different VLAN than the Sonos App? Would be great to share some information. Especially about routing Multicast through the firewall. I found a great article about this matter in…
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • Unable to add new service XG310 running 19.5.2 MR-2

    Jason Lohrenz
    Jason Lohrenz
    When going under Hosts and Services, and then under the Services tab, if I try to add a new service regardless of the name the save button does nothing. For example trying to add a service for ManageEngine Endpoint Central which requires TCP ports…
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • L3 VLANS not routing past gateway.

    Gavinr98
    Gavinr98
    Hope someone can help figure out what I am missing. I am pretty sure the issue is on the Sophos XG. I am setting up several VLANS on my Cisco 9500 L3 switch and the issue I am having is I cannot get passed the gateway when trying to access another VLAN…
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • XGS - DHCP String option 128 Vlan Polycom

    AstaroNBack
    AstaroNBack
    We were doing DHCP via Windows Server but decided to use Sophos XGS. DHCP to assign VLAN to Polycom phones via OPTION 128 String VLAN-A=20; - NOTE the ; (semicolon) MUST be at the end of the string for it to work with Polycom. XGS will not allow me…
    • Answered
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • IP phones are not connecting

    Indura Samarawickrama
    Indura Samarawickrama
    Hi, IP Phones are connected to the firewall on WiFi VLAN, then redirected to the router via SIP trunk. SNAT is enabled to establish the VoIP service. My problem is, in the firewall rule, if we choose source devices using IP host group, it only connects…
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • load balancing feature is not working and my users are Nat from the same ISP whenever they connected

    Muhammad Alyas Qaisar
    Muhammad Alyas Qaisar
    Dear Sir I have configured two ISP on two different ports of firewall providing the internet facility through Sophos Firewall. I am using the firewall load balancing features by assigning the weightage of 2:1 to both the ISP's. But load balancing feature…
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • MS Teams meeting drop 2-3 s : Protocol switch from TLS to SSL

    Saksit Sapphasan
    Saksit Sapphasan
    Hi All XG330 (SFOS 19.5.2 MR-2-Build624) I have the problem of connectivity lost, in MS Teams while meeting as picture below. According to analyse packet between incoming and outgoing when we use MS Team, I found that in the time of connectivity…
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • Unable to access VLAN networks from data networks

    Anesu Dangarembwa
    Anesu Dangarembwa
    I have 3 VLANS, 1 for CCTV, 1 for wifi controller, and the other for IP phones. data network - port 1 192.168.0.0/24 port1.12 - 192.168.2.0/24 - wifi. (VLAN) port1.13 - 192.168.1.0/24 - CCTV (VLAN) We want to manage the CCTV and the access…
    • Answered
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • Internet slow on XG firewall

    Gareth Brussow
    Gareth Brussow
    Hi, Got a client that has got a XG125 firewall. Users are complaining about internet speed. Internet line has been upgraded from 10/2 to 20/10 but there has not been a change in the speed. Changed the weight of the line from 1 to 50 but this…
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • Multiple WAN/LAN bridges on XGS 126

    Alfons Schönwetter
    Alfons Schönwetter
    Dear community members! We are planning to insert an XGS firewall into our existing network infrastructure with multiple WANs. This is the current setup: Three WAN routers from different ISPs with fixed public IPs are connected to a multi-WAN router…
    • Answered
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • cannot access yahoo web mail sites

    Kevin Stepper
    Kevin Stepper
    Hi all, I have a Sophos xg87 and a strange problem with accessing yahoo webmail sites from any computer on the lan. the site just does not open but also no error message appears and I can find nothing in the log files. It does not matter whether I…
    • Answered
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • Vlan routing issues -XG is virtual

    Nitin Mirchandani
    Nitin Mirchandani
    Hello I am trying my head around strange VLAN issues when XG is virtualized. The setup is as follows - ESXi has VLANS created. XG has two ports - Lan and Wan. Lan is on 4095, Wan is on different switch. XG Lan has multiple VLANS created (reflecting…
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • TCP SYN / retransmission

    Geniux
    Geniux
    On Sophos XG 19.01 MR1 Virtual appliance, i have for several minutes that any new TCP session outbound to the web is not connecting. while inspecting a tcpdump file, i see that existing TCP sessions work normally, just any new TCP SYN is not getting…
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • Firewall FQDN Subdomain learning different cache TTL issues with Windows DNS Server

    LHerzog
    LHerzog
    Hi, this issue is listed as resolved for 19.0.2 NC-111476 FQDN Subdomain learning isn't working in case of non-SFOS DNS server set for client. We're on 19.5.2 We have a server that downloads files once per day from a FQDN like files.downloadserver…
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • Odd Behavior with System Generated Traffic over IPSEC

    Corey-FTK
    Corey-FTK
    Hi, Encountering a weird error when trying to attempt using a server for DNS forwarding. We have a few branch offices - each connecting to DC via IPSEC (Connection Type: Site-to-Site / IKEv2) - with the DNS Forwadering Host in the DC. Now here's…
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • Cant connect to FTP

    DAENG
    DAENG
    Hello, I am not able to connect with a local FTP script to a server. This script works at another location but not here. Sophos XG latest version SFOS 19.5.2 MR-2-Build624 Here is the log: messageid="01001" log_type="Firewall" log_component="Invalid Traffic…
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • PIM-SM and IGMP on interface in the same time

    Jaroslav Faldik
    Jaroslav Faldik
    Hello, Can I have PIM-SM and IGMP on a interface in the same time? I have a problem with IGMP on interface with active PIM-SM neighbour (pim-sm router). In the presence of a PIM-SM neighbour, IGMP is inoperable for another destination. Is this behavior…
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • Selective deactivation of the SIP helper

    dirkkotte
    dirkkotte
    I have a customer with a well-functioning SIP telephony. But now he gets a problem with a door phone. This only works with deactivated SIP helper. ( system system_modules sip unload) Message: "Invalid traffic - Invalid connection helper" Possibly a dirty…
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • LAN port utilization high

    satyabrata bastia
    satyabrata bastia
    Hi, we have sophos xg-210 one LAN port utilization is high i have attached monitoring tools screenshot please check. model-XG210 Thanks satya
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • dhcp --lease Time increase

    satyabrata bastia
    satyabrata bastia
    Hi, currently we are running dhcp from firewall so some user lease time we need to increase so please help me how to extend lease time. Thanks satya
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • View related content throughout Sophos Firewall
  • More
  • Cancel
<>