Hi all, I'm using OSPF but don’t want to redistribute all routes. On Cisco, I would probably use a route map to filter which routes need to be advertised. Here with XGS, I have unchecked "Redistribute connected" and "Redistribute static." I’m using…

Hello, I found a solution where IPSec networks are distributed via OSPF and would like to know if this is correct? Can I use this in a productive environment? 1. SSH -> 4. Device Console 2. system ipsec_route add net 192.168.123.0/255.255.255.0 tunnelname…

1. We have a 2 XGS connected via a private ISP fiber and the interfaces are LAN / GIG. 2. For resiliency we have a IPsec Tunnel interface between the same, using a disparate ISPs at each location VPN/GIG. We have been using OSPF for all of our routing…

Hello everyone, I've searched quite a bit in the Sophos Firewall and i've turned up nothing. Where do i configure MD5 authentication for OSPF? I do not mean enable MD5 authentication. I'm asking where i go to set the Message Digest Key and password…

Hello Sophos, today we received the information, that FRR has new CVEs: CVE-2024-31948 CVE-2024-31949 CVE-2024-31950 CVE-2024-31951 All versions <= 9.1 are affected, including version 8.4.2 on the Sophos firewalls. When will the update be provided…

Hello, I'm currently managing an XGS Sophos firewall at our headquarters, and we have a dual ISP setup connecting to branch offices. Our primary ISP uses **OSPF**, while the secondary ISP relies on a **GRE tunnel. The challenge arises when I add a…

Hello Sophos. is the ffr routing on Sophos Firewalls affected by CVE-2024-27913? Thanks, Ben

Hello All, We have a site that has a FortiGate firewall at the main site and several old watchguard firewalls at remote site. We need to replace one on the firewalls at a remote site, hoping to replace all later, with a new XGS3100. Due to the current…

Hello Community, I have a working L2TP VPN dialup and a working OSPF routing over our site firewalls. From the L2TP network I can reach all local networks (connected to the firewall itself), but I can't reach any network in the site locations. I figured…

I have a Data Center network that connect to 3rd party server network using site-site ipsec and all the vm in my data center knows how to get to the 3rd party servers. tunnel established Also have my HQ network and two branches network connected to…

XGS107 (SFOS 19.0.0 GA-Build317 I have OSPF configured and working on another XGS 107. I have dynamic routing enabled in ADMIN>Device Access.> LAN, I am using Port 2, which I have changed to LAN. Under Information OSFP > Interface it shows…

Hi Sophos. I have configured Sophos Firewall OSPF with Cisco via a leased line . two sites can ping each other. Sophos Neighbor ospf table have information about cisco The problem is that when i turn on ospf route in Sophos firewall. I have tested…

Hello Community, I have a Sophos Firewall (SFOS 19) which have a RED Tunnel to another Sophos Firewall (also SFOS 19). OSPF is in general working, but every few minutes both firewalls the Firewall initiates a new election, that will cause a interruption…

Reference: Sophos Firewall: OSPF over RED KB-000038170 Jun 17, 2020 Our general setup: We have one HO (XGS v18.5.3) and two BO's (XGS v18.5.2). All three XGS have two WAN interfaces connected with 2 different ISP's. I'll name them "T" and "P". ISP T…

Hi, What version of OSPF the XGS firewalls support? I tryied to read in the papers product but there is no answer for that. The XGS 3300 has support for version 3 (RFC 2740)?

Hi, I'm attempting to get WAN failover working across sites using OSPF (default information originate). The issue is with getting the local default route disabled in case the local Internet connection drops. Can you please let me know what is the correct…

Hello Community, I have a strange issue with two VPN Tunnels and OSPF. For this tunnels the Firewall says that the Area ID 0.49.1.0 is invalid. On some other sites the Area works. 10.10.241.85 is the local firewall, the other firewall (on the other…

Hello Community, I have the issue that some sites with OSPF will not come up, they stuck on state "Init/DROther": If I restart the OSPF Service (service ospfd:restart -ds nosync) on the headoffice firewall in most cases the routes will come up.…

Hello everyone, I have two Sophos XG appliances up and running for a couple of years. Both appliances are using a RED tunnel to connect to each other and routing is done via OSPF. Currently I have added all local subnets to the "network & area…

We need our Sophos Connect subnet to be able to reach some servers at a different site. Our site to site routing is advertised by OSPF. We can't find a way to get the IPSEC range advertising in the OSPF config. Any thoughts? It doesn't appear…

We have a site we are deploying XGs at. They have two buildings on campus, with a private fiber link between them. Each building has it's own Internet connection. We'd like to deploy an XG at each site, and allow for ISP failover between them. Scenario…

Hi, I did a quick research on the OSPF implementation on the XG series and did not find any clues on how to activate or rather configure "graceful restart" or NSF, as stated in RFC 3623. I have two XG430s in an active-passive configuration connected…

Anyone know of a way to get OSPF working on a bridged interface (Br0) that has routing enabled? What I am seeing is it attempting to send out the general ospf multicast traffic looking for neighbors but nothing responds. I have traced this back to something…

Dear community, we need to redistribure the vpn subnet into OSPF. We have an ospf neiborghip on XG V18 MR4 to a core router, all the network connected on the XG are correctly adverstised to core router, now we need to adverstised the VPN site to…

Hello Everyone! I'm working on switching to IPsec (remote access) VPN, I built the configuration and am able to access all local and WAN recourses but I'm not sure how to get it to participate in OSPF routing. I added the network in OSPF configuration…