my machine is XG125 (SFOS 19.5.2 MR-2-Build624 , I had tried to block facebook using webpolicy.policy tester shows that site is blocked but i'm getting the page.

Hello, in our head office we have a XGS2100 Cluster running on firmware version: SFOS 19.5.2 MR-2-Build624 We have some branch offices connected via IPSEC tunnel interfaces to the head office. For this we have some SDWAN Routes. Is there a way…

Hi all, XGS 19.5.2: I did that a couple of times: I have a Problem with Port Publishing when using different ports (externally 2100, internally forwarded to 22). I define an access rule from WAN to LAN on Port 2100. OK. I define a D-NAT rule…

Hello, We have the following scenario: Two Sophos XG310 with active-passive high availability enabled. Since we configure high availability from time to time, the site-to-site ipsec VPN service just stops working, 80% of our tunnels are disconnected…

Hi all, I have a new XGS 107 (updated to 19.5.2) that is unable to activate subscription/sync license. Activate Subscription is greyed out. So i activated my subscription in mySophos. But syncing license from device gives timeout. licensing.log…

Hi, the primary node of our firewall last night decided to go out of service, the last thing we could see was a full /tmp partition: At 2023-07-05 08:55 when logged in SSH to C420xxx9CF, it showed /tmp full: GMTLOG: could not write temporary statistics…

Hello every one You are using xgs3100 firewall reboot itself. I want to know what is the reason XGS3100 (SFOS 19.5.2 MR-2-Build624)

any one can help me? please.... is there any way to block download exe files over browsers. if any one has answer please describe it step by step. i have xg230 with firmware SFOS 19.5.2 MR-2-Build624. i already do web policy and i blocked http…

Hi, I'm trying to enable an IPSec Site-to-Site connection with a remote location but have a few problems on the route side Here's my config : Sophos XG - SFOS 19.5.2 MR-2-Build624 Sophos LAN on 172.16.16.x (set as LAN in Hosts and services)…

Hi, this issue is listed as resolved for 19.0.2 NC-111476 FQDN Subdomain learning isn't working in case of non-SFOS DNS server set for client. We're on 19.5.2 We have a server that downloads files once per day from a FQDN like files.downloadserver…

Customer has a XGS 3300 in HA, last week we tried to update to new firmware 19.5.2 (installed is 19.5.1) and that didn't work. After investigation we discovered the Auxiliary unit didn't response to anything than a hard reboot. After the hard reboot…

Clients were connecting fine with Sophos Connect and had their static IP adresses. Suddenly one day it was saying wrong PSK every time I tried to connect. I've checked PSK and many others settings and averything is fine. My SOPHOS XGS2100 has SFOS…

Hello everyone . I have a problem with the configuration of the PXE/SCCM taking the XG as DHCP . Here is my config - next server: ip address of my TFTP server (SCCM) - Boot file location: SMSBootPM100003\x64\wdsnbp.com I get this error ( TFTP time out…

Hi, I am facing a problem with the LAN zone attached to multiple interfaces. FW: SFOS 19.5.2 MR-2-Build624 Setup: Port1: LAN (192.168.30.254/255.255.255.0) Port2: WAN Port3: LAN (192.168.32.254 /255.255.255.0) I've created the following test rule…

Hi. I am currently working with a test environment and have configured two XG firewalls to have an IPSec Policy-based site-to-site connection between them. I cannot get the IPSec connection to forward traffic correctly. I have been trying for hours…

I've been using Sophos XG home for a few years now on various devices. I recently got it running on Proxmox, on a small Celeron N5105 box with 4 cores and 16gb RAM. I backed it up on the old box using Sophos Central and performed a fresh install on…

Hello, Today I started the configuration of a brand new XGS126. After completing the initial setup I chlick on the final "continue", then for some seconds the "Finishing" screen was shown and then I got the login page again. But after logging in again…

Hi All, We have a network firewall rule setup to allow traffic to a WAN destination. However we can see in the logs that the traffic is getting blocked by the web filter component. We have a user network rule further down the list that allows access…

I notice many firewall denied firewall logs created by a rule, that is an allow rule only. Even more strange is, that the port 1027 logged is not contained in the rule. Watching the traffic with drppkt shows no blocked packets. Tcpdump shows the…

Hi, Encountering a weird error when trying to attempt using a server for DNS forwarding. We have a few branch offices - each connecting to DC via IPSEC (Connection Type: Site-to-Site / IKEv2) - with the DNS Forwadering Host in the DC. Now here's…

Hello i have a XGS136 (SFOS 19.5.2 MR-2-Build624) and we need for a Cyberpolice to disable TLS 1.1 for MTA SMTP on the sophos I heard there is a workaround ? NC-77151 ?? thx Andy

Hello, I am not able to connect with a local FTP script to a server. This script works at another location but not here. Sophos XG latest version SFOS 19.5.2 MR-2-Build624 Here is the log: messageid="01001" log_type="Firewall" log_component="Invalid Traffic…

Hello, Can I have PIM-SM and IGMP on a interface in the same time? I have a problem with IGMP on interface with active PIM-SM neighbour (pim-sm router). In the presence of a PIM-SM neighbour, IGMP is inoperable for another destination. Is this behavior…

Hi all, I was playing with SSL/TLS decrpytion and it breaks RDP connecyions with error "The Local Security Authority cannot be contacted". The only exception that works is if I make the excpetion for the address I am connecting to, which is extremly…

Hi all, Since SFOS 19.5.2 MR-2-Build624 we now have 3 customers so far, some with HA setup and others with stand alone, that the firewall suddenly stops and all the network interfaces are off. The LCD panel on the front shows fw status, but none…