• checking latest firmware updates

    Moiz Bagban
    Moiz Bagban
    Hello There, This is regarding that some vulnerabilities are somehow there in sophos 19.5.3 firmware version .what can be the solution for this and second thing as of now we arent able to find licensing portal directly it is redirecting to sophos…
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • Can't establish HTTPS connection - INVALID_TRAFFIC

    Angelone
    Angelone
    Hi all, I'm struggling with an issue since few days. I'm using SFOS 19.5.3 MR-3-Build652 and I can't establish a TLS connection between two hosts on different VLAN. I've a firewall rule that allows the hosts to communicate each other, the first…
    • Answered
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • Wich .sig for upgrade 19.5.3 MR-3 to v20 EAP on a Intel NUC

    Xitey
    Xitey
    Hello everyone, I would like to upgrade my Sophos XG (SFVH (SFOS 19.5.3 MR-3-Build652)) to version 20 EAP. My XG is installed on an Intel NUC. Could you please tell me which .sig file I should use in this case? Is the license for version 19.5.3…
    • Answered
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • Chaps, could you please keep Sophos Firewall documentation in sync between versions and across countries?

    SHtan
    SHtan
    Hello All, I was trying to disable TLSv1.0 and v1.1 on the 19.5.3 firmware. On entering the fw via SSH, I noted the presence of TLS1.1 for the proxy and captive portal settings. HTTP add_via_header: on HTTP core_dump: off HTTP relay_invalid_http_traffic…
    • Answered
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • cannot connect via ssl vpn

    Shay Hanya
    Shay Hanya
    Hi Since the upgrade to ver SFOS 19.5.3 MR-3-Build652, all the users cannot connect via vpn. 3 customers with Sophos FW XGS 3300 cluster Sophos FW XGS 2100cluster Sophos FW XGS 116 The error is: ssl vpn error:0x20000000 scgui.log 2023-10-04 12:39:56PM…
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • touch /var/certcache/.clear_all_certs_on_reload - touch not a valid command

    Gavin Rodgers
    Gavin Rodgers
    Having issue registering firewall, guides show to clear certs, but im getting a notice saying the touch is not a valid command. Clear certs post Sophos Firewall: Purging expired certs from Sophos Firewall Rest certs post Registration loop thanks…
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • Sophos S2S ipsec -XGS107(branchOffice) <>XG330(HeadOffice)

    MOl
    MOl
    Hello, I have two sophos: - XGS107 as branchOffice (19.5.3) - XG330 as HeadOffice (19.5.2) I am experiencing strange behavior on "route-base" ipsec tunnel. Tunnel status on both sites is down but on HeadOffice i can see that connectio is UP. HeadOffice…
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • STAS ignore Live User

    Technik Technik1
    Technik Technik1
    Hi altogether, our customer use a Sophos XGS3100 (SFOS 19.5.3 MR-3-Build652) and we have configured STAS according to best practice. Two DCs with Agent and two member servers with collector. Connection works fine and there is no firewall woh blocks…
    • Answered
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • XGS - internal DNS issue

    Petr Kriz
    Petr Kriz
    Good day, I am facing a strange issue with domain name resolution. Some domains are not resolved by XGS internal DNS. Below are nslookups from XGS Advanced shell. It used to work but suddenly stoped few days ago. Thank you for advice. DNS Configuration…
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • All APs are inactive

    Gerald Werner
    Gerald Werner
    We use three APX120 with a Sophos XG115 (SFOS 19.5.3 MR-3-Build652). All was running fine for more than two years. Since two weeks, all the accesspoints are "inactive". We have tried to disconnect them, rebooted them several times but the do not go…
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • XGS ATP Alert (No Host Name or Threat)

    Peter Mastrangelo
    Peter Mastrangelo
    Today our XGS started reporting ATP sources blocked without a Host Name, IP, or Threat. There is also no information under Monitor & Analyze > Reports > Network & Threats: Advanced Threat Protection How do I go about tracing down the issue? …
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • SFOS 19.5.3 MR-3: Web Server Protected, Path-Specific routing - should this config work?

    gavo_nz
    gavo_nz
    Hi, I have a WAF rule configured for path-specific routing, however, the routes I am specifying are all to the same target web server, but with different restrictions. e.g. / - restricted to specific IP ranges, target sevrer1 /myapp/ - not restricted…
    • Answered
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • IPS update pattern drop packets

