What is everyone's experience with WAN link load balancing in v20? We're a K12 private school with two identical WAN links from different ISPs, Frontier and Comcast. Our goal is to enable WAN link load balancing in an active-active config, weight 1 and…

Hi all, I have several SFOS V20 in place. I can nomore add an ip network: "You must enter a network IP address." There is not much room for making things wrong and I did this couple of times before. No problem to add an ip host but no chance for…

Hi Configured one more WAN IP in the Sophos XGS136, link is up but traffic is not moving through new link, checked load balancing, everything is looking fine Pervious link is working fine, however the new link is not working, able to ping 8.8.8…

Hello Community, I am facing a challenge in getting a rule to block social media and video hosting to work. I created an application filter and web policy to block all social media and video hosting. Created the rule and placed it at the top. It blocked…

Hello, I have two sites configured with HA XG2100 firewalls, At both sites 1GBe Port2 is the WAN connection this is a 100/100 circuit typically usage is around 30%, 1GBe Port 6 is an MPLS L2 1Gbp/s Circuit that connects both sites. All LAN traffic is…

When will ipv6 be supported over PPPoE ? When I use any other router / firewall I am able to get IPv6 over PPPoE just not via Sophos

Hello Guys, I've tried to search, but without any luck. Basically I have a very simple configuration: LAN1 192.168.X.X --> WAN 1 Now I would like to modify the configuration, in this way: LAN1 192.168.X.X/24 --> WAN 1 LAN2 192.168.Y.Y/24 --> WAN…

Update to LAG not working unless you specify interface speed Using XGS4500 on 20.0.0 GA-Build22 with XSAZTCHF4 "Sophos FleXi Port Modul 4 port 10GbE SFP+" LACP bonding was not working on PortsA1-A4 unless specifying 10G Interface Speed manually, disabling…

I am using Sophos Firewall SFOS 20.0.0 GA-Build222. How do I setup DNS over TLS (with Cloudflare)? I can't find any instructions on the Sophos help pages.

Hi, Can anyone confirm whether Sophos supports /31 subnet config on WAN interfaces please? XG2100 running SFOS 20.0.0 GA-Build222 Thanks

hi all, we have a xgs 4300 v20 i want to give a new ip/host the same rule sets as an existing ip/host how can i do this please? thanks, rob

Hello, I am using XGS2300 Version 20 When users are on LAN, they cannot access servers on the same network while using their public IP, they can only access the server over the public IP when they move out of the network. How do I solve that

Hello everyone I am struggeling with the following: The customer has microtik router that connects via wireguard VPN to a remote Windows Server in a Datacentre. The Microtik router is the VPN Client, the Windows Server is the VPN Server. The employees…

This isn´t really a question but rather some strange behavior I ran into when updating a customer´s RED-Devices from v3.0.008 to v3.0.009. Environment: - Sophos XG2300 running SFOS 20.0.0 GA-Build222 - Multiple RED20 and RED60 Devices (6 total)…

Hello, I have a bridged interface. Port 1, 4, and 8. VLANs 1, 10. the bridge is in the LAN zone. VLAN 10 supports nearly all traffic, VLAN 1 exists for a private wifi network that allows guests/vendors to use the internet, but prevents them from…

I have 2 XG ver. 20 firewalls between 2 sites, both with Static public IP. There is a SDWAN route based VPN between the 2 sites, and it works perfect. the roude precedence is SDWAN, Static, VPN. I am trying to publish an internal server resource that…

Need some help getting our Sophos XG 136 (LAB) Firewall working with IPv6. ABCDC01: Role = Windows Server 2019 Domain Controller IPv6 = fc00:2222:3333:4444:cccc:dddd:eeee:10/64 IPv4 = Not Enabled Gateway = fc00:2222:3333:4444:cccc:dddd:eeee:ffff…

CPU Consumption is very high some time it is going up to 98 % I Stopped Below Highlighted service after that CPU is under control but the AV & IPS Services are Required for Firewall. stop the required services is not a good practice

Sophos v20 GA I have never noticed this IP Flood protection before. It is not applied, but I cannot see it's activation anywhere in the GUI. All I see activatable is SYN, UDP, TCP and ICMP, Dropped source routed packets, Disable ICMP/ICMPv6 redirect…

I have a primary and backup ISP, with the backup ISP being a cellular-based limited bandwidth plan. The purpose of the backup ISP is for my “critical” devices such as my home server which hosts my alarm system via Home Assistant (so I can still receive…

Our environment is Dell Windows 11 workstations "Clients" connected to Cisco 3850 switches that all go out through the internet via our Sophos SF01V (SFOS 20.0.0 GA-Build222) firewall. DHCP and DNS done with local Windows servers. We have about 140 Clients…

Hi everyone, I can confirm that (to me :-) there seems to be a bug if you have more than one WAN interface with PPPoE: The " Schedule time for reconnect" under "Network" -> "Interface" -> WAN-Port will not be respected though it will show correctly…

Hello, we have a problem with our client where we put Sophos XG135 with latest update 20.0.0 on their network, like every day at the same time somewhere around 12:30-1pm and in the evening around 7-8pm, the internet stops but Sophos continues to work…

Good evening everyone, a customer of mine has currently patched an XGS firewall (SFOS 20.0.0 GA-Build222). The customer had a vulnerability scan with a result of 1 Medium CVSS. Namely: DNS Server Recursive Query Cache Poisoning Weakness www.tenable…

I'm having to restart this system to get Firewall / NAT rules enforced when changes are applied. This seems to happen with quite a few people in the community. I've found sometimes disabling the firewall rule that feeds a NAT rule loads the additions…