• Sophos XGS: DNAT Through Routed VPN

    FMXio
    FMXio
    Hello everyone, I am attempting to redirect all requests made to 192.168.10.5 to 172.16.10.5. The VPN is working properly on both sides. Sophos XGS: DNAT Through Routed VPN Details: #VPN Working 100% LOCAL-LAN: 192.168.10.0/24 (Sophos) REMOTE…
    • Answered
    • 1 month ago
    • Sophos Firewall
    • Discussions
  • Multiple Email Addresses for local users on XGS firewall

    Luis Prunn
    Luis Prunn
    Hello community, I am currently working on a SG to XGS migration for one of our customers. The customer had a bunch of local firewall users. Many users have alias email addresses configured on the SG firewall. Unfortunately, I am not sure how…
    • 1 month ago
    • Sophos Firewall
    • Discussions
  • v21 XG Home VPN Hardware acceleration

    MikeyS
    MikeyS
    Good evening, Back testing XG Home, does v21 support hardware acceleration for IPsec and SSL VPN tunnels? I have XG Home installed on a XG230 R2 at mo, I have a XG135 R3 that has pfsense + on it atm, so pending successful testing, planning on dropping…
    • Answered
    • 1 month ago
    • Sophos Firewall
    • Discussions
  • Sophos XG Bridge. Mode, DHCP for VLAN takes Multiple Tries Before Getting an IP

    romaelz
    romaelz
    Hi. I've been battling this for days and finally decided to post it here and seek help. I've pfSense as the main router and Sophos XG is in bridge mode (for application filtering purposes). There's 1x VLAN involved. The DHCP works fine for the main…
    • Answered
    • 1 month ago
    • Sophos Firewall
    • Discussions
  • API Request show only WAF-Rules

    StefanKeel
    StefanKeel
    I'm experiencing with the API and Postman. We use a wildcard-certificate and I wants to update all WAF-Rules at once. Becuase the GUI-way ist very hard (every time set the certificate, all domains will be dropped and the domain from the certificate only…
    • 1 month ago
    • Sophos Firewall
    • Discussions
  • XGS 108 in combination with Asus Router

    Icecoke
    Icecoke
    Hi! I recently got a XGS 108 for home use, however, I am little lost on how to set-up my network now. Currently, I have an ISP modem acting as a bridge, then an ASUS router in a mesh wifi with an access point. The ASUS router is handling DHCP management…
    • Answered
    • 1 month ago
    • Sophos Firewall
    • Discussions
  • Sophos 21 Home Lets Encrypt Secondary Validation Fetch Timeout

    jarrod beebe
    jarrod beebe
    Certificate request fails with secondary validation time out. I can see in the web server protection log viewer that the well known url is being requested with the unique value. I also briefly see that the temporary waf rule is created. Only thing to…
    • Answered
    • 1 month ago
    • Sophos Firewall
    • Discussions
  • Devices connected on wifi but with no internet connection

    Anesu Dangarembwa
    Anesu Dangarembwa
    Good day We are having a challenge, we have a firewall XGS 2100 , some devices that are connecting with wifi, they receive ip address from DHCP in the firewall, we have a firewall rule for the devices with Mac address, but the devices they are not receiving…
    • 1 month ago
    • Sophos Firewall
    • Discussions
  • question about blocking user AD Windows server through Sophos Firewall

    Alfredo Lodos
    Alfredo Lodos
    Good afternoon, I have a Sophos firewall that is integrated with a Windows Server Active Directory.Can a domain user be blocked from browsing the Internet through Sophos, but allow the computer they use to download and update the operating system, and…
    • 1 month ago
    • Sophos Firewall
    • Discussions
  • AD Accounts locked by brute force despite MFA & ACL rule

    Markus Quirmbach
    Markus Quirmbach
    Hello everyone, we have a XGS set up with SSL VPN, the VPN Portal, AD integration and MFA for every user. Currently we are facing brute force attacks on the VPN Portal. We tried to prevent those by setting up an ACL rule which is blocking countries…
    • 1 month ago
    • Sophos Firewall
    • Discussions
  • XGS 107 und WLAN Call

    Jörg Schwarzrock
    Jörg Schwarzrock
    Hallo zusammen, ich habe eine XGS 107 bei einem Kunden laufen und dieser möchte nun auch WLAN Calls tätigen. Es sind seit längerem normale AVM 2400 APS hinter der XGS eingerichtet. Nun blockiert mir die XGS die WLAN Calls, AP probeweise direkt…
    • Answered
    • 1 month ago
    • Sophos Firewall
    • German Forum
  • Firewalls do not connect backup to the internet after ISP goes down and back up

    Nicholas Pick
    Nicholas Pick
    I have two clients that use the same ISP. One client has an XGS87 and the other XGS116. The ISP does scheduled maintenance at night knocking the firewall offline. My clients will have to power cycle the firewalls to get them to connect in the morning…
    • Answered
    • 1 month ago
    • Sophos Firewall
    • Discussions
  • trouble with Diagnose

    GernotMeyer
    GernotMeyer
    Hi all, Sophos XGS SFOS 20.0.2 MR2. When I try to check a ping: It only accepts IP Addresses or names without capital letter! I can resolve blabla.domain.local but not BlaBla.domain.local "Please enter a vlid IP or hostname". Is that bug or…
    • 2 months ago
    • Sophos Firewall
    • Discussions
  • rules

    Serkan Dağlı
    Serkan Dağlı
    1 Firewall 2024-10-26 14:10:51 Appliance Access Denied N/A 0 PortA1.10 10.10.1.3 10.10.1.255 137 …
    • 2 months ago
    • Sophos Firewall
    • Discussions
  • Port Freigabe - Eingrenzung auf Herkunft?

