Hey Guys, I am using the Sophos XG as DHCP server which provides two DNS servers. One is a Pihole and the other one is the SophosXG itself. So normally the devices should resolve internal and external domains via Pihole, but when it is not available…

Hi folks, a question about XG ability to decode DNS over HTTPS and TLS, can the current version of XG decode DNS requests sent to it using HTTPS or than TLS? Ian

Hi all, we moved from LANcom to Sophos XGS SFOS 20.0.2. Fine so far. We migrated last night. Now it comes more and more, that some webclients are unable reach some URLs. Every clients are able to resolve every DNS name. But when putting that DNS…

Hey Folks, while deploying one XGS after another we noticed that Client-IPs in reports e.g. aren't resolved into DNS Names like on our SG/UTM Models. We created a DNS request route: 168.192.in-addr.arpa and domain.local pointing to the internal Windows…

I am working on migrating functionality from UTM to SFOS on XGS3300 hardware. This organization subscribes to this DNS filtering service: https://www.cisecurity.org/ms-isac/services/mdbr In the UTM, it was easy to bottleneck DNS queries so they are…

hello, Can I have a detailed procedure to configure my sophos xg106 as a dns server ? Thanks

Hi experts, I have an external web site hosted in the AWS, and the DNS domain name is registered in my local DNS server (Windows 2019 with AD and DNS). I have configurated the DNS options in Sophos XGS as shown below. The website does open for internal…

Referencing this previous post: Webpages SLOW to load That post is over 7 years old and locked, so I am posting here. I recently started having this same issue...Web pages take 30+ seconds to load for all users on network A number of coincidental…

Hello, I'm not an expert (for the moment) on Sophos. For a customer that has an XG Firewall, he asked to configure a SSL VPN connection. As I already done this some years ago on a privous Sophos Router, it should be possible ;-) But the LAN/WAN…

I've got a Site connected with RED60 The RED itself uses a single IP Subnet /31 IP Address and has 4 VLAN with /26 Subnets attached. In the Mgmt VLAN are Sophos APX Accesspoints connecting to Central. That setup was running up and fine for years…

Hi I have XGS4300 (SFOS 19.5.4 MR-4-Build71),DNS change Automatically in Sophos Firewall it can possible or not can you please guide how to resolve this issue.

I am using Sophos Firewall SFOS 20.0.0 GA-Build222. How do I setup DNS over TLS (with Cloudflare)? I can't find any instructions on the Sophos help pages.

Hi All... Customer has XG135 (SFOS 19.5.3 MR-3-Build652), Sophos is the main DHCP server for the network, for the last few months we have been battling with a strange issue. Sophos LAN IP is 172.16.0.10 Internal Microsoft DNS server 172.16.0.1.…

Good evening everyone, a customer of mine has currently patched an XGS firewall (SFOS 20.0.0 GA-Build222). The customer had a vulnerability scan with a result of 1 Medium CVSS. Namely: DNS Server Recursive Query Cache Poisoning Weakness www.tenable…

Hello, I have the following problem. We have two Active Directory Windows DNS servers on the internal LAN. They have entered the Sophos XG Firewall as a DNS server as a forwarding. The Sophos XG Firewall itself queries public DNS servers on the…

Hi all, sophos XGS3300 with SFPS 19.5. In my internal network I want to decommission an old Windows Domain Controller. That DC still logs multiple DNS requests from the Sophos (Azure Cloud and other requests) per Minute. I removed that DC as Authentication…

Instead of manually entering DNS IP addresses into the DNS fields, it would be nice if we could use an IP host instead. Say you wanted to use google as your DNS. A user could create an IP host called "Google DNS servers" of the two IP addresses 8.8.8…

I would like to get an opinion on firewalled subnets for security. This would be LAN subnets only. Subnet A is servers and subnet B is desktops. Subnets A and B have outbound internet access only. Subnet B (desktops) need to access Subnet A (Servers)…

Good day l have a client with a sophos xg 310, they did a security audit report on their network. and the report came with this queries for DNS server allows cache snooping. l want to Restrict the processing of DNS queries to only systems that should…

Hello, When I use Sophos as the DNS server, I sometimes get a timeout for the DNS resolution. I also tried it directly from the XGS CLI. CLI: XGS107_SN01_SFOS 19.5.4 MR-4-Build718# nslookup google.de. 1.1.1.1 Domain Name Server# 1.1.1.1 Domain Name…

hello configuring DHCP lease on XGS 107 firewall in "DNS server" section there is only 2 fields, is there a way to have the DHCP provide 3 DNS to clients Thanks Elie

Hi, I want some local DNS servers to do DNS over TLS (DoT) and have configured them accordingly. I created a rule allowing TCP 853 for those hosts - both IPv4 and IPv6. Because of IPv6 is assigned via PD I used the client MAC address (on local LAN…

Hello, I've Sophos XG installed in between ISP modem and router. The XG in bridge mode with LAN and WAN bridged together. The router and LAN all have internet access. However, Sophos XG doesn't - what I mean by that I can't update firmware for instance…

When forwarding DNS to servers like 1.1.1.1 or 8.8.8.8, is it possible to do so using DoH?

good morning we should create a configuration for our 3cx switchboard that resolves the name of the 3cx FQDN to an internal address of our network. The device supplied is XG106w (SFOS 19.5.3 MR-3-Build652), I have not found any guides that solve the problem…