Hello There,
This is regarding that some vulnerabilities are somehow there in sophos 19.5.3 firmware version .what can be the solution for this and second thing as of now we arent able to find licensing portal directly it is redirecting to sophos…
Hi all,
I'm struggling with an issue since few days. I'm using SFOS 19.5.3 MR-3-Build652 and I can't establish a TLS connection between two hosts on different VLAN.
I've a firewall rule that allows the hosts to communicate each other, the first…
Hello everyone,
I would like to upgrade my Sophos XG (SFVH (SFOS 19.5.3 MR-3-Build652)) to version 20 EAP. My XG is installed on an Intel NUC.
Could you please tell me which .sig file I should use in this case?
Is the license for version 19.5.3…
Hello All,
I was trying to disable TLSv1.0 and v1.1 on the 19.5.3 firmware. On entering the fw via SSH, I noted the presence of TLS1.1 for the proxy and captive portal settings.
HTTP add_via_header: on HTTP core_dump: off HTTP relay_invalid_http_traffic…
Hi Since the upgrade to ver SFOS 19.5.3 MR-3-Build652, all the users cannot connect via vpn. 3 customers with Sophos FW XGS 3300 cluster Sophos FW XGS 2100cluster Sophos FW XGS 116 The error is: ssl vpn error:0x20000000 scgui.log 2023-10-04 12:39:56PM…
Having issue registering firewall, guides show to clear certs, but im getting a notice saying the touch is not a valid command.
Clear certs post Sophos Firewall: Purging expired certs from Sophos Firewall
Rest certs post Registration loop
thanks…
Hello, I have two sophos: - XGS107 as branchOffice (19.5.3) - XG330 as HeadOffice (19.5.2) I am experiencing strange behavior on "route-base" ipsec tunnel. Tunnel status on both sites is down but on HeadOffice i can see that connectio is UP.
HeadOffice…
Hi altogether,
our customer use a Sophos XGS3100 (SFOS 19.5.3 MR-3-Build652) and we have configured STAS according to best practice. Two DCs with Agent and two member servers with collector. Connection works fine and there is no firewall woh blocks…
Good day, I am facing a strange issue with domain name resolution. Some domains are not resolved by XGS internal DNS. Below are nslookups from XGS Advanced shell. It used to work but suddenly stoped few days ago. Thank you for advice.
DNS Configuration…
We use three APX120 with a Sophos XG115 (SFOS 19.5.3 MR-3-Build652).
All was running fine for more than two years.
Since two weeks, all the accesspoints are "inactive". We have tried to disconnect them, rebooted them several times but the do not go…
Today our XGS started reporting ATP sources blocked without a Host Name, IP, or Threat.
There is also no information under Monitor & Analyze > Reports > Network & Threats: Advanced Threat Protection
How do I go about tracing down the issue?
…
Hi,
I have a WAF rule configured for path-specific routing, however, the routes I am specifying are all to the same target web server, but with different restrictions.
e.g.
/ - restricted to specific IP ranges, target sevrer1 /myapp/ - not restricted…
Hi,
we have a SFOS 19.5.3 MR-3-Build652 and since few weeks, when the ips update the patterns, the sophos firewall drops all the packets for 30s.
It will never do that before .
Is this a bug ?
Thanks
Regards,
We use Sophos Firewall as EMail Protection for incoming Mails.
Firmware: SFOS 19.5.3 MR-3-Build652
SMTP deployment mode: Device acts as a Mail Transfer Agent (MTA)
DKIM Settings:
DKIM is set to accept, some mails will be quarantined by DKIM verification…
We previously have XG-210, SFOS 19.5.2 but due to EOL on XG-210, we are forced to upgrade to XGS-2100.
We are now running the latest SFOS 19.5.3 on the new XGS-2100, and all SSL VPN users are experiencing severe performance issue.
The issue is impacting…
I need to add the TLS exclusions for allowing Office365 updates through because the Web Protection module is blocking them - I can update my Office365 apps fine without the protection as this has been tested successfully.
My firewall is XGS87 running…
IPSec Site-2-Site VPN
from initiator XGS to receiver SG firewall.
the XGS is on v19.5.3
IKEv1 (caused by SG capabilities)
Whenever someone rebooted the ISP router on the XGS site, the XGS will not re-initiate the connection and sits there disconnected…
Figured as since I cannot find anyone else experiencing this issue, wanted to highlight this here if it helps someone else or if Sophos want to investigate themselves. FW type, config and version in subject. TLDR: Disable HA if you experience issues with…
We recently converted the UTM to Sophos Firewall OS (SFOS 19.5.3 MR-3-Build652). This Sophos Firewall interface is much worse than the UTM interface and buggy as well. One issue we found is we are unable to set different preshared key for different Remote…
Good morning,
I have two clusters of XGS 2100 in HA (Active-Passive) running with the firmware version 19.5.3 MR-3-Build652 . This is my current setup in both of the clusters:
WAN1 (ISP) > Port2
LAN > PortF1
HA > PortF2 - PortF2
As per object…
Hi!
Unable to obtain IP address from DHCP created for VLAN interface.
The L2 switch is a NETGEAR GS308T and is trunked to the Sophos XG Firewall.
I have an access point connected to the GS308T and cannot get an IP address via DHCP on my iPhone or…
Sophos XGS 4500 19.5.3
Before I fully understood how the Sophos/AD import and integration worked with respect to users, groups, and authentication for SSL VPN I set up AD search scopes to import users. I didnt understand that Sophos would automatically…
Hello,
Yesterday we have upgraded a Sophos XGs cluster to firmware 19.5.3 MR3-build652 and we noticed that one of the 2 nodes was greylisting e-mails coming from addresses that have e-mailed this organization in the past. Once we failed the nodes over…
Hello,
I am still relatively new with Sophos products. I've got a Radius server set up to authenticate users to the admin interface, but it's not working. I've reviewed the documentation several times and am unable to determine what I'm missing. I feel…
We have a rule that is configured with heartbeat like this:
A device had heartbeat days ago but currently has no heartbeat.
XG430_WP02_SFOS 19.5.3 MR-3-Build652 HA-Primary# ipset -L hb_green |grep 172.16.xxx.xxx XG430_WP02_SFOS 19.5.3 MR-3-Build652…