Good morning,
Since implementation we, are having problem with the active directory users that use thin clients.
They can log properly, but can not use the appropriate web filter policies when they browse internet.
This make that users have access…
Dear all,
for using sophos xg several month now I've struggle with some policy to allow blizzard's battle.net connection trough xg firewall.
I've created following policy for allowing the services:
SRC-Zone -> Client Zone
SRC-Host -> Any …
hi,
i have 150 client in my office. i allowed this 150 clients to use internet on Break time and except 10 clients. i make separate policy to deny any traffic coming from 10 users to Xg.
Now the problem is on break time this 10 users able to access…
I have ip ranges or groups like
192.168.110.1-10 | Group A | Can use facebook | 20mb down, 5mb up
192.168.110.11-254 | Group B | No service | 0mb down, 0mb up
192.168.111.1-254 | Group C | Service without social networks | 10mb down, 2mb up
(this…
Whats the difference between Source Networks and Devices, and Destination Networks?
Im trying to make an special rule or setting for the ips 192.168.1.1-100 (group A) and another to the range 192.168.1.101-254 (group B)
I suppose i have to add 1 firewall…
I have setup a VLAN 200 for Guest Wireless access on my Aruba IAP access points. I have everything I believe configured correctly on the switches where the AP's are attached and have their ports tagged in VLAN 200.
I have the DHCP server setup on the…
I was playing around with the policy to check different combination. I´ve added a Mac host with a mac adress inside und applyed this policy. After that i delete this policy and i would delete the MAC host also but this is not possible. I can not delete…
Hi, I'm new in XG but I've installed Hundreds of Astaro (since V6) and Sophos UTM.
In this days I've started to work with XG and this is my question, is this normal?
as you can see with the same source IP, destination IP and port, sometimes the…
Hello,
While remotely connected, I encounter an issue browsing internal resources on port 80 and 80 only. I receive an HTTP error 502 and this happen when the firewall rule for the VPN connection has the "Scan HTTP" option activated. If the option is…
Hello everybody,
I'm trying to set up an hostpot on my customer's UTM. But in add hostpot wizard, the interface i want to find (Port1.150) is missing. I don't understand as this one is similar to other (zone type, static ip, ... )
Many of my customer have multiple diffrent WAN links (2x ADSL, 1x SDSL).
I want to load balancing over Adsl connexions. But not on SDSL who is use to established remote or site-to-site VPN, DNAT, ...
I think it would be possible if WAN Interface could…
My customer have a Wan link to comunnicate with another site and another one dedicated for Wireless Users.
In hotpost settings, i can't select any Primary Gateway, so i set it in firewall policy but when i change hotspot settings, i could do it again…
Hello,
I am struggling to make port forwarding on new Sophos XG 16.
On previous version it used to under Business Application Policy, application template Non-HTTP Based Policy but now I am not sure which one to choose WAF or DNAT/Full NAT/Load Balancing…
Hello all, thank you in advance for your advices,
I have some NAT web,ftp,mail Servers everyone with it's own public IP:
Server 1 public IP1 -> NAT -> DMZ-Server-IPaddress1
Server 2 public IP2 -> NAT -> DMZ-Server-IPaddress2
Server 3 public…
Hi all,
I just fell foul of having to spend about 5-10 minutes tracking a user through a set of policies to work out what policy their browsing was being caught on and really remember the value of the policy test tool in the UTM for Web Protection.…
After reloading our XG115 with the new SFOS 16 firmware, we are not able to receive any emails any longer!
External email servers could not reach our server. After investigating the problem today, we reverted back to SFOS 15.
We are using a business…
Hi,
Created URL categories list (consisting of domains permitted by our firm) and used it in a custom web filter. Created a network/user policy --here applied the custom web filter (consisting of permitted URL categories). Added user groups imported…
Hi there,
Twice in three days I've had a network issue caused by Sophos XG210 and I would like some feedback on how to prevent it re-occurring or, at the very least, how to solve it in the future.
In both cases, connections to HTTP do not work, giving…
Cisco small business L3 switch Sophos XG fresh new install with default setup rules Do anyone have vlan working on XG that can show me how they have it setup and what settings i might have to change on the xg to get it working. I am unable to get vlan…
Hello
Hey guys, new to the XG Firewall and I wanted to know if its possible to direct traffic from the LAN zone to the WAN zone based on URL/domain?
For example, we have 2 WANs setup (Coax via TWC and Fiber via ATT). The general web traffic policy…
Hi.
I think I need assistance to understand fully the way how firewall and routing/forwarding is working in XG.
I have a question related to SIP server in DMZ.
So - to describe:
I have 3 ports: 1: WAN(bridge - public IP), 2: LAN (192.168.2.x)…
Hi guys
i deployed sophos XG firewall and I created policies that matches the vlans in my network, knowing I gave port1 a static IP, and configured the Vlans as used in my network, the next step is to add polices, when adding new firewall policies and…
Thanks for the reply, but it won't work in this situation.
Domain blocking will not work because what exactly is the craigslist domain ? Is it craigslist.com, craigslist.it, craigslist.co.uk, craigslist.org or even craigslist.fr ?
You get the picture…
Forgive me, still a newbie with the Sophos XG's. I am accustomed to Fortinet, sonicwall, and watchguard appliances, so this question may be a real noob one.
I have a sophos XG85 I set up, using a TDS connection for the WAN. I am migrating this site…
Hello,
We have recently deployed the XG appliance and had a ask about limiting the download bandwidth to our AV update server.
I have created a host entry for it, and then a rule based traffic shaping policy:
Policy Application - Rule
Rule Type…