• WAF documentation missing? or im blind..

    Regex
    Regex
    Im trying to find an explanation about metioned topics. But i cant find it in documentatnion, can someone point me where to Sophos is explaing it?
    • over 2 years ago
    • Sophos Firewall
    • Discussions
  • NginX Proxy Manager behind XG

    Regex
    Regex
    Hello. Scenerio: [XGHOME]------->[Docker_Revproxy]-----[SynologyNAS] Is it possible to pass origin client IP to reverse proxy? Because Revproxy can see only gateway of Sophos XG. Request on rev proxy look like this: [13/Dec/2022:13:11:20 +0000…
    • over 2 years ago
    • Sophos Firewall
    • Discussions
  • WAF Restrict traffic from WAN

    Regex
    Regex
    Hello There. Are there any information when SOPHOS will improve WAF option on its iwn devices? Why we dont have such basic option to limit source traffic from WAN only for specific country? So far we can only do IPs..
    • Answered
    • over 2 years ago
    • Sophos Firewall
    • Discussions
  • Reverse Proxy WebServer behind IPSec Tunnel

    Ben@Network
    Ben@Network
    Hello, I have a VPN tunnel to another site, there is a web server that should be reached via a reverse proxy on the XG. The XG has an additional IP address (192.168.0.140) on the LAN interface (the LAN interface has IP 192.168.0.2). The IPSec tunnel…
    • Answered
    • over 2 years ago
    • Sophos Firewall
    • Discussions
  • WAF and Logging

    Memorycard
    Memorycard
    Hello everyone, I have some questions and hope you can help: 1. We are publishing some web servers behind the firewall using WAF. There are some "Forbidden" messages and checking the Reverseproxy.log shows OWASP ModSecurity. As we can see only a simple…
    • over 2 years ago
    • Sophos Firewall
    • Discussions
  • WAF - Request Entity Too Large

    SteveChung
    SteveChung
    Hello, I am running with Sophos XG210 (SFOS 19.0.1 MR-1-Build365) . There is Request Entity Too Large error is still existing when I download file larger than 1 MB from WAF protected website. Here's the error message. ========================…
    • Answered
    • over 2 years ago
    • Sophos Firewall
    • Discussions
  • Root Certificate automatically included by WAF of Sophos Firewall?

    Markus Quirmbach
    Markus Quirmbach
    Hi everyone! We are using a Sophos XGS2300 (SFOS 19.0.1 MR-1). We uploaded a pfx-certificate to the WAF which specifically included only the webserver certificate itself and its intermediate certificate. But, when we check the site with a tool like…
    • Answered
    • over 2 years ago
    • Sophos Firewall
    • Discussions
  • WAF no longer working after backup XG and then restore to XGS

    Michael Großmann
    Michael Großmann
    Good morning community, I have a problem with WAF after a migration from XG230 to XGS2300. It was a XG230 HA cluster which I disbanded before the backup and only backed up one firewall. I imported this backup into a new XGS2300 and again formed a…
    • over 2 years ago
    • Sophos Firewall
    • Discussions
  • Two web servers on one ip public - question about DNAT

    Marco Alunni Pini1
    Marco Alunni Pini1
    I've got 2 web servers on different local IP. Both IIS. (x.x.x.7 and x.x.x.21) I've done 2 waf rules on firewall but i've got a DNAT on HTTP direct connect to 1 server (x.x.x.7) It is necessary have DNAT rules (loopback and reflexive also)? Infact…
    • over 2 years ago
    • Sophos Firewall
    • Discussions
  • Step By Step Guide to publish RDS Web and RDS Gateway usiing WAF rules

    Patrick Loman
    Patrick Loman
    Hello everybody, Is there anyone who has a step by step guide on making RDS Web and Gateway work using WAF rules. I have been trying to get this to work for more than a day now and I can't get it to work. My setup for now is RD Sessionhost, RDWeb…
    • over 2 years ago
    • Sophos Firewall
    • Discussions
  • WAF - how to protect a public server

    Balocco SpA - Ufficio IT
    Balocco SpA - Ufficio IT
    Hi, we have a web server with a public IP. Let's say the IP is 123.123.10.1/28. The gateway of this server is a network interface of Sophos XG, lets say 123.123.10.14/28 (we are autonomous system, we have several public IPs). How can I protect the web…
    • Answered
    • over 2 years ago
    • Sophos Firewall
    • Discussions
  • WAF

    Lev Anni
    Lev Anni
    Hi, I'm trying to use Web Application Firewall to protect web servers behind NAT. Currently I have configured firewall to accept HTTP traffic and forward it to internal server. So my question is, in case of WAF, is NAT required to exist or it's automatically…
    • over 2 years ago
    • Sophos Firewall
    • Discussions
  • False Positive which can't be skipped?

