Hello;
There is a situation I just noticed on the XGS4300 fully licensed firewall. In URL category lookup, the URL appears in the adult category. However, users can access this adult site even though all adult categories are blocked in the web filter…
I have a Sophos SFOS V21. different internal servers (Ubuntu postfix and MS Exchange). Since a couple of days mails are no more forwarded directly to the internal servers. Stuck in mail queue with "static smtp defer (-53)" or (100). Server timed out DT…
I'm migrating from XGS 136 to a new XGS 138. I saved the configuration of the old XGS and restored it to the new one.
I am using the email protection feature. When I switch to the new firewall there are no spooled and no quarantined mails because they…
Hi,
I am trying to restrict the video file types from being downloaded but its not working. I have not applied the Sophos certificate in my domain, but i did apply the certificate to this specific computer that i am testing on.
Can i not apply the…
Got strange characters in Sophos XG WAF v21. It's like Sophos cannot encode some characters. Using LE certificate. It works fine if I access home assistant locally. Output How to troubleshoot this?
Hi,
I just installed a Mailcow mail server, add Firewall rule to allow SMTP services and DNAT + SNAT to our mail server.
It's works both inbound and outbound email delivery. Now I try to configure Email Protection in MTA mode, following this guidance…
Hi Team,
Issue: A Windows 11 PC (PC1) is unable to access a specific HTTP website through the office network. However, the same website is accessible via a mobile hotspot. In contrast, a Windows 10 PC (PC2) can access the website without issues on the…
Good morning. I'm trying to block google chrome games, that is, when they enter chrome they type "solitaire" and it lets them play directly from the browser. I am trying with web blocking and application filtering but it still does not block the use of…
Is it correct, that it is not possible to access the web proxy via the WAN interface, even if there is a suitable ‘Local service ACL exception rule’ ... or does anyone have a solution for this? I always get: ‘Appliance Access - Denied’ Background: in…
Trying to use DKIM on Sophos Firewall, XGS107 (SFOS 21.0.0 GA-Build169) and I'm stuck.
I've been through some of the documents posted here, trying to apply some of the suggested solutions. Anny suggestions would br greatly appreciated.
The firewall…
Hi!
I am currently exploring Sophos based on my prior experience with it back in 2014. I am gradually migrating from my MikroTik setup to a Sophos Home Firewall, primarily due to its advanced security features.
I have set up Sophos Home Firewall on…
Hello,
We are using onbox email protection with our SFOS 20.0.2, XG-System.
I defined an FQDN-Host object as having the FQDN-wilcard *.outbound.protection.outlook.com. This object is listed correctly under the tab "FQDN-Host" at the "Hosts and Services…
Hi.
I have a default firewall policy configured like this and web filtering is not configured to any other firewall rule. I do not use HTTPS decryption.
Web filter works and I get a block message for denied HTTP sites and certificate error for…
Hello,
on our Sophos XGS 126 with SFOS 20.0.2 MR-2-Build378 we have the problem that all quarantine digests get stuck in the mail queue.
All other mails are delivered without any problems.
In SMTP logs I can find:
R=router_for_notifications…
I want to configure my Sophos Firewall so that only Firefox can access the internet from a PC, and all traffic must go through the Sophos explicit web proxy (configured on port 3128). Direct HTTP/HTTPS traffic from the PC should be blocked entirely. …
I have my certificates in a folder and I'm looking for a script that will update them when there is a change so that waf will continue working without manual intervention.
I have very little experience scripting, I can read and understand more or less…
Hi!
Recently I want to configure a VIP with SSL termination on my Sophos Firewall 20 running as a VM. I have the SSL cert imported (+CA - there was no Let's encrypt E5 CA so I added it).
I want to start from something really simple - Outside LAN to…
Hi, I can't seem to find a clear answer as to why the auto generated MTA firewall rule is needed. As I understand it, in MTA mode emails are being 'handled' by the firewall rather than just traffic passing through it, so access should be controlled by…
I’m trying to move Office 365 connector authentication from IP-address to certificate. A Let’s Encrypt certificate has been created (on SFOS 21) and added to the SMTP TLS configuration under the Email > General tab. When changing the Office 365 connector…
Trying to create a WAF rule and it's thowing an error " Service is already configured on the specified port, choose another port"
I've checked all firewall rules, NAT rules, admin/user settings, SSLVPN and can't find this port being used anywhere. …
We're discovering a strange issue with HTTPS decryption and ChatGPT in all browsers we use.
ChatGPT is unusable when we're logged in with the ChatGPT-licensed Microsoft Account. Any chat request generates this or similar errors:
On the of SFOS 20…
Hello. I am starting to get acquainted with Sophos Firewall sf01v (sfos 21.0.0 ga-build169). I have configured blocking of sites (for testing I have prohibited access to facebook.com). Tell me how to configure an exception for access to facebook for certain…