Running XG 19.0.0 Build 317 I had the SSL VPN setup a year ago and did not use it much. Had some changes to network over the last year. I have upgraded versions of XG and now have a new service provider. I used the video to complete the setup…

Hi all, we have sophos XGS4300 (SFOS 19.0.0 GA-Build317) and there is some weird condition going on : - Sophos suddenly cant be acces from the local network, we tried plug a laptop directly to the LAN port but nothing work, we can only access it from…

Hello, I encounter weird communication issues on a network shared between two XG firewalls since V19 upgrade. A drawing being better than a long speech, here's my network topology : In short : 192.168.1.x is the LAN side of my ISP router. 192…

I'm using a Sophos Central defined SD-Wan Connection Group and a series of rules to allow connection between sites. As best I can tell all the rules are working for all other workloads. The only place I'm aware that these rules are not working properly…

Dear colleagues, I would like to discuss methods of restricting a (Windows) clients internet access with using only sophos firewall (XGS 3100 running 19.0 with full subscrition), no Client antivirus. I researched some other topics concerning wildcard…

Hi, we have a Sophos XG210, SFOS 19. We set a site-to-site VPN tunnel to SAP with the parameters they gave us. Locally, we have the network 10.X.X.X and 192.168.X.X (we are migrating to all class A), and SAP 10.100.0.0/22 & 10.100.4.0/27. The tunnel…

Hello All We are facing issue with SSL VPN with frequent Disconnect. It is affecting our Day to Day work. 300-400 people are depended on vpn. Kindly help to solve this issue. Model = XG310 Firmware Version = SFOS 19.0.0 GA-Build317 Thank…

Hi All I am trying to add a second WAN port in Sophos Firewall (XGS126 (SFOS 19.0.0 GA-Build317) but when I add the IP address, net-mask, gateway ip then I press Save and then Update interface - I get this error: "ip address lies within the leased ip…

Hello, I have two XGS2300 in A/P HA (SFOS 19.0.0 GA-Build317) I have problem with firewall rule that allow TCP: 587 to fqdn smtp.office.365.com from internal LAN from time to time traffic did not match this rule because firewall has problem to use…

Hi. I have a XG with SFOS 19.0.0 GA-Build317 version deployed. The firewall falls down and when I try to loggin on the console a error appears on the screan Authentication failed sh: /bin/nopcode: imput/output error Once this error appear, the only way…

I have routed based ipsec tunnel between head and branch. At branch I have a network on the firewall where I want a dhcp-relay that relay to a dhcp server at the head office. I need routed-based (as opposed to policy based) for OSPF. over 2 years later…

Hello, Starting to get a bit frustrated with the Sophos web certificates - think I am going around in circles. I have both the Default Appliance certificate and the Security SSL Certificate installed into the Trusted Certificates store on a Windows…

Hello, we are using NoSpamProxy to filter spam/malicious emails and this software uses Cryen Antivirus to check the mail content. Every email triggers a webrequest to the Cyren Server ( 84.39.152.31 ) on Port 80 but these request are blocked by the…

Hi Community So I am having trouble with configuring SSL certificate Currently I have a webserver hosted outside with a wildcard SSL Certificate Now I have webservers hosted on-premise that I want to upload the SSL Certificate too. If I revoke…

I've deployed VI-19.0.0_GA.VMW-317.zip last Sunday and migrated SFOS 19.0.0 GA-Build317 from old SFV4C6 to this new one (because of swap problems). Veeam ONE Monitor starts to send Guest disk space "/var" alarms today. It looks like SFOS v. 19 image has…

Hi team, someone can say this would be silly question, but I require a clarity on the same. I am using Sophos XG136 with firmware updated to 19. I have two bandwidth from different ISP's, one is 20Mbps and second is 25 Mbps with the new feature…

I'm a home user, and I'm trying to configure my Foundry VTT server. via my XG v19. When I try to http to it via the WAN, I get a violation error (as you can see in the logs). I can HTTP to it using my fqdn ( http://titanbananabefore.online/) via my…

Hello, I have a strange behaviour with Sophos XG. It is happening now on 2 sites. On one site I Have HA (A/P) XG2300 with v19 MR-1. On second I have HA (A/A) XG2100 with v19. I tried 18.5 MR-3 with the same issues. Most of the traffic seems…

Hi, I have a question about Web content filtering using either Web proxy or DPI-SSL and DNS requests/resolution. I have Sophos firewall set up in bridge mode with Netgear router as the gateway and for DNS. The Netgear router handles DHCP and DNS…

I went away over the weekend and on login on Monday I now get the following error and the CAA exits, nothing should have changed from when it was last working on Friday. Error: "Could not validate certificate! CAA will now close error" XG Firewall…

Hi, Is there a way to set the MTU for the IPSec Remote Access VPN on an XGS2300 v19? I'd like to se if tweaking it improves performance for my remote users. Thanks, Jeff

Hello, We have a Sophos firewall (SFOS 19.0.0 GA-Build317 ) behind a NAT router, and there is an issue with dynamic DNS on the firewall that shows a failed/unknown update when the NATed public IP option is selected. It already checked with two different…

Hi Guys, This is after 2 months of troubleshooting, escalations, helplessness from Sophos support, i'm writing this. I have this issue since we deployed the new XGS 4500 firewalls and still not able to resolve this. One of our core application is hosted…

In SFOS 18 or 19 other than comparing the Central firewall management policy levels against each XG, is there any way to distinguish firewall rules, hosts, services that are managed from Central policies (and which policy) vs those only present locally…

Hi, after I changed port type from dhcp (using firewall behind ips router) to pppoe (using fw to establish connection). I cannot register with Sophos Central using email and OTP or enable Red service. Internet works but quite slow (will open another…