Hi, what would be the proper way to configure different WAN ALIASES for outbound traffic, for example in this manner: LAN users would use WAN Alias 1 for browsing and accessing web LAN2 users would use WAN Alias 2 FreeWiFi users would use WAN…

Hello, We've seen a message on the Sophos Firewall WEB-UI leading us to this article: "Multiple failed login (brute force) attempts for WAN-facing portals on Sophos Firewall" https://support.sophos.com/support/s/article/KBA-000009932?language=en_US…

Hi, On brand new XGS-136 I have problem, which cannot solve for few days. So I would appreciate any hints. Packets are dropping randomly every minute or so, sometimes even more frequently, in the following direction: From LAN side --> to Sophos…

Hi Folks, I'm moving from UTM to SFOS. Getting it setup with the basics was all fine but something I've been wanting to try for a while was to remove the masq rules as sophos is my back firewall in a back to back config. I ran into an issue though…

dear all, can someone help to block both telegram App and website on my sophos firewall

hello, Alert Message: Message: SERVER-WEBAPP Arcadyan Routers CVE-2021-20090 Path Traversal Attempt I got this Alert today, and the attacker is one of the company's computer, I read an article about this vulnerability…

Hi everyone, I am using a Huawei 3372 LTE stick on my SG-125 with SFOS for a couple years now. It is configured in DHCP mode as a failover WAN connection when the main connection goes down. Up until now this worked as intended but after upgrading the…

clear 840 / 5.000 Übersetzungsergebnisse Übersetzung Is there a way to delay the failback in the event of a WAN failover? Our customer gets his Internet access…

Hi, I am new to Sophos products I newly get into it and the BASIC installation has been done. I discovered the Sage300 application that our staff working remotely using a public IP to connect to the onpremises server is not working after installation…

I have a problem regarding may rujie AP that connected in sophos firewall XGS2300. I created VLan 172.16.16.16 for employees user(mac binding) and Vlan2 17.15.15.16 for Guest wif(DHCP) from 172.15.15.20-100. My problem was when i tried to connect my android…

Looking at IP Hosts like #Port2 or ##ALL_RW, they are dynamic IP addresses, correct? So if Port2 is my WAN port and the ISP changes my IP (via DHCP), wherever #Port2 is used in any rule will automatically be updated instantly so that the rule still applies…

If you are not registered in Active Directory, you cannot access the internet. How can I do it?

Hello, Over the holiday weekend we upgraded our XG330's from 19.5.4 to 20.0.2 MR-2-Build378. After the upgrade none of our wildcard FQDN rules are resolving/working. They worked perfectly fine prior. This is causing quite a bit of issues for user authentication…

Hallo zusammen, seit Donnerstag bekomme ich ständig die Warnung mit folgender Nachricht: Message: Access from IP address '92.53.65.166' is blocked for '5' minutes after '5' unsuccessful login attempt. Unsere Firewall ist Alert for XGS2100…

On September 4, our Firewall VPN Portal was attacked from IP 92.53.65.166 (Russia) with hundreds of login attempts for different usernames. After bloicking this, today (September 8) we have been hammered by another attack, this time from hundreds of different…

Since today we have been experiencing massive password spraying attacks on many Sophos firewalls, especially on the VPN portal, which listens to port 443. Apparently these are attacks from Russia with the IP 92.53.65.166. How can I create a rule to prevent…

Hello: I have a WAN port (Port 2) that is connected to our ISP with an IP block of 65.170.xxx.xxx/29. We have another block of IP addresses from the same provider at 63.162.xxx.xxx/29. Both come in thru the same ISP router (Cisco 4300). There are 4…

Hi all, can someone provide a hint, how to access a device where all LAN-Interfaces are "tagged" and "LAG"-ports? I've restored a migrated config and now the only untagged port is the WAN-port (can#t ping or access these port) I am able to access…

Hello, i need some help. I have a Branch Office wiht a XG125 and SFOS 20 MR1 up and running. Laptop connects over a APX320 AP and get a WiFi IP Address. Laptop was able to connect through Microsoft Always ON VPN (IKEv2) with UDP 500/4500 find to…

Hi community, While troubleshooting an issue with a webservice on an internal network I found out after a packet capture on both the client and the Sophos Firewall (unable to capture on the webservice device) that the Sophos Firewall captures packets…

Hello, I try@home to migrate from UTM zu SFOS. On the good old UTM there was only one LAN Interface. This was the gateway for some PCs. At the network configuration on the UTM, I configured the real-router-getway as gateway in this one UTM NIC. It…

Hello Community, I am currently in Poland setting up a second S2S tunnel and I am struggling with the fact that the xfrm interface of the tunnel cannot be found under the interface to which the tunnel is bound. What am I doing wrong? Attached are some…

Hello Community, I am facing a challenge in getting a rule to block social media and video hosting to work. I created an application filter and web policy to block all social media and video hosting. Created the rule and placed it at the top. It blocked…

Hi all, any hints to configure mobile WAN as backup line? wired WAN is default but when line is down mobile WAN should jump in place. Mobile WAN must be turned on or not? WWAN Interface must be to automatic or manual? Thanks for help …

Good morning. I have a problem in identifying which server makes requests to another when the requests arrive to a loopback to access internal servers when pointing to their public ip's. Example: server with ip 192.168.1.20 resolves DNS that points…