Sorry if this is a stupid question, but I'm fairly new to the Sophos firewall world and some things aren't as clear as other vendors. I have a third-party that is publishing a Sage ERP software package for my client. We can authenticate the published…

Is it supported to setup webfiltering for incoming WAN traffic originated in the Internet WAN ZONE?

Hi, We're migrating from UTM's over to XG's. The UTM were able to host a wpad.dat file, and we load balance the address via an F5. The wpad contains ${asg_hostname) , this is then populated by the relevant UTM when the file is downloaded by the client…

Hi, I'm trying to set up a rule for Discord traffic but cannot get it working tried to find out from LogViewer what I need to add to the rule but informations I found there are rather confusing - the same traffic (dst addr & port) is once denied and…

If I do a policy test for https://sophostest.com/adult/index.html the Web Protection Category is marked as "Information Technology" If I do a policy test for http://sophostest.com/adult/index.html the Web Protection Category is marked as " Sexually…

Hi, I'm new to XG and am setting up web content filtering. I may be missing something, but I'm trying to set up an "Activities" group adding my own selection of Categories, and I don't see "porn" as a category. I do see "Sexually Explicit", but the…

Hi Everyone I want to use create a custom Category pointing to an external URL database. The category seems to work fine is the numbers of records is relative small (I've tried <200). Does anyone know what the max record limit for external URL database…

Today i was trying to edit a custom Web categorie. This Categorie consists of both URL's as well as keywords. My purpose was tot delet the last keyword in the categorie. This does not seem to be possible. When i delete the last enkeyword entry and click…

Despite this looking like incredibly simple config, I'm unable to get the proxy functionality of the XG working. Is there a trick to it? I can see traffic hitting the XG, being passed along to my ASA, and the ASA returning the traffic. but clients…

SFVH (SFOS 18.5.1 MR-1-Build326) I found an old post that listed things to add to the web content exceptions. I noticed the third one in their list was missing from the exception that was apparently included in the appliance defaults, so I cloned…

In my home LAN I have an XG-125w with SFOS 18.5. My MacBook Pro had a corrupted disk so I had to erase it and do an internet reinstall of MacOS. This procedure downloads a new copy of the operating system and then installs it. To get started, I made a…

Hi. I have a rule for cut the acces on the internet for some pc's, but I need to configure my sophos to upgrade operating system and Windosw defender. I tried whith this list, but doesn't work, any idea or sugestion, please? ^.*windowsupdate\.microsoft…

I want to exclude one public ip in Geo Blocking rule. Can anybody help me.

Hi, is there plan to support TLS 1.3 in Web proxy (port 3128 configured in browser)? Now running 18.5 MR1 and when the web server supports only TLS 1.3 then the connection fails over web proxy. Thanks for info.

I've created a vlan for guest and have assigned to a network rage to vlan, guest must sign in via captive portal using the password of the day. I've also created a web filter policy called guest, I created a firewall rule and assigned the guest policy…

Hello Everyone, We've had requests to block websites that contain Cyrillic characters, however whenever I attempt to do so in the Sophos interface it states it's an invalid URL. To avoid posting the full domain of the malicious site, an excerpt…

Hi.. i have plan to block all the applications and web traffic except Microsoft Teams for a group of machines. could you help me? thank you in advance.

I'm new to Sophos. I'm running an XG unit at home for testing so have a few devices you wouldn't normally see in a business environment. I have two new Google Nest Hubs I'm trying to add to my network, the setup process involves them performing an update…

Hello, I have been reading a bit about My policy overrides - Sophos (XG) Firewall and even though I understand the purpose, I am confused on how to use it. Based on the description: Policy overrides allow you to temporarily unblock websites…

I have a few PCs I want to lock down from accessing anything but a few URLs and applications. I have created a firewall rule that blocks traffic and provided exceptions for the URLs I want access to, but when I try to launch the Microsoft Teams app on…

Hello, everyone, I have a terminal server in my network. The server goes to the internet through Sophos. Web proxy is switched on via Sophos. If a user who has internet logs on to the server, the internet works fine, but as soon as another user who…

After implementing SFOS 18.5.1 I discovered Microsoft QUick Assist would not complete a connection, it just showed a rotating dots image. SFOS Log Viewer showed the Firewall blocked the application with Invalid Traffic. Sharing the Web Exceptions for…

Is there a recommend practice here to whitelist ? In the same way as you would add Hosts/subnets to make it easy to add/update, which would apply to any changes made in Firewall/SSLVPN etc.... does it make sense to create "exceptions" to websites, rather…

Hi, I'm trying to create a regex for 3-213-29-168.836921650872.us-east-1.prod.rms.ring.devices.a2z.com where everything to the left of .ring.devices.a2z.com is wildcarded. The url the Ring app is trying to get to is random up to the .prod.ms.ring…

Hi all experts, Need some advice on Sophos XG 135 web filtering tips. Please kindly bear with me, as i am very green in handling Sophos products. For the Web filtering, is there anyone that can guide me or point me in the direction, whereby i will…