• IPS not applying to policies

    Elmo Heyns
    Elmo Heyns
    Hi All Ive spent some time on the Sophos documentation but I'm unable to get to an answer via the available online resources. I have a firewall with a few basic rules. Unrestricted internet policy - less web and app filter restrictions based on…
    • Answered
    • 5 months ago
    • Sophos Firewall
    • Discussions
  • specific users to make use of just one of the ISPs

    Akshay Waje
    Akshay Waje
    Kindly help. I configured a load balance on two ISP links for my users. Among those users, I want some specific users to make use of just one of the ISPs only whole the rest use both.
    • 5 months ago
    • Sophos Firewall
    • Discussions
  • SFOS 20.0 MR not showing any bandwidth in interfaces

    Andreas Wolter
    Andreas Wolter
    WAs used showing false bandwidth but after upgrading I get this: Anyone else experiencing this ?
    • 5 months ago
    • Sophos Firewall
    • Discussions
  • Firewall rule - apply traffic with specific DSCP marking only - not works

    Libor Kolar
    Libor Kolar
    Hello everybody, I would have a question to the firewall rules and DSCP marking under "Other security features"... My Sophos instance is running in bridge mode in front of my router's WAN interface (with only one public IP). I apply the function " Scan…
    • 5 months ago
    • Sophos Firewall
    • Discussions
  • How to exclude tightvnc from Risk or High Risk application list

    Søren Jensen
    Søren Jensen
    Hello All, I have added the "Block high risk (Risk level 4 and 5) apps" to the " Identify and control applications (App control)" part of Lan-To-Wan Firewall rule. With this in the La-To-Wan firewall rule, I can not connect to a remote computer, using…
    • Answered
    • 5 months ago
    • Sophos Firewall
    • Discussions
  • Some computers cannot access Internet, some can

    brucepott
    brucepott
    Hi, we have suddenly a strange problem. We have an XGS136. We have two internal servers that need to be accessed from outside and the DNAT & NAT rules have been created accordingly. All the rules ( dnat, loopback, reflexive ) for the two servers are…
    • 5 months ago
    • Sophos Firewall
    • Discussions
  • Block Impacket, psexec, Windows RCE

    MMASLOUH7
    MMASLOUH7
    Hello, Im doing some POC to chose the best firewall that have a good NGIPS. The default IPS profile was not able to block Impacket, psexec or any other Windows RCE. How can i made the IPS policy more strict for a LAN to LAN policy.
    • 5 months ago
    • Sophos Firewall
    • Discussions
  • Configuring IP Spoof and DoS Protection without Blocking Outbound Internet Traffic

    Yuvraj Singh
    Yuvraj Singh
    Hello Team, I hope this message finds you well. I am writing to seek your assistance regarding a configuration issue I am facing with our sophos xgs firewall setup. We have recently configured traffic flow and firewall rules for inbound and outbound…
    • 5 months ago
    • Sophos Firewall
    • Discussions
  • IPv6 - possible to configure the link-local-address (to fe80::1 for example) ?

    dirkkotte
    dirkkotte
    In the IPv6 training, a manually configured IPv6 link-local address for the gateway was considered "best practice". fe80::1 would be a good choice... Is it possible to configure this with sophos firewall? ...or why this should not be done? thx in a…
    • 5 months ago
    • Sophos Firewall
    • Discussions
  • New firewall rule does not show in listing

    Tony Graham
    Tony Graham
    Added a new firewall rule. It does not show in the Rules and Policies. I thought maybe I didn't click 'Save'. So I went back in to add a new rule. This time when I try to add the rule, it says 'Rule already exists.' Ummm, okay. Where is it?
    • Answered
    • 5 months ago
    • Sophos Firewall
    • Discussions
  • County Block with MTA enabled

    Steve Pringle
    Steve Pringle
    I would like to block access to and from certain countries with the MTA enabled. This was really simple on the UTM, but seems much more complicated in Sophos Firewall. I have created a black hole NAT rule as suggested in the documentation, but can’t work…
    • 5 months ago
    • Sophos Firewall
    • Discussions
  • Two VLAN on Same Server

    haidar salauroo
    haidar salauroo
    Hi, here is my setup, i have 2 VLAN ( 20 and 30 ) and both have DHCP enabled, and both have similar setting. VLAN is supposed to be used for Administration purposes and VLAN 30 for production traffic. VLAN 20 does not have access to Internet…
    • 5 months ago
    • Sophos Firewall
    • Discussions
  • Banking Websites Requires Re-authentication

