I've successfully configured our XG Firewalls to push logs to our SIEM solution which works well, though when trying to trace source of DNS requests I can't find anything logged either locally on the XG, or anything on the SIEM other than a UDP port 53…

I'm trying to setup DNS Request Route to a DNS server on AWS. Situation is similar to the below but I'm using Sophos Firewall instead of UTM. For SNAT on the Sophos Firewall, I can't seem to use a subnet so can't test the resolution that is mentioned…

Greetings guys, Hope you all doing well, I'm running Sophos XG 85 and 105 at: XG105 (SFOS 17.5.17 MR-17-Build837) XG85 (SFOS 17.5.17 MR-17-Build837) I have multiple network environments where I use Sophos Firewalls XG 85 and 105. When I try…

Good day everyone! I am currently implementing an emergency firewall ruleset, which looks like this: - Allow all communications towards sophos central (for Live Response etc. to work) - Allow all communications coming from the physical Management…

We have two VLANs which are isolated from the rest of our network. They use external DNS for lookups. When the user hits a content issue, they are redirected to the firewall captive portal. However, because they use the external DNS they are pointed to…

Hey Team, I have tried to work this out from the forums but I'm simply not getting it! The XG has multiple WAN interfaces: - Primary with STATIC network assignment - Failover 1 with DHCP network assignment - Failover 2 with PPPOE credentials Network…

Hello Sophos-Community, this would be great to have on the DNS Controlling side of things. The feature in question is DNS Request Route! My Scenario would be multiple DNS Servers Public or Local with some subnets not having to hit the DNS Request…

I'm trying to get away from setting IP reservations and static DNS entries as it's just a waste of time. I want to just use internal hostnames for a variety of automation stuff. I've set a .local domain for all of my DHCP scopes (three) so I should…

Hi, I've set up a new VLAN (20) bound to the LAN hardware (Port1.20) with IP 192.168.20.1, and assigned it to the DMZ zone. If I run the policy checker using Firewall,SSL/TLS and web method, with the following parameters, it fails URL: dns://192.168…

Every time FQDN hosts object is being added to firewall it causes dnscache to restart. During restart name resolution using firewall fails. New FQDN host object being added to firewall, notice how PID changes for dnscache process. Instead of reloading…

Dear one query, I do not have an internal DNS server to resolve my zimbra internally, I have searched for a DNS service in sophos, I have added the FQDN and internal IP but it does not resolve, does anyone know how said DNS service is applied?

Are there any plans for Sophos XG to implement DNS sinkholing where malicious DNS requests are resolved to a "Black Holed" IP address and once a host tries to communicate with this IP address, we can identify the infected host. This would save a hugh…

I recently updated to SFOS 19.0.1 MR-1-Build365. Since the update my DNS host entries aren't working on all VLANs except the VLAN the firewall is connected to. They were previously working in 18.5 and I haven't made any configuration changes. I have…

Hi all, we have the following setup: - XGS 126, configured for SSLVPN - The global SSLVPN settings contain the IPs for both internal AD DNS servers and the AD FQDN (i.e. contoso.local) - The internal DNS is configured for Split-DNS to resolve external…

Hi, Please forgive this question. I am a complete novice so not sure even if this is possible. My situation: I have one server with a static IP On this server I have various web applications that are being served on different ports. Ie: Service 1…

Hello, I need to see the DNS queries generated from my LAN zone to the WAN zone of the XG Firewall. Through the DHCP of the firewall I am assigning the same Firewall as the DNS server. But I cannot identify or find anything in the logs or reports that…

Greetings everyone! I'm going to replace my UTM tonight with my new XGS136. Our domain controller will be primary DNS, and the XGS will be secondary. On the domain controller I set the forwarder to be the firewall. These are my settings. Have I set…

Hello All, I'm switching over to an XG firewall, and I can't get my Domain Controllers' DNS to resolve their forwarders. I can see the packets being allowed out and seem to have upstream bandwidth, but in Live Connections under DNS the downstream…

Hey, So I have this DHCP VLANS all like this and DNS like this From any computer in VLAN 100 I can ping another computer in VLAN100 like this ping cws-yellow-room But, if I try to ping a server (by name and not…

Hi! Recently I implemented my Sophos XG as local DNS server, but it does not resolve public DNS names. My setup is that I have some router working as DHCP server. Sophos is "work in progress", with WAN interface on the same subnet as router. It also…

Hi In my network environment, i am noticing a lot of TCP Latency and DNS retry issues. Currently i am using Unifi Switches and Unifi APs as network devices and they channel the traffic to the XG-115. I have reached out to Unifi support team to see…

We have a ongoing issue with Sophos Connect 2.0 and IPSec VPN connections where DNS resolution is extremely slow at first and sometimes never resolves itself. For example a user connects to the VPN and then tries to open a network drive then gets a error…

Hi, We have the Sophos XG and XGS UTMs behind an other firewall (not controlled by us). However the admin of that other firewall complains about a lot of DNS traffic coming from our Sophos. we tried dropping any DNS traffic from within the Sophos and…

Hello all I want to create NAT + Access rules for DNS and NTP so any UDP 53 and UDP 123 traffic targetted for WAN gets redirected to internal servers. Can anyone suggest how that can be achieved? Thanks A

I have my XG106 with v19 GA behind my XG125 with v18.5.2 MR2 for home testing. The only thing connected to the XG106 is the WAN link which feeds into a port on the XG125. The strange thing is I see in the XG125 logs is that the XG106 is making multiple…