    Ale_V2
    Ale_V2
    Hello everyone I have deployed the Firewall for quite some time now. Recently I noticed problems whilst uploading Files to my Synology NAS which sits behind a WAF. After some short research I found that everytime certain Files are tried to upload the…
    • over 2 years ago
    • Sophos Firewall
    • Discussions
  • Internal Webserver trought VPN

    Service Informatique2
    Service Informatique2
    Hello Everyone. I have a Sophos XG firewall with severals Web Server protected trought WAF. Eveything works fine. But I need to do a specific configuration : I have to block a specific path so that it can be access only trought an IP address (that…
    • over 2 years ago
    • Sophos Firewall
    • Discussions
  • Does Web server protection (WAF) support HTTP/2?

    James WBush
    James WBush
    Hi On a Sophos XG with "Web server protection," we host a website (WAF). Now that http/2 is available, our contractor wants to make adjustments to our website. He inquired about the WAF's support for http/2 and whether that was OK. Only the fact…
    • over 2 years ago
    • Sophos Firewall
    • Discussions
  • WAF - Web Server protection and HSTS

    SOMOA
    SOMOA
    Hi I have a new ADFS 2019 system behind a WAF on XG. The external tests keep telling me it has Strict Transport Security (HSTS) off. Is there a setting on the XG that affects this when putting a local server behind the WAF or have I missed something…
    • over 2 years ago
    • Sophos Firewall
    • Discussions
  • Does Web server protection (WAF) support HTTP/2

    rexer
    rexer
    Hi We're hosting a Website behind the "Web server protection" (WAF) on a Sophos XG. Now our contrator is planning to update our website to use http/2. He asked if that is ok and whether the WAF support http/2. I only found information about Sophos…
    • Answered
    • over 2 years ago
    • Sophos Firewall
    • Discussions
  • Protection Policies - "Save" Button not Working

    John Groller
    John Groller
    Hello all. I'm trying to add a new "Protection Policy". When I fill in everything and press "Save"... nothing happens. I think the "Save" button goes from a dark blue to a lighter blue, but nothing saves, no messages, no refreshes, nothing. No feedback…
    • Answered
    • over 2 years ago
    • Sophos Firewall
    • Discussions
  • Webserver Protection Exchange Cluster

    AlexanderPoettinger
    AlexanderPoettinger
    Hello, I'm having some trouble wit the webserver protection for an Exchange 2016 Cluster. We're running a brand new XGS3300 firewall cluster in our datacenter with 10 Gig internet connection. I've configured only IPS rules for the Exchange Webserver…
    • over 2 years ago
    • Sophos Firewall
    • Discussions
  • Sophos XG: Cannot change WAF Certificate

    Patrick Wolfensberger
    Patrick Wolfensberger
    Hi there Last week, my wildcard certificate expired. No biggie. Got a new one, imported it into the firewall, everything ok. When I selected the new certificate in my WAF rules, I was able to save this configuration and expected the firewall to use…
    • Answered
    • over 2 years ago
    • Sophos Firewall
    • Discussions
  • Redirection

    Memorycard
    Memorycard
    Hello everyone, is Sophos WAF okay with redirecting http://wwww:aaa to https://wwww:aaa ? It seems to be okay with default http and https ports, but not working with non-default ports
    • over 2 years ago
    • Sophos Firewall
    • Discussions
  • Sophos XG & Exchange 2019 - WAF not working - URL hardening

    Sophos User2126
    Sophos User2126
    Hi, I'am lokking for some help to come over a problem with Exchange 2019 and WAF with static URL hardening. I use this poular documentation here: https://www.frankysweb.de/sophos-xg-18-webserver-protection-und-exchange-2019/ and it did not work as…
    • Answered
    • over 2 years ago
    • Sophos Firewall
    • Discussions
  • Access webserver from LAN / SSL VPN at public ip behind WAF

    derTobi
    derTobi
    Hello all, we are using a XGS 2100 with os19. Simple network. WAN. LAN. DMZ and SSL VPN. Configured a webserver with WAF rule located in the DMZ. So far works fine from external users accessing the webserver on its public ip. The clients in…
    • over 2 years ago
    • Sophos Firewall
    • Discussions
  • Apple Mail and issues with ActiveSync - NC-62805

    Mikkel Andreasen - Modulo
    Mikkel Andreasen - Modulo
    Hi, We are having som issues with sending mails from Apple devices using Apple mail - it seems to be related to NC-62805 https://community.sophos.com/sophos-xg-firewall/f/discussions/127826/sophos-xg-18-0-3-active-sync-email-problem https://community…
    • Answered
    • over 2 years ago
    • Sophos Firewall
    • Discussions
  • access https

    Mohamed Khandouch
    Mohamed Khandouch
    hi i have two server using https mail server and web server when i want to access from outside to the sever web it load always the mail server, and when i change port to 80 it work but i want to use https for web server. pls any help i have sophos…
    • over 2 years ago
    • Sophos Firewall
    • Discussions
  • View related content throughout Sophos Firewall
  • More
  • Cancel
<>