    Osama Mansour
    Osama Mansour
    Hello Everyone, We encountered an issue with Sophos firewall XG. The issue simply is when we try to open the Banking website to do transactions or online banking, we authenticate normally. However, when we try to access anything in the bank website…
    • 5 months ago
    • Sophos Firewall
    • Discussions
  • Sophos MG 125 Setup

    CITY FM
    CITY FM
    I need help with setting up my MG 125 device for bandwidth management. Can it do the job well? Thanks
    • 5 months ago
    • Sophos Firewall
    • Discussions
  • Basic set of firewall rules for a very basic office

    Mark Tarrant
    Mark Tarrant
    Hello, I'm new to Sophos, and am deploying my first firewall to a very basic client, and just want to check what I have configured is a reasonable balance between security and functionality? I am just looking for opinions and whether I have missed anything…
    • Answered
    • 5 months ago
    • Sophos Firewall
    • Discussions
  • LAG (LACP) Details & Statistics ?

    dirkkotte
    dirkkotte
    Hi all, Is it possible to got interface- & error details for a LACP-connection? Thx Dirk
    • 5 months ago
    • Sophos Firewall
    • Discussions
  • Routing Traffic via Sophos XGS Firewall for Peered Workload VPC

    Yuvraj Singh
    Yuvraj Singh
    Hello Team, I've successfully configured the Sophos XGS in my security account and routed internal traffic via the Sophos LAN ENI instead of using a NAT gateway, which is functioning well. Now, I have another workload VPC in a separate account that…
    • 5 months ago
    • Sophos Firewall
    • Discussions
  • Preventing Users from using any desk or Team viewer

    Reem Jalal Eddine
    Reem Jalal Eddine
    What is the best way to block users from using any version of Team viewer and Any desk and what ports have you used if we need to block ports? How to do that on Sophos?
    • 5 months ago
    • Sophos Firewall
    • Discussions
  • From internet to DMZ

    Gino Pino
    Gino Pino
    Hello, I'm reconfiguring my fw (latest OS version), changing the zone and IP of my reverse proxy, from LAN to DMZ. Externally I'm able to reach my web sites with the RP on LAN, but if I change the zone and internal IP in firewall rule and NAT rules…
    • 5 months ago
    • Sophos Firewall
    • Discussions
  • two DHCP reservations messing up client gateway and DHCP options

    LHerzog
    LHerzog
    I noticed a strange mixing of DHCP settings when having 2 reservations for one client MAC address. console> system dhcp static-entry-scope show global I have a VLAN on the XGS lets say VLAN10 Net: 10.1.2.0/24 GW: 10.1.2.1 On that VLAN is a XGS DHCP…
    • Answered
    • 5 months ago
    • Sophos Firewall
    • Discussions
  • Sophos XGS firewall Rule Configuration

    Yuvraj Singh
    Yuvraj Singh
    Hii Community, I configured a firewall rule for VPN to LAN connection and another for LAN to WAN connection, attaching a NAT rule with MASQ for internet access. Despite this, I could establish a VPN connection with the Sophos Connect client but couldn…
    • Answered
    • 5 months ago
    • Sophos Firewall
    • Discussions
  • Transparently insert Sophos XG in a working network

    AGamal
    AGamal
    Hello, I have a situation where my ISP installed a router and gave me a subnet ( 10.1.1.0/24 ) with the gateway being the router(10.1.1.1). My understanding is that I need to configure an internal network (i.e 10.1.2.0/24) on the LAN side of the firewall…
    • Answered
    • 5 months ago
    • Sophos Firewall
    • Discussions
  • TCP Disconnect with IPS-Pattern updates ??

    dirkkotte
    dirkkotte
    We have some customers who use quite sensitive software. We have had repeated session drops with one customer (always at noon on Tuesdays -GMT-) The IPS patterns are said to have been updated at this time today. IPS is only active for some external connections…
    • 5 months ago
    • Sophos Firewall
    • Discussions
  • Proxy inbound connection to external ip

    LMSIIATO
    LMSIIATO
    Good morning, I currently have a server in an on-premise datacenter that responds to TCP port 12233. So there is a very normal DNAT on the XGS firewall of the public ip 80.80.80.80:12233 towards the private server ip 192.168.1.10:12233 This service is…
    • Answered
    • 5 months ago
    • Sophos Firewall
    • Discussions
  • dhcpd_eve+ ??

    Sofos network
    Sofos network
    Hi all I have performance problems with the xg86w, the cpu sometimes reaches 100% the top command gives the following result: Thanks you.
    • 5 months ago
    • Sophos Firewall
    • Discussions
  • View related content throughout Sophos Firewall
  • More
  • Cancel
<>