• Outgoing SMTP Traffic

    admin_idl
    admin_idl
    Hello, We use 2 WAN interfaces but want to route the outgoing SMTP traffic via one interface. What would be the best approach here?
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • Do I need to use auto added Firewall rule for SMTP scanning?

    jek
    jek
    Hi, I am prepairing configuration to use XGS as MTA and I have some questions which I don't find answers to. Current situation: External MX and MAIL-out server are used, Exchange is set up locally. We have /24 public IPs on that site and only…
    • Answered
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • Enable users to integrate external mail server accounts (via IMAP/SMTP) with Sophos XG330 acting as an MTA in our network

    woody
    woody
    Good day, our Sophos XG330 acts as an MTA in our network. We have an on-premise Exchange server for whose domain we have created an SMTP policy in the Sophos email settings. This is working very well so far. Now we have to enable our users to integrate…
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • Is it possible to offload HTTPS on the Sophos fw and send plain HTTP to the real server ?

    Jochen Siers
    Jochen Siers
    Is it possible to decrypt HTTPs on the firewall and send plain HTTP to the webserver (without encrypting it again)? Thanks!
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • WAF & large files – how do you deal with it?

    dirkkotte
    dirkkotte
    Hi all, When AV or other protection features are enabled, we keep running into various problems while uploading large files. Sometimes the disk space (Temp=100%) seems to be the cause, sometimes other internal buffers. We have the requirement to allow…
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • Outlook translator feature blocked

    Obaida Thunibat
    Obaida Thunibat
    Hi, Outlook translator feature isn't working; I received this error, as seen in the below photo, and was unable to find out how to allow the traffic for the Outlook translator tool As I add my IP address to any destination + any port. The translation…
    • Answered
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • Stop! This website is blocked

    Dragos Avram1
    Dragos Avram1
    Hello everyone, Recently i noticed a bunch of tickets regarding the following. i want to go on facebook, but facebook is blocked. instead of the blocked page i get Error code: SEC_ERROR_UNKNOWN_ISSUER(firefox) or NET::ERR_CERT_AUTHORITY_INVALID…
    • Answered
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • Firewall in MTA mode not sending out mails

    Sven OlafSchuran
    Sven OlafSchuran
    Hello, I delete the MTA SMTP default rule, cause it seems to do to much. How is this rule used? How do I get it back? MTA Switch to Legacy and back? Config stays at it is? Thanks Sven
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • SMTL TLS Configuration Setting

    Dhaval User
    Dhaval User
    We disabled legacy TLS protocols and some of the legacy vulnerability did get mitigated. But we still have TLS1.1 vulnerabilities as per our vulnerability assessment tool. Is Sophos planning on removing TLS1.1 support from SMTL TLS config setting? what…
    • Answered
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • SFOS 19.5.3 MR-3: Web Server Protected, Path-Specific routing - should this config work?

    gavo_nz
    gavo_nz
    Hi, I have a WAF rule configured for path-specific routing, however, the routes I am specifying are all to the same target web server, but with different restrictions. e.g. / - restricted to specific IP ranges, target sevrer1 /myapp/ - not restricted…
    • Answered
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • EMAIL DKIM issue QUARANTINE with policy allowed

    philbert
    philbert
    We use Sophos Firewall as EMail Protection for incoming Mails. Firmware: SFOS 19.5.3 MR-3-Build652 SMTP deployment mode: Device acts as a Mail Transfer Agent (MTA) DKIM Settings: DKIM is set to accept, some mails will be quarantined by DKIM verification…
    • Answered
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • Sophos XG Firewall allow http download

    Simplified Sam
    Simplified Sam
    I am not sure which settings is causing it, but i have hard time finding anything usefull about it. On my network only https is allowed, now we got arduino boards which sadly downloads over the app their zips(firmware) over http (without the S ..…
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • .tar files for TLS exclusions for Office365 updates not available

    ADJ
    ADJ
    I need to add the TLS exclusions for allowing Office365 updates through because the Web Protection module is blocking them - I can update my Office365 apps fine without the protection as this has been tested successfully. My firewall is XGS87 running…
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • Order of domains in WAF rules

