• WAF with the webserver hosted in Azure

    Dominik Friedl
    Dominik Friedl
    Hello, we have a VPN-tunnel from our XG330 (SFOS 20.0.2 MR-2) to Azure and want to host a web application in azure. The VPN Tunnel was done via the configuration file and is route based, with the xfrm interfaces being in the169.254.0.0/30 subnet…
    • Answered
    • 18 days ago
    • Sophos Firewall
    • Discussions
  • Update certificates via API

    l0rdraiden
    l0rdraiden
    I have my certificates in a folder and I'm looking for a script that will update them when there is a change so that waf will continue working without manual intervention. I have very little experience scripting, I can read and understand more or less…
    • 23 days ago
    • Sophos Firewall
    • Discussions
  • WAF - VServer config problem

    Shadow82
    Shadow82
    Hi! Recently I want to configure a VIP with SSL termination on my Sophos Firewall 20 running as a VM. I have the SSL cert imported (+CA - there was no Let's encrypt E5 CA so I added it). I want to start from something really simple - Outside LAN to…
    • Answered
    • 27 days ago
    • Sophos Firewall
    • Discussions
  • publish Exchange 2013 on XG

    CreateShare
    CreateShare
    Hi, We purchased WAF License to publish Exchange OWA, HTTPS. What is the proper way to publish on-premise Exchange 2013 on XG Firewall? Thanks.
    • 29 days ago
    • Sophos Firewall
    • Discussions
  • WAF rule - service already configured

    Stuart James
    Stuart James
    Trying to create a WAF rule and it's thowing an error " Service is already configured on the specified port, choose another port" I've checked all firewall rules, NAT rules, admin/user settings, SSLVPN and can't find this port being used anywhere. …
    • Answered
    • 1 month ago
    • Sophos Firewall
    • Discussions
  • API Request show only WAF-Rules

    StefanKeel
    StefanKeel
    I'm experiencing with the API and Postman. We use a wildcard-certificate and I wants to update all WAF-Rules at once. Becuase the GUI-way ist very hard (every time set the certificate, all domains will be dropped and the domain from the certificate only…
    • 1 month ago
    • Sophos Firewall
    • Discussions
  • Sophos SFOS v21 WAF

    Daniel Santner
    Daniel Santner
    Dear all, I have Installed the Sophos SFOS 21 on a VM on Hyper V, and I am facing Issues with the WAF. I have a internal WebServer where you can gain access over Port 8080, I want to know if it is possible to access the WEB-Server over Public…
    • Answered
    • 1 month ago
    • Sophos Firewall
    • Discussions
  • waf

    Ilham Izzuddin Bin Sulaiman
    Ilham Izzuddin Bin Sulaiman
    Hi i want to ask the configuration of (WAF) regarding customer request to enable an additional port, specifically port 11883.HTTPS is currently enabled and functioning without issues. To accommodate the client’s request for port 11883, I have created…
    • 1 month ago
    • Sophos Firewall
    • Discussions
  • Display the real IP in Web Application Firewall (WAF) when using Cloudflare

    Saarbruecken
    Saarbruecken
    Many of us are using Cloudflare or similar services to protected their Extranet / Webmail and other public websites using the Sophos WAF. It's possible to display the real IP addresses on any Linux servers behind the firewall by enabling Pass host header…
    • 2 months ago
    • Sophos Firewall
    • Discussions
  • webserver || waf || dmz zone

    SatyabrataB
    SatyabrataB
    Hi, we have added a web server behind the WAF in DMZ zone. LAN/WAN- we can access the web server through a public IP address. we have a backup server in the LAN zone. How to do backup Lan to Dmz zone using public IP or private IP of server…
    • 3 months ago
    • Sophos Firewall
    • Discussions
  • WAF mail server

    Ilham Izzuddin Bin Sulaiman
    Ilham Izzuddin Bin Sulaiman
    Hi anyone can help me,currently i have implement WAF to my mailserver that have activesync,for now the waf rules listener port are 443 but how to allow any services like smtp/smtps/imap/ or pop3.im facing issue with slow login and cannot sent email out…
    • 3 months ago
    • Sophos Firewall
    • Discussions
  • Web Server Protection

    Michael9609
    Michael9609
    Hi Community Members, I hope this message finds you well. I am currently exploring the best practices for protecting web servers, particularly in scenarios where the firewall is not acting as the gateway, The XGS also acting a reversed Proxy.. Your…
    • 4 months ago
    • Sophos Firewall
    • Discussions
  • Web Server Protection not working

