• Help with explaining how the web proxy works

    Steven Queue
    Steven Queue
    I'm trying to figure out how the web proxy works. I configured a browser to use SFOSv20-IP:3128 I only want web access through the proxy, no proxy configured, no access. I've followed the example, with Web policy "Allow All" and Destination…
    • Answered
    • 11 months ago
    • Sophos Firewall
    • Discussions
  • Sophos XG 19.5.3 - mails stuck in queue

    techno.kid
    techno.kid
    I'm moving from UTM to XG and are still in the "learning phase" to understand the new concept. Nevertheless, right now I'm absolutely desperate, because of outgoing emails (XG used as relay with SmartHost) are stuck in the "Mail spool" and I'm not able…
    • 11 months ago
    • Sophos Firewall
    • Discussions
  • Allow external public IP Address to access to SMTP relay

    eclipse79
    eclipse79
    Hello, I come from Sophos UTM, now I am configuring an XGS series. I need to allow an external public IP address to access to SMTP replay. I tried to add the IP to Replay Settings - Allow relay from hosts/networks but it does not work. It seems that…
    • 11 months ago
    • Sophos Firewall
    • Discussions
  • Solution to ESO updater not working; Halo MCC updater resolution

    FNG_117
    FNG_117
    The thread was closed but I wanted to share my solution. Here is the original thread. https://community.sophos.com/sophos-xg-firewall/f/discussions/141624/can-t-get-eso-updater-to-work-as-exception-any-ideas Here was my solution. I created…
    • 11 months ago
    • Sophos Firewall
    • Discussions
  • Email protection with Exchange hybrid

    Samuelson
    Samuelson
    Hi, we migrated one month ago from Sophos UTM to Sophos XGS. We also migrated email protection settings succesfully. With one exception. With the old UTM we routed emails from Exhange Online directly to our internal Exchange Server. Now with the XGS…
    • Answered
    • 11 months ago
    • Sophos Firewall
    • Discussions
  • Sophos Firewall Email protection IPv6

    Mihail Karageorgiev
    Mihail Karageorgiev
    Hello community, Do you know is there any way to use Sophos Firewall Email protection in MTA mode for IPv6 SMTP/SMTPs traffic?
    • Answered
    • 11 months ago
    • Sophos Firewall
    • Discussions
  • Blocking Porn Category

    Chirag
    Chirag
    I blocked the adult and nudity category in my sophos xgs 2100 firewall. But still many porn sites are accessible. Is there any way to block it completely?
    • 11 months ago
    • Sophos Firewall
    • Discussions
  • Can someone explain SSL/TLS inspection rules vs. Web Exceptions?

    CaseyWilkins
    CaseyWilkins
    Explain like I'm 5 (maybe a 5 year old is smarter at this point, who knows)... We have SSL/TLS inspection rules under "Rules and policies." One of these rules is the built in "Exclusions by Website, which references both a Local and Managed TLS exclusion…
    • 11 months ago
    • Sophos Firewall
    • Discussions
  • Instructions on WAF Custom Authentication Form with example: Clarifying Documentation

    Itility
    Itility
    The WAF custom authentication form in the documentation is not that clear and required several rounds of testing to fix. Below I've added code that is easier to modify and quickly get up to speed without 30 minutes of troubleshooting and testing. I…
    • 11 months ago
    • Sophos Firewall
    • Discussions
  • Web server protection skip filter but no rule ID

    Carlo
    Carlo
    Hello, I have trouble configuring WAF rule for one specific web server/service When I try to access service from inside on my pc I get 403 [Sun Jan 07 19:40:08.983664 2024] [authz_core:error] [pid 22769:tid 140041007253248] [client 10.2.1.10:52039…
    • 11 months ago
    • Sophos Firewall
    • Discussions
  • Sophos WAF

    Ilham Izzuddin Bin Sulaiman
    Ilham Izzuddin Bin Sulaiman
    Hello, I have a Peplink WAN gateway and a Sophos in the centre for routing from the core switch to the WAN.I have a problem: I cannot perform a waf for my webserver, which is hosted by peplink and the server are located at dmz, and my website is already…
    • 11 months ago
    • Sophos Firewall
    • Discussions
  • google translate

    GURUKRUPA EXPORT - SURAT
    GURUKRUPA EXPORT - SURAT
    want to unblock translate.google.co.in for all in xgs 2100
    • 11 months ago
    • Sophos Firewall
    • Discussions
  • SFOS and SG UTM affected by SMTP/EXIM CVE-2023-51766?

