• XG310v3 HA Active/Standby site-to-site VPN connections, 19.5.3. Unable to edit, delete or change status.

    Esa Salminen
    Esa Salminen
    Figured as since I cannot find anyone else experiencing this issue, wanted to highlight this here if it helps someone else or if Sophos want to investigate themselves. FW type, config and version in subject. TLDR: Disable HA if you experience issues with…
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • Unable to set different preshared key for different remote access VPN tunnel

    SLS Support
    SLS Support
    We recently converted the UTM to Sophos Firewall OS (SFOS 19.5.3 MR-3-Build652). This Sophos Firewall interface is much worse than the UTM interface and buggy as well. One issue we found is we are unable to set different preshared key for different Remote…
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • Set an indipendent second WAN interface

    LeonardoM
    LeonardoM
    Good morning, I have two clusters of XGS 2100 in HA (Active-Passive) running with the firmware version 19.5.3 MR-3-Build652 . This is my current setup in both of the clusters: WAN1 (ISP) > Port2 LAN > PortF1 HA > PortF2 - PortF2 As per object…
    • Answered
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • Unable to obtain IP address from DHCP created for VLAN interface.

    kei
    kei
    Hi! Unable to obtain IP address from DHCP created for VLAN interface. The L2 switch is a NETGEAR GS308T and is trunked to the Sophos XG Firewall. I have an access point connected to the GS308T and cannot get an IP address via DHCP on my iPhone or…
    • Answered
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • Re-import users from Active Directory

    Fizzle
    Fizzle
    Sophos XGS 4500 19.5.3 Before I fully understood how the Sophos/AD import and integration worked with respect to users, groups, and authentication for SSL VPN I set up AD search scopes to import users. I didnt understand that Sophos would automatically…
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • Greylist synchronization

    Jos Verhallen
    Jos Verhallen
    Hello, Yesterday we have upgraded a Sophos XGs cluster to firmware 19.5.3 MR3-build652 and we noticed that one of the 2 nodes was greylisting e-mails coming from addresses that have e-mailed this organization in the past. Once we failed the nodes over…
    • Answered
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • Radius Authentication to Admin Interface Fails Despite Valid Test

    CF1 Tech
    CF1 Tech
    Hello, I am still relatively new with Sophos products. I've got a Radius server set up to authenticate users to the admin interface, but it's not working. I've reviewed the documentation several times and am unable to determine what I'm missing. I feel…
    • Answered
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • When are Clients with no heartbeat allowed to rules with Heartbeat requirement?

    LHerzog
    LHerzog
    We have a rule that is configured with heartbeat like this: A device had heartbeat days ago but currently has no heartbeat. XG430_WP02_SFOS 19.5.3 MR-3-Build652 HA-Primary# ipset -L hb_green |grep 172.16.xxx.xxx XG430_WP02_SFOS 19.5.3 MR-3-Build652…
    • Answered
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • DKIM issue with ed25519 selector

    Jules van Diesen
    Jules van Diesen
    One of our customers is encountering the following DKIM issue. Emails from two suppliers are consistently being quarantined due to DKIM verification. The selectors are as follows: s=strato-dkim-0003 c=relaxed/relaxed a=ed25519-sha256 b=512 s=strato…
    • Answered
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • Web console access via WAN 19.5.3

    mk659
    mk659
    First off I understand the security implications of enabling web admin access via WAN. I've added a Local services ACL exception rule to permit one IP to the WAN interface for SSH/HTTPS access, however I still cannot enable https on the WAN interface…
    • Answered
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • SFOS SW Installer 19.5.3.652 failed to Boot ISO on Dell PowerEgde R350 & R640

    SR-M
    SR-M
    Dear Community Member, during the task to refresh our firewall Hardware, we try to install SW-19.5.3_MR-3-652.iso on Dell PowerEdge R350 but it fails, mount iso over idrac stuck at ISO boot without any output. Secound try was to make USB Boot Stick…
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • Sophos XG with POP3 Scan

    Gerald Werner
    Gerald Werner
    We use a Sophos XGS87 (SFOS 19.5.3 MR-3-Build652) and we want to use POP3 Scanning in legacy mode. In document ( https://doc.sophos.com/nsg/sophos-firewall/18.5/help/en-us/webhelp/onlinehelp/AdministratorHelp/Email/HowToArticles/EmailConfigurePOPIMAPScan…
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • SFOS 19.5.3.652 failed to login to SSLVPN through RADIUS authentication mechanism because of access not allowed

