• County Block with MTA enabled

    Steve Pringle
    Steve Pringle
    I would like to block access to and from certain countries with the MTA enabled. This was really simple on the UTM, but seems much more complicated in Sophos Firewall. I have created a black hole NAT rule as suggested in the documentation, but can’t work…
    • 5 months ago
    • Sophos Firewall
    • Discussions
  • Banking Websites Requires Re-authentication

    Osama Mansour
    Osama Mansour
    Hello Everyone, We encountered an issue with Sophos firewall XG. The issue simply is when we try to open the Banking website to do transactions or online banking, we authenticate normally. However, when we try to access anything in the bank website…
    • 5 months ago
    • Sophos Firewall
    • Discussions
  • Sophos MG 125 Setup

    CITY FM
    CITY FM
    I need help with setting up my MG 125 device for bandwidth management. Can it do the job well? Thanks
    • 5 months ago
    • Sophos Firewall
    • Discussions
  • Basic set of firewall rules for a very basic office

    Mark Tarrant
    Mark Tarrant
    Hello, I'm new to Sophos, and am deploying my first firewall to a very basic client, and just want to check what I have configured is a reasonable balance between security and functionality? I am just looking for opinions and whether I have missed anything…
    • Answered
    • 5 months ago
    • Sophos Firewall
    • Discussions
  • Fehlerhaftes Routing | TiKonnektor | nach Umstellung auf XGS

    Rene Kant
    Rene Kant
    Moin! Wir haben folgende Konstellation, an welcher ich aktuell scheitere, vielleicht habt ihr noch eine Idee: Client: 192.168.0.19 nutzt Praxissoftware von Server 192.168.0.200 Einsatz eines Ti-Konnektors 172.16.10.220 mit GW 172.16.10.200 Route in die…
    • 6 months ago
    • Sophos Firewall
    • German Forum
  • Sophos XGS firewall Rule Configuration

    Yuvraj Singh
    Yuvraj Singh
    Hii Community, I configured a firewall rule for VPN to LAN connection and another for LAN to WAN connection, attaching a NAT rule with MASQ for internet access. Despite this, I could establish a VPN connection with the Sophos Connect client but couldn…
    • Answered
    • 6 months ago
    • Sophos Firewall
    • Discussions
  • XG 136 mit SFOS 20.0.0 hinter einem Exposed Host. Ich bekomme kein DNAT hin

    ChristofS
    ChristofS
    Hallo Gemeinde, bis jetzt hatte ich immer einer SG230 in dieser Konstallation. Diese habe ich nun gegen eine XG136 getauscht und die Firmware SFOS 20.0.0 GA-Build222 ist installiert und die Konfiguration so von der SG230 übernommen Die Reds und…
    • 6 months ago
    • Sophos Firewall
    • German Forum
  • Transparently insert Sophos XG in a working network

    AGamal
    AGamal
    Hello, I have a situation where my ISP installed a router and gave me a subnet ( 10.1.1.0/24 ) with the gateway being the router(10.1.1.1). My understanding is that I need to configure an internal network (i.e 10.1.2.0/24) on the LAN side of the firewall…
    • Answered
    • 6 months ago
    • Sophos Firewall
    • Discussions
  • Proxy inbound connection to external ip

    LMSIIATO
    LMSIIATO
    Good morning, I currently have a server in an on-premise datacenter that responds to TCP port 12233. So there is a very normal DNAT on the XGS firewall of the public ip 80.80.80.80:12233 towards the private server ip 192.168.1.10:12233 This service is…
    • Answered
    • 6 months ago
    • Sophos Firewall
    • Discussions
  • VOIP QoS

    Boris60
    Boris60
    Hi, I am really confused about how to do this on XG. I can go to Traffic Shaping and create my policy and attach it to my rule or service - but then in Traffic Shaping Service there is a setting "Optimize for real-time (VoIP)" that is Enabled by default…
    • Answered
    • 6 months ago
    • Sophos Firewall
    • Discussions
  • WAN Link Down

    PifPof
    PifPof
    Moin ! Habe hier einen XGS 2300 Cluster mit einem WAN Anschluss. Dieser ist auch in Benutzung und funktioniert. Trotzdem wird er im WAN Link Manager als ROT angezeigt. Das Gateway ist generell von der Firewall anpingbar, trotzdem habe ich die Failover…
    • 6 months ago
    • Sophos Firewall
    • German Forum
  • Server access : port to port won't work

    helmut willems
    helmut willems
    hello , i'll try a simple port forwarding when i setup this like below , it works when i change the source port to 7887 then it dont forward. why o why ?
    • 6 months ago
    • Sophos Firewall
    • Discussions
  • Port Forwarding Question - Plex or Embry

    DaniellsFirewall
    DaniellsFirewall
    I believe I have everything right but I cannot see traffic in the firewall logs and I cannot get remote access to ether media server. NAT Rule : Port 2 is WAN, Port 1 is LAN, Synology is a local IP Any Suggestions? I already called my ISP and they…
    • Answered
    • 6 months ago
    • Sophos Firewall
    • Discussions
  • XG125 v20.0.1 - Portweiterleitung und Zugriff auf Interne Hosts nach Update nicht mehr möglich