    GG-Star
    GG-Star
    Hallo Zusammen, ich würde gerne in der Sophos XGS107 eine Portfreigabe für einen Telefoncloudanbieter einrichten. Welche Ports das sind, wird hier sehr gut beschrieben. https://www.easybell.de/hilfe/telefon-konfiguration/allgemein/firewall-fuer…
    • 2 months ago
    • Sophos Firewall
    • German Forum
  • unable to create ip network - "You must enter a network IP address."

    GernotMeyer
    GernotMeyer
    Hi all, I have several SFOS V20 in place. I can nomore add an ip network: "You must enter a network IP address." There is not much room for making things wrong and I did this couple of times before. No problem to add an ip host but no chance for…
    • 2 months ago
    • Sophos Firewall
    • Discussions
  • WAN Link Load Balancing in v20

    Nathan Kuhl
    Nathan Kuhl
    What is everyone's experience with WAN link load balancing in v20? We're a K12 private school with two identical WAN links from different ISPs, Frontier and Comcast. Our goal is to enable WAN link load balancing in an active-active config, weight 1 and…
    • Answered
    • 2 months ago
    • Sophos Firewall
    • Discussions
  • I want to get all the IP host objects that are currently configured through an API call

    Yashas Manjunath
    Yashas Manjunath
    I am referencing this documentation https://docs.sophos.com/nsg/sophos-firewall/19.5/API/SYSTEM/Host%20and%20Services/IPHost/operations/AddIPHost&EditIPHost.html There's information on how to add or update an existing IP host object. However, I just want…
    • Answered
    • 2 months ago
    • Sophos Firewall
    • Discussions
  • snat multiple gateways

    midnightSun
    midnightSun
    SNAT with multiple WAN gateways isn't working.. WAN Gateway 1 = Port3 - its public with /27 worth of aliases WAN Gateway 2 = Port5 - its public with /28 worth of aliases (IP Host) SNAT with Port3 aliases work for all of the rules I've created…
    • Answered
    • 2 months ago
    • Sophos Firewall
    • Discussions
  • Unauthenticated traffic on WAN - Captive portal

    Gary McDonald
    Gary McDonald
    Hello All, We have a Sophos XGS connected to a metered WAN connection, in order for devices to connect to the internet the user must authenticate to the Sophos captive portal and at which point a weekly data transfer quota is applied. This has been…
    • 2 months ago
    • Sophos Firewall
    • Discussions
  • Traffic Shaping / QoS

    Christian Garcia N
    Christian Garcia N
    Good morning. I have been looking for information about the use of Traffic Shaping / QoS and applied what is indicated but in my case it is not working for me. I have 2 offices, each with a Sophos firewall. The server in office A sends data to the…
    • 2 months ago
    • Sophos Firewall
    • Discussions
  • Webserver mit mehreren Domains

    Henrik Seitz
    Henrik Seitz
    Guten Abend, wir möchten gerne mehrere Web-Applikationen auf unserem Server über das Internet bereitstellen. Hierzu habe ich bereits beim Provider die entsprechende Subdomain auf unsere öffentliche IP geleitet. Daraufhin habe ich in der Sophos via…
    • 2 months ago
    • Sophos Firewall
    • German Forum
  • TLS on syslog

    James Morigan
    James Morigan
    Hi, we have a problem with transferring syslog from Sophos firewall to the Arcsight SmartConnector. When we try UDP, logs can be seen in connector. However, with TLS communication fails. This is only example, but ours handshake also fails at Change…
    • 2 months ago
    • Sophos Firewall
    • Discussions
  • Configured WAN lP in Sophos XGS136, link is up but internet is not working

    Firewall Monitoring
    Firewall Monitoring
    Hi Configured one more WAN IP in the Sophos XGS136, link is up but traffic is not moving through new link, checked load balancing, everything is looking fine Pervious link is working fine, however the new link is not working, able to ping 8.8.8…
    • 2 months ago
    • Sophos Firewall
    • Discussions
  • XGS mit einer Schnittstelle - also parallel zu einem anderen Router

    motech
    motech
    Hallo, ich versuche gerade vergeblich, eine XGS neben einer anderen Firewall zu betreiben. Die XGS soll im ersten Schritt mit nur einem Port als vorgeschaltetes Gateway und WebProxy dienen, bis das Netzwerk komplett umgestellt ist. [PC] -> [XGS…
    • 2 months ago
    • Sophos Firewall
    • German Forum
  • View related content from anywhere
  • More
  • Cancel
<>