    GuiSeb
    GuiSeb
    Hi, we have a SFOS 19.5.3 MR-3-Build652 and since few weeks, when the ips update the patterns, the sophos firewall drops all the packets for 30s. It will never do that before . Is this a bug ? Thanks Regards,
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • EMAIL DKIM issue QUARANTINE with policy allowed

    philbert
    philbert
    We use Sophos Firewall as EMail Protection for incoming Mails. Firmware: SFOS 19.5.3 MR-3-Build652 SMTP deployment mode: Device acts as a Mail Transfer Agent (MTA) DKIM Settings: DKIM is set to accept, some mails will be quarantined by DKIM verification…
    • Answered
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • Sophos SSL VPN - Severe performance issue after upgrade to XGS-2100 SFOS 19.5.3

    Graboid$
    Graboid$
    We previously have XG-210, SFOS 19.5.2 but due to EOL on XG-210, we are forced to upgrade to XGS-2100. We are now running the latest SFOS 19.5.3 on the new XGS-2100, and all SSL VPN users are experiencing severe performance issue. The issue is impacting…
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • .tar files for TLS exclusions for Office365 updates not available

    ADJ
    ADJ
    I need to add the TLS exclusions for allowing Office365 updates through because the Web Protection module is blocking them - I can update my Office365 apps fine without the protection as this has been tested successfully. My firewall is XGS87 running…
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • XGS to SG UTM IPSec VPN not reconnecting, staying in disconnected state forever (IKEv1)

    LHerzog
    LHerzog
    IPSec Site-2-Site VPN from initiator XGS to receiver SG firewall. the XGS is on v19.5.3 IKEv1 (caused by SG capabilities) Whenever someone rebooted the ISP router on the XGS site, the XGS will not re-initiate the connection and sits there disconnected…
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • XG310v3 HA Active/Standby site-to-site VPN connections, 19.5.3. Unable to edit, delete or change status.

    Esa Salminen
    Esa Salminen
    Figured as since I cannot find anyone else experiencing this issue, wanted to highlight this here if it helps someone else or if Sophos want to investigate themselves. FW type, config and version in subject. TLDR: Disable HA if you experience issues with…
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • Unable to set different preshared key for different remote access VPN tunnel

    SLS Support
    SLS Support
    We recently converted the UTM to Sophos Firewall OS (SFOS 19.5.3 MR-3-Build652). This Sophos Firewall interface is much worse than the UTM interface and buggy as well. One issue we found is we are unable to set different preshared key for different Remote…
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • Set an indipendent second WAN interface

    LeonardoM
    LeonardoM
    Good morning, I have two clusters of XGS 2100 in HA (Active-Passive) running with the firmware version 19.5.3 MR-3-Build652 . This is my current setup in both of the clusters: WAN1 (ISP) > Port2 LAN > PortF1 HA > PortF2 - PortF2 As per object…
    • Answered
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • Unable to obtain IP address from DHCP created for VLAN interface.

    kei
    kei
    Hi! Unable to obtain IP address from DHCP created for VLAN interface. The L2 switch is a NETGEAR GS308T and is trunked to the Sophos XG Firewall. I have an access point connected to the GS308T and cannot get an IP address via DHCP on my iPhone or…
    • Answered
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • Re-import users from Active Directory

    Fizzle
    Fizzle
    Sophos XGS 4500 19.5.3 Before I fully understood how the Sophos/AD import and integration worked with respect to users, groups, and authentication for SSL VPN I set up AD search scopes to import users. I didnt understand that Sophos would automatically…
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • Greylist synchronization

    Jos Verhallen
    Jos Verhallen
    Hello, Yesterday we have upgraded a Sophos XGs cluster to firmware 19.5.3 MR3-build652 and we noticed that one of the 2 nodes was greylisting e-mails coming from addresses that have e-mailed this organization in the past. Once we failed the nodes over…
    • Answered
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • Radius Authentication to Admin Interface Fails Despite Valid Test

    CF1 Tech
    CF1 Tech
    Hello, I am still relatively new with Sophos products. I've got a Radius server set up to authenticate users to the admin interface, but it's not working. I've reviewed the documentation several times and am unable to determine what I'm missing. I feel…
    • Answered
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • When are Clients with no heartbeat allowed to rules with Heartbeat requirement?

    LHerzog
    LHerzog
    We have a rule that is configured with heartbeat like this: A device had heartbeat days ago but currently has no heartbeat. XG430_WP02_SFOS 19.5.3 MR-3-Build652 HA-Primary# ipset -L hb_green |grep 172.16.xxx.xxx XG430_WP02_SFOS 19.5.3 MR-3-Build652…
    • Answered
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • View related content throughout Sophos Firewall
  • More
  • Cancel
<>