hi i previously posted a question on how to migrate trunk vlans from one port to another mew port for lag configuration. Once i did the transfer we lost connection with dhcp all clients cannot get ip address but once they get a static ip the communication…

Hi All, hope you can help. Ive recently been getting a lot of alerts with this as can be seen in the image below. searching with some of the IP addresses on greynoise it shows it as commonly seen and it is nothing to worry about. i have seen that…

"OneDrive File Download" and "OneDrive File Upload" Application Signatures are not working as expected on Sophos XGS 6500(SFOS 19.5.4 MR-4-Build718). I need to separate the OneDrive web application rules into "Download" and "Upload". However, it does…

Hello Team. I recently deployed a sophos xgs 3300 firewall. I am very green in regards to the firewall but I have managed to set it up and get the LAN and remote sites to access the network services. The challenge I am facing is making my public servers…

Dear Team, How to configure NVR rule on firewall. So that I can access the cameras through static IP from anywhere. Regards, Satpal.

Problem: When I go to the portals from my LAN zone I can get into all of them except the captive portal. Ports 4443 (user) , 4444 (admin) work. Port 8090 gives me an error in the browser: Firefox v133.0: PR_END_OF_FILE_ERROR Chrome v131.0.6778.87: ERR_CONNECTION_CLOSED…

On one of our XGS-firewalls, we need a NAT rule for HTTP/HTTPS. On this firewall, it's not possible to create or renewal a Let's Encrypt Cert. We need to disable the NAT rule, then it works to create/renewal the certificate. But this can't be the…

How i can disable CBC mode and chacha20 affected algorithms and enable CTR or GCM cipher mode encryption.

Hi , We are facing this issue. Any solution for this?

Hey everyone, today i noticed our Windows DCs want to communicate with Windows Clients behind a RED Device, where SFOS is recognizing it as a Freegate Proxy Application and blocks it Src IP = Win DC Dst IP = Win Client behind RED Seems to be…

We recently upgraded our Sophos XGS 4300 to SFOS v21. Since then, we are finding that a number of our users were receieving connection reset messages in their browser (Edge and Chrome) when attempting to access some websites with transparent TLS decryption…

Hi folks, a question for those who can provide guidance and maybe even answer. The daily report shows various classifications for NTP type traffic. 1/. 2/. 3/. I was reviewing the hairpin NAT configurations and found there were some items…

i have configured a clientless sftp policy that contains the bookmark and the bookmark contains the private and public key along with server information. I created a user on our portal and allowed it to use this policy. I did on the side another rdp policy…

Hi I have an issue whereby users cannot send images or documents on whatsapp mobile app. We have policy rules for social restriction but whatsapp i alloewd but seems not to be working

how to allocate bandwidth limit to specific IP or IP class?

Hi, I've got the following case on a customer site: Internal webserver on LAN, needs to be accessed from same or different internal LAN on the external IP, normally I use a loopback NAT rule and this works. Since a few weeks we had to switch to…

Hello, we have an question because in the past we have problems with DNAT when configuring our two WAN-links as active/passive. As a workaround we configured the two interfaces as active/active, but now the problem is the second link (which is limited…

Hello community, We want to fetch a list of IP addresses from a webserver and (dynamically) import them into a host group on our firewall (Sophos XGS3100 Vers. SFOS 20.0.2 MR-2-Build378 ). Our plan is to use the API along with a Python script that downloads…

on a sophos firewall (e.g. xgs136) I can view the interface statistics via the CLI. (command: show network interfaces) At the output I notice that there are many dropped packets at RX state (receive).(LAN Interface) Port1 Zonetype:LAN MAC Address…

Hey, after deploying our new XGS3300 with SFOS v21 we noticed several IPS Alerts which are created from a Veeam Guest Interaction Proxy to the Veeam Backup Server: Attack : FILE-OTHER Adobe Premier Pro ibfs32.dll dll-load exploit attempt Attacker: Guest…

Hello, I have a problem with mainly HTTPS connections showing up in the log as Invalid Traffic / Invalid TCP state. See screenshots below. example domain is https://telekom.de I have 2 Internet connections with separate NAT and SD-WAN routes. Routing…

Hello, I'm seeing more and more ISPs asking for CPE P-bit setting for their connections. As far as i know, Sophos Firewalls still doesn't support this forcing us to use a bridged router supporting this feature in front of the Sophos FW. Please consider…

Today we've had a partial outage due to high /var partition usage. It was flapping between 70% and over 90% in a short time. /dev/var 179.3G 138.6G 40.7G 77% /var /dev/var 179.3G 138.8G 40.5G 77% /var /dev/var 179.3G 138.9G 40.4G 77% /var /dev/var…

Hi all, I have a XG135 firewall and several RED devices, I also have several devices from Ubiquiti (UNVR and CloudKeys) and they are causing problems. Ubiquiti support keeps telling me that I need to allow access on UDP port 123 which they use for NTP…

Hi, I’m using a third-party threat feed with Sophos and under the impression that it should provide WAN to LAN protection. However, I’ve conducted a test and observed unexpected behavior. Here’s what I did: Created a custom text file list containing…