Hi All
Ive spent some time on the Sophos documentation but I'm unable to get to an answer via the available online resources.
I have a firewall with a few basic rules.
Unrestricted internet policy - less web and app filter restrictions based on…
Kindly help.
I configured a load balance on two ISP links for my users.
Among those users, I want some specific users to make use of just one of the ISPs only whole the rest use both.
Hello everybody, I would have a question to the firewall rules and DSCP marking under "Other security features"... My Sophos instance is running in bridge mode in front of my router's WAN interface (with only one public IP). I apply the function " Scan…
Hello All,
I have added the "Block high risk (Risk level 4 and 5) apps" to the " Identify and control applications (App control)" part of Lan-To-Wan Firewall rule.
With this in the La-To-Wan firewall rule, I can not connect to a remote computer, using…
Hi,
we have suddenly a strange problem. We have an XGS136. We have two internal servers that need to be accessed from outside and the DNAT & NAT rules have been created accordingly. All the rules ( dnat, loopback, reflexive ) for the two servers are…
Hello,
Im doing some POC to chose the best firewall that have a good NGIPS.
The default IPS profile was not able to block Impacket, psexec or any other Windows RCE.
How can i made the IPS policy more strict for a LAN to LAN policy.
Hello Team,
I hope this message finds you well. I am writing to seek your assistance regarding a configuration issue I am facing with our sophos xgs firewall setup.
We have recently configured traffic flow and firewall rules for inbound and outbound…
In the IPv6 training, a manually configured IPv6 link-local address for the gateway was considered "best practice". fe80::1 would be a good choice... Is it possible to configure this with sophos firewall? ...or why this should not be done?
thx in a…
Added a new firewall rule. It does not show in the Rules and Policies. I thought maybe I didn't click 'Save'.
So I went back in to add a new rule. This time when I try to add the rule, it says 'Rule already exists.'
Ummm, okay. Where is it?
I would like to block access to and from certain countries with the MTA enabled. This was really simple on the UTM, but seems much more complicated in Sophos Firewall. I have created a black hole NAT rule as suggested in the documentation, but can’t work…
Hi,
here is my setup, i have 2 VLAN ( 20 and 30 ) and both have DHCP enabled, and both have similar setting.
VLAN is supposed to be used for Administration purposes and VLAN 30 for production traffic.
VLAN 20 does not have access to Internet…
Hello Everyone,
We encountered an issue with Sophos firewall XG. The issue simply is when we try to open the Banking website to do transactions or online banking, we authenticate normally. However, when we try to access anything in the bank website…
Hello,
I'm new to Sophos, and am deploying my first firewall to a very basic client, and just want to check what I have configured is a reasonable balance between security and functionality? I am just looking for opinions and whether I have missed anything…
Hello Team,
I've successfully configured the Sophos XGS in my security account and routed internal traffic via the Sophos LAN ENI instead of using a NAT gateway, which is functioning well. Now, I have another workload VPC in a separate account that…
What is the best way to block users from using any version of Team viewer and Any desk and what ports have you used if we need to block ports? How to do that on Sophos?
Hello,
I'm reconfiguring my fw (latest OS version), changing the zone and IP of my reverse proxy, from LAN to DMZ.
Externally I'm able to reach my web sites with the RP on LAN, but if I change the zone and internal IP in firewall rule and NAT rules…
I noticed a strange mixing of DHCP settings when having 2 reservations for one client MAC address.
console> system dhcp static-entry-scope show global
I have a VLAN on the XGS lets say VLAN10 Net: 10.1.2.0/24 GW: 10.1.2.1
On that VLAN is a XGS DHCP…
Hii Community,
I configured a firewall rule for VPN to LAN connection and another for LAN to WAN connection, attaching a NAT rule with MASQ for internet access. Despite this, I could establish a VPN connection with the Sophos Connect client but couldn…
Hello,
I have a situation where my ISP installed a router and gave me a subnet ( 10.1.1.0/24 ) with the gateway being the router(10.1.1.1).
My understanding is that I need to configure an internal network (i.e 10.1.2.0/24) on the LAN side of the firewall…
We have some customers who use quite sensitive software. We have had repeated session drops with one customer (always at noon on Tuesdays -GMT-) The IPS patterns are said to have been updated at this time today. IPS is only active for some external connections…
Good morning, I currently have a server in an on-premise datacenter that responds to TCP port 12233. So there is a very normal DNAT on the XGS firewall of the public ip 80.80.80.80:12233 towards the private server ip 192.168.1.10:12233 This service is…