• Web Server Protection

    Michael9609
    Michael9609
    Hi Community Members, I hope this message finds you well. I am currently exploring the best practices for protecting web servers, particularly in scenarios where the firewall is not acting as the gateway, The XGS also acting a reversed Proxy.. Your…
    • 4 months ago
    • Sophos Firewall
    • Discussions
  • sophos XG and windows 10 & 11

    Giuseppe Lau
    Giuseppe Lau
    Hello Community,I would like to ask your help to fix a funny problem I have. All my PC are protected by Sophos Home (Primium Subscription) and I have a Sophos XG Home edition. In two PCs of my network I have 2 web sites that are not downloaded properly…
    • 4 months ago
    • Sophos Firewall
    • Discussions
  • Sophos email filtering

    Anesu Dangarembwa
    Anesu Dangarembwa
    On Sophos firewall is there a way to configure it in such a way that names of people who are on email database are listed on the firewall such that any mail which has an email address which is not on the list does not pass the firewall. This we would…
    • 4 months ago
    • Sophos Firewall
    • Discussions
  • SSL Inspection Error with Apple websites

    Corey Carpenter
    Corey Carpenter
    Hello, I am running SFOS 19.5.4 and I noticed that I cannot get to any secure apple.com website since the last update. I try to go to apple business manager (business.apple.com) and it will just spin and eventually time out. I also tried to purchase a…
    • 4 months ago
    • Sophos Firewall
    • Discussions
  • How to Add RBLs to XG

    Boris60
    Boris60
    Hi, I can't see any way of adding additional RBLs to the XG email protection. Is this not possible?
    • Answered
    • 5 months ago
    • Sophos Firewall
    • Discussions
  • Web Server Protection not working

    Charl Fourie
    Charl Fourie
    Hi All, Sorry if this has been asked previously, I have combed through the forums and could not find a solution or direct discussion to this specific issue I am facing. We have signed up for the Sophos XG Firewall via the Azure marketplace image. I am…
    • 5 months ago
    • Sophos Firewall
    • Discussions
  • 8 years plus running no solution to Certificate could not be updated as it is already used by HTTP Based Policy

    Akshay Hegde
    Akshay Hegde
    When I go to edit the certificate and upload the certificate which is due for renewal ( every 13 months ), it fails with the following error at the top center of the screen: Certificate could not be updated as it is already used by HTTP Based Policy…
    • 5 months ago
    • Sophos Firewall
    • Discussions
  • Auto Scheduler backup using mail not working for Sophos firewall xgs 2100

    Vivekananda Moorthy
    Vivekananda Moorthy
    Hai, I have purchased new firewall XGS2100 and configure settings for auto scheduler backup. But i didn't receive backup mail and even test mail also. Kindly suggest how can fix the errors!. Senthil Asia
    • 5 months ago
    • Sophos Firewall
    • Discussions
  • Sophos XGS DPI Engine certificate warning

    admin_idl
    admin_idl
    Hello, We are using the DPI engine and have created SSL/TLS inspection rules. Unfortunately, we receive a certificate warning for some websites even though the firewall certificate has been imported. What could be the reason for this and how can we…
    • 5 months ago
    • Sophos Firewall
    • Discussions
  • MTA with multiple alias IP does not work as expected

    Reza Akhlaghi
    Reza Akhlaghi
    Hi Everyone We setup MTA according to this URL: https://docs.sophos.com/nsg/sophos-firewall/20.0/help/en-us/webhelp/onlinehelp/AdministratorHelp/Email/HowToArticles/EmailSetupMTAModeWithMultipleWANPortsOrAliasIPAddresses/index.html#change-the-route…
    • 5 months ago
    • Sophos Firewall
    • Discussions
  • Outgoing emails bouncing in MTA mode

    Mohamadreza Rajabi
    Mohamadreza Rajabi
    I use two sophos xg 310 instances as HA they are on MTA mode, once upgraded to firmware version SFOS-20.0.1-MR-1-Build342 emails to some domains get bounced with error :"R=default_mx_router T=remote_smtp: all hosts for '[doamin.com]' have been failing…
    • 5 months ago
    • Sophos Firewall
    • Discussions
  • Best Whitelisting Method: Web Policies vs Firewall Rules

    iamroot
    iamroot
    Hello everyone, I'm trying to understand what the best or correct whitelisting method is. Scenario: I need to whitelist URLs for a new application. Method 1: Firewall Rule 1) Create FQDN Host: *.example.com 2) Create Firewall rule Source…
    • Answered
    • 5 months ago
    • Sophos Firewall
    • Discussions
  • Citrix Netscaler 2FA Not Working with Sophos XG Web Server Protection

    cromwell uy
    cromwell uy
    As with our current Sophos XGS Firewall Rules and Policies configurations, the Citrix Netscaler 2FA authentication is working. We started planning of using the Sophos XG Firewall Web Server Protection. The license required were purchased and registered…
    • 5 months ago
    • Sophos Firewall
    • Discussions
  • WAF rules to stop certain HTTP methods