    Charl Fourie
    Charl Fourie
    Hi All, Sorry if this has been asked previously, I have combed through the forums and could not find a solution or direct discussion to this specific issue I am facing. We have signed up for the Sophos XG Firewall via the Azure marketplace image. I am…
    • 4 months ago
    • Sophos Firewall
    • Discussions
  • 8 years plus running no solution to Certificate could not be updated as it is already used by HTTP Based Policy

    Akshay Hegde
    Akshay Hegde
    When I go to edit the certificate and upload the certificate which is due for renewal ( every 13 months ), it fails with the following error at the top center of the screen: Certificate could not be updated as it is already used by HTTP Based Policy…
    • 4 months ago
    • Sophos Firewall
    • Discussions
  • Citrix Netscaler 2FA Not Working with Sophos XG Web Server Protection

    cromwell uy
    cromwell uy
    As with our current Sophos XGS Firewall Rules and Policies configurations, the Citrix Netscaler 2FA authentication is working. We started planning of using the Sophos XG Firewall Web Server Protection. The license required were purchased and registered…
    • 4 months ago
    • Sophos Firewall
    • Discussions
  • WAF rules to stop certain HTTP methods

    Richard Hamblin
    Richard Hamblin
    Hi everyone, I am trying to find out if I can use the WAF rules to stop certain HTTP methods for connections to one of our web servers. I would like to try to only allow GET and POST and deny any of the others such as "DEBUG", "CONNECT", "PUT", "UPDATE…
    • Answered
    • 4 months ago
    • Sophos Firewall
    • Discussions
  • How to protect Exchange OWA from brute force if the server is behind DNAT?

    VitaliiK
    VitaliiK
    Hello, need help for configurate Sophos XGS to protect Exchange OWA from brute force. S erver is behind DNAT
    • 5 months ago
    • Sophos Firewall
    • Discussions
  • Certificate wrong after flushing device reports

    Diego Depiante
    Diego Depiante
    Dear Friends: I’ve been following this article because none of my reports were working. Sophos Firewall: No reports show After flushing the reports, it appears as though I never completed the configuration of my WAF certificates. So, I decided…
    • 5 months ago
    • Sophos Firewall
    • Discussions
  • WAF RULE NOT WORKING AND GIVING WEB SERVER 403 FORBIDDEN ERROR

    SARVESH KUMAR
    SARVESH KUMAR
    WAF rule not working for a website that hosted on internal IP in windows server 2012
    • 6 months ago
    • Sophos Firewall
    • Discussions
  • Authentication template variables for ip address

    Akshay Hegde
    Akshay Hegde
    With reference to below doc https://docs.sophos.com/nsg/sophos-firewall/20.0/help/en-us/webhelp/onlinehelp/AdministratorHelp/WebServer/AuthenticationTemplates/index.html Is there any variable available to get client ip address? Example "client_ip…
    • 6 months ago
    • Sophos Firewall
    • Discussions
  • Mail and issues with ActiveSync / ActiveSync 1MB File Limit

    m4Viper
    m4Viper
    Hello, we have also this problem and cannot send larger emails from mobile phones throuth our XG135 firewall. (ActiveSync) What are the steps to fix this problem? (1MB Limit) Thank you
    • Answered
    • 6 months ago
    • Sophos Firewall
    • Discussions
  • Sophos Firewall - WAF response 403 Forbidden for Internal requests

    R Beatrix
    R Beatrix
    Hello Sophos Community, We are migrating from a UTM 9 unit to a new Sophos Firewall unit and I've setup a WAF rule for two internal web servers. When setting up the firewall rule, I chose the Action dropdown option of "Protect with web server protection…
    • Answered
    • 7 months ago
    • Sophos Firewall
    • Discussions
  • New to Sophos - Allow traffic to multiple docker containers sub domains

    Eric Vanatta
    Eric Vanatta
    Hi all, I'm looking for a bit of hand holding and guidance here. What I am trying to do is allow access to internal containers hosting multiple websites and applications. I have a fresh Sophos Setup with no special custom rules or anything yet. I have…
    • 7 months ago
    • Sophos Firewall
    • Discussions
  • WAF for multiple ports

    Stuart James
    Stuart James
    Gday Needed to forward 25 ports to a webserver using WAF. I can't for the life of me work out how to enter in more than one port to either. Surely I don't need to create 25 webserver and 25 WAF rules? Anyone done this before?
    • 7 months ago
    • Sophos Firewall
    • Discussions
  • WAF Rules Allowing Unexpected Requests

    cm00001
    cm00001
    Hello, I am getting some unexpected and unwanted requests (trying to find exploits) that are handled by one of the WAF Rules: Here's the WAF Rule that is being it with this traffic: Here's how it looks in the Event Viewer: How can I change the…
    • Answered
    • 8 months ago
    • Sophos Firewall
    • Discussions
  • View related content throughout Sophos Firewall
  • More
  • Cancel
>