    FFin
    FFin
    Hi, are SOFS and SG UTM affected by CVE-2023-51766 (Sender Spoofing by SMTP)?
    • Answered
    • 12 months ago
    • Sophos Firewall
    • Discussions
  • Web and App policies, difference between "None" and "Allow all."

    EastCoastUser
    EastCoastUser
    When selecting a Web policy or an App policy from a drop-down list, there is a "None" option and also an "Allow all" option. If you select "None," doesn't that mean the same thing as "Allow all"?
    • Answered
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • ERR_SSL_PROTOCOL_ERROR

    nayah
    nayah
    We installed a Sophos virtual appliance in bridge mode in front of a pfsense firewall in order to intercept all traffic within the LAN infrastructure of our network for reporting purposes. This is what our current topology looks like: LAN --> sophos…
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • SFOS 20, Exchange 2019, WAF Active Sync

    Marco Walbert
    Marco Walbert
    Hi, i read a lot of posts about this Problem, but cant get it running. Made the WAF settings strictly by Sophos KB article, owa, outlook anywhere etc are running properly, but active sync isnt working. Log saus WAF Anomaly Inbound…
    • Answered
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • Sophos FW blocking some appended signatures from Exclaimer Signature Manager V19.5.3

    RegencyBlue
    RegencyBlue
    Hello All, We have a situation where we have switched firewalls for incoming & outgoing mail from UTM to Sophos Firewall. We are using Exclaimer Signature Manager Exchange edition & are currently still in a Hybrid setup. For some reason, some outbound…
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • changing primary email address -> No Spam digest and user portal qurantine

    Timm Buse
    Timm Buse
    Hi all, we have changed for all our AD users the primary email address from <surename<@<domain>.de to <forename>.<surename>@<domain>.de No we have a big problem, that nearly no digest is send to the users. And if you take a look in the user portal…
    • Answered
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • XGS - How to make an Exception for unauthenticated users

    Ingo Buyny
    Ingo Buyny
    Hello, on my old UTM i got an exception which gave web access to unauthenticated users to several domains like microsoft.com or windowsupdate.com. How is that possible on xgs? The Webfilter does not contain an exception for authentication.
    • Answered
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • Does Web server protection (WAF) support HTTP/2 in SFOS v20?

    IT Racom
    IT Racom
    I've been reading some discussions about WAF support for HTTP/2 before. Is it available in the new SFOS v20? Or is it planned for some next MR?
    • Answered
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • WAF - Static URL Hardening error

    FFin
    FFin
    SFOS 19.5MR3 I'm getting multiple WAF-Logentrys with exact same URL (upper-/lowercase) - one request passes correctly the other one fails due to "Static URL Hardening - No Signature found". As it's same exact same URL it's probably not a configuration…
    • Answered
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • docusign TLS decryption error - HTTP parsing error encountered

    LHerzog
    LHerzog
    Using TLS decryption and vendor Docusign suddenly causes issues with our XG firewall on 19.5.3. Happens also on other browsers and OS. Here Safari in MacOS. it works using classic proxy as described here: https://support.sophos.com/support…
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • Video conferencing in web browser

    Jonas Stadler
    Jonas Stadler
    Hello everyone, we have been having problems with video conferencing via browser for some time now. We are using a XG 230 in webproxy mode with HTTPS decryption, IPS and ATP activated. The clients are configured with a standard / manual proxy. Everything…
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • SSL/TLS Decryption rule errors

    Akilae
    Akilae
    Hello everyone, Since v20 I need to disable / enable a SSL/TLS Decryption rule nearly every to every 2 days. It stops processing traffic and on a client device it "feels" like the internet is down. This instantly recovery after disabling / enabling…
    • Answered
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • WAF not working after Upgrade to SFOS 20.0

    EDV
    EDV
    We have updated our XGS3300 to SFOS 20.0 a few days ago. Since then our WAF ist not working. AH00526: Syntax error on line 106 of /cfs/waf/reverseproxy.conf: Invalid encrypted key AH00112: Warning: DocumentRoot [/sdisk/waffiles/1cf6480d9dcdd33a4319301e0d8ef22b…
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • View related content throughout Sophos Firewall
  • More
  • Cancel
<>