    Richard Hamblin
    Richard Hamblin
    Hi everyone, I am trying to find out if I can use the WAF rules to stop certain HTTP methods for connections to one of our web servers. I would like to try to only allow GET and POST and deny any of the others such as "DEBUG", "CONNECT", "PUT", "UPDATE…
    • Answered
    • 5 months ago
    • Sophos Firewall
    • Discussions
  • Send emails to Exchange Online via Sophos XG

    nils50122
    nils50122
    Hello, we have the following problem: Three of our server / applications do not support OAuth for the moment, so we need an locally smtp server inside our network. For the moment we use simple postfix, authenticated users only from specific internal…
    • 5 months ago
    • Sophos Firewall
    • Discussions
  • Exim CVE-2024-39929

    Dustin
    Dustin
    Hello, just a quick question, is SophosOS in the current version vulnerable to CVE-2024-39929? Is there already a workaround or a patch available? nvd.nist.gov/.../CVE-2024-39929
    • Answered
    • 5 months ago
    • Sophos Firewall
    • Discussions
  • Problem with NET::ERR_CERT_AUTHORITY_INVALID still present?

    Andrej Pirman
    Andrej Pirman
    Hi, I have ONE of 3 new installs of XGS-126 having long known problem with Sophos CA certificates on some popular URL addresses. For example, users cannot download Google Chrome: I guess problem is HSTS, where browser detects MITM, which is Sophos…
    • Answered
    • 5 months ago
    • Sophos Firewall
    • Discussions
  • Blocked Website

    WichF
    WichF
    Hello, currently I have a problem with my sophos XGS Firewall. I would like to allow a specific Website for our marketing department. tiktok.com I also add this site to "Allowed URLs for Default Policy" and "Local TLS exclusion list" but nothing happened…
    • 5 months ago
    • Sophos Firewall
    • Discussions
  • Mails not more delivered (MTA-Mode). After service smtpd:restart mails successfully delivered, but also very old from February/March/April

    Erik Wi
    Erik Wi
    Hi there, we had a very interesting problem with our Sophos-Firewall and the mailflow on Wednesday. On 2024-06-26 around 08:00am (UTC+2) no more mails were delivered via our Firewall. All mails were visible in the GUI under "Mail logs", but only…
    • 6 months ago
    • Sophos Firewall
    • Discussions
  • Email Rejected, using Protect - Email in XGS

    Stojan Cergol
    Stojan Cergol
    Hello, in the last few days I have noticed that certain emails are not being delivered, and I observed in the Sophos XGS 126 smtp_mail.log that the emails are being rejected. The senders and recipients exist and are known. This issue started occurring…
    • Answered
    • 6 months ago
    • Sophos Firewall
    • Discussions
  • SMTP Quarantine: cannot delete items via web console due to invalid characters

    Uwe Beierlein
    Uwe Beierlein
    We received an E-Mail addressed to \"?info\"@domain.de and can not delete this entry from the list of quarantined E-Mails via Web-Console. Is it possible to delete this entry using a ssh-session / command prompt?
    • 6 months ago
    • Sophos Firewall
    • Discussions
  • How to protect Exchange OWA from brute force if the server is behind DNAT?

    VitaliiK
    VitaliiK
    Hello, need help for configurate Sophos XGS to protect Exchange OWA from brute force. S erver is behind DNAT
    • 6 months ago
    • Sophos Firewall
    • Discussions
  • An error has occurred in resolving the URL, please update the URL and retry the policy test.

    n4shito
    n4shito
    Greetings community. I have an XGS126 device (SFOS 20.0.0 GA-Build222) I'm trying to do a policy test on google.com, facebook.com, and I get this message: An error has occurred in resolving the URL, please update the URL and retry the policy…
    • 6 months ago
    • Sophos Firewall
    • Discussions
  • FILT-APP Block Office365 SOPHOS XGS

    Mathieu Rojo
    Mathieu Rojo
    Hello, I have recently see my officesetup.exe installation blocked when I activated the app-filter based on this policy "Block generally unwanted apps" on my LAN TO WAN firewall rule. This blocked was manifest juste after launch the officesetup.exe…
    • Answered
    • 6 months ago
    • Sophos Firewall
    • Discussions
  • email bounced (failing for a long time(and retry time out not reached))

    itinfrastructure User
    itinfrastructure User
    hi i have XGS4300 (SFOS 19.5.4 MR-4-Build71), it is MTA mode, today i start getting bounced email while sending email to few domain R=default_mx_router T=remote_smtp: all host for 'mahagenco.in' have been failing for a long time(and retry time out not…
    • 6 months ago
    • Sophos Firewall
    • Discussions
  • View related content throughout Sophos Firewall
  • More
  • Cancel
<>