    Vojtech Borkovec
    Vojtech Borkovec
    After updating to the version SFOS 19.5.3.652, users could not login to the VPN. Authorization is done on ESET's RADIUS server with OTP. The RADIUS server test will run correctly. There is an error in the log - failed to login to SSLVPN through RADIUS…
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • BGP / MPLS internet access stopped working after firmware upgrade

    Rafael Forte
    Rafael Forte
    Hello, My company has an MPLS that is managed by the service provider, and all traffic going to the Internet from the MPLS sites comes first to my Sophos cluster which is in our main site. This was implemented a few months ago and was working fine until…
    • Answered
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • SASI - Does the SASI engine scan imap/s traffic?

    rfcat_vk
    rfcat_vk
    I asked this question some 6 months ago, the thread is locked so I can no longer update it. Today I received a number of spam messages, which the XG has marked shown by the message in the mail message, but I get the same message added to genuine messages…
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • IPSec traffic not tunneled

    Ash666
    Ash666
    Hi, there is a IPSec tunnel not tunneling traffic to remote site. Traffic from remote site to my site is sent trough tunnel as expected, but traffic to remote site is being nated and sent trough WAN interface. Remote site has to use my internet…
    • Answered
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • Rule and Policies Order Best Practice

    Trio Fandi
    Trio Fandi
    Hello Friends, I just using Sophos Firewall XG310 SFOS 19.5.3 MR-3. All I know that order/sort of Rule and Policies position is affect to how Firewall Treatment on traffic flow. Kindly need advice, if I have a set of rule as below pict, what is the…
    • Answered
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • SMTPD service DEAD

    mulah
    mulah
    Started showing SMTPD service dead and i tried to go and restart service and found out that it can only be restarted in command console. After restarting the service in the command console the service will still show SMTPD service dead. All mail is…
    • Answered
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • dhcp option 43 for unifi

    PeteH
    PeteH
    hi, Can anyone tell me what the format is to get the dhcp option to work for unifi please on a sophos XG? I am using option 43 and have tried the ip of the unifi controller. This worked fine on v19.5.2 but since updating to v19.5.3 it now doesnt work…
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • FW vm login page Delay

    Tabish Hussain
    Tabish Hussain
    Hi Team, I recently install FW on VMware but issue is the login web page is taking too long to load. Using ssh I can easily and quickly go to the device setting but managementip:4444 is taking too long(20-30mins) to load. I used all the browser but…
    • Answered
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • Restore back up from V18.0.6 to SFOS 19.5.3 MR-3-Build652

    RyanHosiassohn
    RyanHosiassohn
    I take it this restore will work going from a back up V18.0.6 to SFOS 19.5.3 MR-3-Build652 But my question also is , on the new 19.5.3 MR-3-Build652, you have to make an ACL on the networks allowed to access the GUI of the device. It seems you…
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • Help! Firewall is "reachable" from Internet, but not able to connect to VPN or internal servers

    EdmundSackbauer
    EdmundSackbauer
    I am currently off site with no physical access to my firewall. Firewall is reachable from outside, e.g. WAF port 443 gives answer to telnet, and in browser any configured site is reported as "503 Service unavailable". Also SSL.-VPN port is listening…
    • Answered
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • XGS4500 SFOS19.5.3 Quarantine Report Only shows last days worth

    Yogi_Bear_79
    Yogi_Bear_79
    XGS4500 (SFOS 19.5.3 MR-3-Build652) The quarantine report appears to only show what has been received since the last report was sent. The subject line: Quarantine Digest (1 emails quarantined from 10 May 22 00:15 to 09 Sep 23 09:00) and the header state…
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • Sophos Firewall: v19.5 MR3-Experience and feedback post upgradation

    RahulAlexander
    RahulAlexander
    Hi Sophos team, Post 19.5.2 to 19.5.3 upgradation in XGs Firewall we observed that whatever we made changes in last 10-15 days it's goes after upgradation and now again we have to reconfigure it. it's seems like bug of firewalls and its need to resolve…
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • Upgrade from 19.0.1 MR-1-Build365 to 19.5.3. MR-3-Build 652 does not allow web traffic

    tomrgsd
    tomrgsd
    I recently attempted to update my XGS Firewall from SFOS 19.0.1 MR-1-Build365 to the latest 19.5.3. MR-3-Build 652. I have been putting it off and finally had an opportunity to upgrade. After the firmware applied and rebooted, I was able to remote into…
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • View related content throughout Sophos Firewall
  • More
  • Cancel
<>