    Martijn Bouman
    Martijn Bouman
    XGS Firewall, WAF rules has 10 listed domains. What is the sort order based on for these domains? Whenever we delete one from say position 5, add a few new ones, then add the number 5 one again (we have saved and reopened the rule multiple times)…
    • Answered
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • WAF rules and IIS redirects with trailing slashes

    Martijn Bouman
    Martijn Bouman
    Situation. We have a WAF rule with several test sites in the domains list. Example below. test1.testurl.com test2.testurl.com test3.testurl.com test4.testurl.com These all point to one IIS. On the IIS these are all separate sites. When we…
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • is it possible to combine SFOS WAF with the built in OTP / MFA function

    LHerzog
    LHerzog
    I found some old posts (>2y ago) about the XG WAF module not supporting MFA authentication for a webservice. Has this changed since? We want to use MFA before using on-prem Exchange OWA. Many internal users already have an Sophos MFA token and it…
    • Answered
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • Mails sent from automatic systems related as spam

    rexer
    rexer
    Hi Our Sophos XG acutally moves much mails to quarantine which are not spam. For me, it looks like most of them are sent by automated mailsystems (a lot of them are invoices from partners, sent automatically to our invoice-Mailbox) The big Problem…
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • Site being decrypted with TLS decryption set to OFF

    staticfactory
    staticfactory
    Dealing with a strange issue where the FW appears to be trying to decrypt a site even though the setting is OFF. Is there another policy that would be impacting this (or producing this sort of error)?
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • YouTube for Schools exception in Sophos Firewall

    Alejandro Romero
    Alejandro Romero
    I've been wondering for a while, is there any way to check if the XG Sophos Firewall can provide access to YouTube for Schools rather than the general YouTube content? We're implementing a QoS plan, and that includes cutting YouTube access off, but…
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • Sophos Firewall cutting off URLs for web filtering.

    NexusHelp
    NexusHelp
    Over the last couple of weeks, we've been having an issue where a website that is whitelisted properly is getting miscategorized and being blocked as category none. As you can see in the picture below, the URL that the Sophos Firewall is processing…
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • DKIM issue with ed25519 selector

    Jules van Diesen
    Jules van Diesen
    One of our customers is encountering the following DKIM issue. Emails from two suppliers are consistently being quarantined due to DKIM verification. The selectors are as follows: s=strato-dkim-0003 c=relaxed/relaxed a=ed25519-sha256 b=512 s=strato…
    • Answered
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • Incorrect WAF SSL Certificate Served To Client

    haydenspence
    haydenspence
    Hi. I am facing an issue with the Web Application Firewall. I have several WAF rules configured, some using SSL and other are not. They point to a central web server. The domain name is used to differentiate each web app and that is forwarded on to…
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • Greylist synchronization

    Jos Verhallen
    Jos Verhallen
    Hello, Yesterday we have upgraded a Sophos XGs cluster to firmware 19.5.3 MR3-build652 and we noticed that one of the 2 nodes was greylisting e-mails coming from addresses that have e-mailed this organization in the past. Once we failed the nodes over…
    • Answered
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • DPI Engine / SSL Traffic not beeing decrypted

    seroal
    seroal
    Hi Team, I configured a DPI Rule, that should decyrpt SSL/TLS Traffic, but it actually doesn´t, despite Policytest says, it does. Even if AV Scanning is active, the firewall does not block access to https://secure.eicar.org/eicar.com.txt . If…
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • Sophos XG with POP3 Scan

    Gerald Werner
    Gerald Werner
    We use a Sophos XGS87 (SFOS 19.5.3 MR-3-Build652) and we want to use POP3 Scanning in legacy mode. In document ( https://doc.sophos.com/nsg/sophos-firewall/18.5/help/en-us/webhelp/onlinehelp/AdministratorHelp/Email/HowToArticles/EmailConfigurePOPIMAPScan…
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • View related content throughout Sophos Firewall
  • More
  • Cancel
<>