    Michael Nährig
    Michael Nährig
    Hallo Zusammen, unglücklicherweise wurde ein Update der XG125 von 19.5. auf 20.0 durchgeführt und anschließend war die gesamte Konfiguration zurückgesetzt. Nachdem ich nun die meisten Einstellungen mühsam wieder eingerichtet habe, scheint mir entweder…
    • 6 months ago
    • Sophos Firewall
    • German Forum
  • Allgemeine Frage zu Diensten und Regel Freigabe für Telekom pbx 2.0 Telefonie

    derinder85
    derinder85
    Hallo Zusammen, ich beschäftige mich neu mit der XGS 107 und betreibe diese aktuell neu im eigenen Netzwerk. Aufbau: Fritzbox --> XGS 107 --> Netzwerk Jetzt komme ich schon zur ersten Herausforderung. Zusätzlich hätte ich noch allgemeine Fragen…
    • Answered
    • 6 months ago
    • Sophos Firewall
    • German Forum
  • Traffic NATed an einem zusätzlichen Interface

    Michael Schneider DE
    Michael Schneider DE
    Hallo, ich habe folgendes Szenario, eine neu XGS als Ersatz für eine UTM, neben den normalen Interfaces (LAN mit mehreren VLANs, WAN, und HA) gibt es ein Interface zu unserem MPLS Provider. Dazu existiert auf dem Interface ein Transfernetz und enstsprechende…
    • Answered
    • 6 months ago
    • Sophos Firewall
    • German Forum
  • Converting iptables to NAT rule

    woter324
    woter324
    Hi, I have been given an iptables command and I would like to create the same rule on my XG. Could anyone confirm if I have "translated" the rule correctly, please? iptables -t nat -I PREROUTING -s 10.100.20.19 -d www.riscocloud.com -p tcp --dport…
    • 6 months ago
    • Sophos Firewall
    • Discussions
  • Migration von XG auf die XGS

    Dirk Herold
    Dirk Herold
    Hallo zusammen, ich habe heute eine Migration einer XG 210 auf eine XGS 2100 vorgenommen. Backup auf XG erstellen und auf XGS einspielen lief perfekt durch. Ich habe nur ein Problem, die Accesspoints (APX320) connecten sich nicht mit der XGS. …
    • Answered
    • 6 months ago
    • Sophos Firewall
    • German Forum
  • XGS SFP ports not working until you specify interface speed (1G or 10G XGS, v20)

    LHerzog
    LHerzog
    Update to LAG not working unless you specify interface speed Using XGS4500 on 20.0.0 GA-Build22 with XSAZTCHF4 "Sophos FleXi Port Modul 4 port 10GbE SFP+" LACP bonding was not working on PortsA1-A4 unless specifying 10G Interface Speed manually, disabling…
    • Answered
    • 6 months ago
    • Sophos Firewall
    • Discussions
  • How to Configure Sophos Firewall for Optimal Network Performance?

    Abdullah Nawaz
    Abdullah Nawaz
    Our organization recently deployed a Sophos Firewall to manage our network security, but we're experiencing some performance issues such as slow internet speeds and intermittent connectivity problems. I want to ensure that the firewall is configured correctly…
    • 6 months ago
    • Sophos Firewall
    • Discussions
  • /31 WAN

    Jenny Skinner
    Jenny Skinner
    Hi, Can anyone confirm whether Sophos supports /31 subnet config on WAN interfaces please? XG2100 running SFOS 20.0.0 GA-Build222 Thanks
    • 6 months ago
    • Sophos Firewall
    • Discussions
  • Access to the local subnet from the WAN interface (NAT RULE?)

    Matteo Frati
    Matteo Frati
    Hello everyone! I have 2 SOPHOS firewalls in two different buildings, connected by Long Range Aerials (point to point). FIREWALL 1 is configured like this: LAN 192.168.122.X (Aerial 1 is part of this DHCP pool) WAN public IPs (static) then…
    • Answered
    • 6 months ago
    • Sophos Firewall
    • Discussions
  • Configure Traffic Shape on a System Host

    Ricardo Arjona
    Ricardo Arjona
    Hi everyone, I have configured a bridge on ports 1 and 5 I would like to know if it is possible to configure a traffic shaping on a specific port. for example, port 1 with 10MB, port 5 with 40MB, I have created the this rule but I'm not sure if it really…
    • Answered
    • 6 months ago
    • Sophos Firewall
    • Discussions
  • CPU load on XG650

    Ondřej Valentík
    Ondřej Valentík
    Hello, we are facing some performance issues on our XG650 running SFOS 19.5 MR3 and during investigation I have found that one of the Processors has significantly more load than rest of the 40 ones. Sometimes it is loaded up to 100% for tens of minutes…
    • 6 months ago
    • Sophos Firewall
    • Discussions
  • Firewall rules and policy

    Charlie Dodd
    Charlie Dodd
    Hi, I am wanting to block the IOT network (xxx.xxx.5.xx/24) from pinging the default gateway of other networks so created a firewall rule to do so however when testing, devices in the IOT network are still able to ping the default gateway of other networks…
    • 6 months ago
    • Sophos Firewall
    • Discussions
  • View related content from anywhere
  • More
  • Cancel
<>