Need help on this issue, I tried to configure the SD WAN routes destination to use SD WAN profile, but the traffic keep going through default.
I have tried to disable the Underlay SD WAN route and access speedtest.net (I put speedtest.net as destination…
Hi all,
I'm using OSPF but don’t want to redistribute all routes. On Cisco, I would probably use a route map to filter which routes need to be advertised. Here with XGS, I have unchecked "Redistribute connected" and "Redistribute static." I’m using…
I have two clients that use the same ISP. One client has an XGS87 and the other XGS116. The ISP does scheduled maintenance at night knocking the firewall offline. My clients will have to power cycle the firewalls to get them to connect in the morning…
Hi, all of a sudden we see that our FreePBX installations triggers Network-attacks in our XGS.
"Attacker" is our FreePBX, 192.168.1.22 - "Victim" is the IP of our SIP-Trunk Provider. Attack : PROTOCOL-VOIP Contact header format string attempt. This…
Hi,
I have a proxmox hypervisor I use it to spin up VMs and LXC containers, and I use MAC addresses to enforce some rules on my Sophos firewall. how can I add a MAC range so all the new VMs that have random generated MAC addresses (under the same vendor…
Hi all,
Sophos XGS SFOS 20.0.2 MR2.
When I try to check a ping: It only accepts IP Addresses or names without capital letter!
I can resolve blabla.domain.local but not BlaBla.domain.local
"Please enter a vlid IP or hostname".
Is that bug or…
I’m currently facing some connectivity challenges with my network setup. My PABX and SIP systems are working fine—they respond to ping requests, so they’re definitely online. However, I can’t seem to get any incoming connections from the PABX to my Sophos…
Hallo Gemeinde
Auf der alten UTM konnte ich in den Netzwerkdefinitionen Mac-Adresslisten erstellen und diese dann als Black oder Whitelist verweden.
Auf meiner XG-Home Sfos 20.0.2 MR-2 Build378 gibt es unter Wireless / Wireless-Networks / "myWLAN…
Hi,
I moved to Version 21.0 GA (Home Edition) recently.
I noticed that in control panel, no events in the log or counters are logged that X-Ops is doing anything:
A configured third party threat list (abuseipdb.com) is working properly and blocks…
Hi Zusammen,
ich hadere gerade damit, das IPS einer Sophos so einzurichten, dass sie einen Portscan blockiert, oder zumindest überhaupt mal erkennt.
Meine Richtline hat einen Smartfilter "nmap" (hab aber auch schon alle 7k Richtlinien aktiviert…
Hallo Zusammen,
ich würde gerne in der Sophos XGS107 eine Portfreigabe für einen Telefoncloudanbieter einrichten.
Welche Ports das sind, wird hier sehr gut beschrieben.
https://www.easybell.de/hilfe/telefon-konfiguration/allgemein/firewall-fuer…
Hi all,
I have several SFOS V20 in place. I can nomore add an ip network: "You must enter a network IP address."
There is not much room for making things wrong and I did this couple of times before.
No problem to add an ip host but no chance for…
What is everyone's experience with WAN link load balancing in v20? We're a K12 private school with two identical WAN links from different ISPs, Frontier and Comcast. Our goal is to enable WAN link load balancing in an active-active config, weight 1 and…
I am referencing this documentation https://docs.sophos.com/nsg/sophos-firewall/19.5/API/SYSTEM/Host%20and%20Services/IPHost/operations/AddIPHost&EditIPHost.html There's information on how to add or update an existing IP host object. However, I just want…
We have a /29 subnet from our ISP. I want to use a dedicated public address for our guest network traffic. I've added an alias on the PPPoE port and thought I could then just use an SD-WAN rule to route the traffic, but the alias doesn't appear in the…
SNAT with multiple WAN gateways isn't working..
WAN Gateway 1 = Port3 - its public with /27 worth of aliases
WAN Gateway 2 = Port5 - its public with /28 worth of aliases
(IP Host) SNAT with Port3 aliases work for all of the rules I've created…
Hi all, im pretty new to the sophos firewall i noted that on the dashboard it showed an attack and also checked the logs whcih are both shown below. From this i can see that it was detected rather than blocked. Is there a way to set the IPS to block by…
Hello All,
We have a Sophos XGS connected to a metered WAN connection, in order for devices to connect to the internet the user must authenticate to the Sophos captive portal and at which point a weekly data transfer quota is applied. This has been…
Hi all, i have had a look at the Invalid Traffic page but as stated at the bottom doesnt resolve the issue, just reduces the number of logged entries
My setup is as follows
Core network is TPLink Omada (Manages the vlans)
Sophos setup:
Port1 …
Hello, I found a solution where IPSec networks are distributed via OSPF and would like to know if this is correct? Can I use this in a productive environment?
1. SSH -> 4. Device Console 2. system ipsec_route add net 192.168.123.0/255.255.255.0 tunnelname…
Good morning.
I have been looking for information about the use of Traffic Shaping / QoS and applied what is indicated but in my case it is not working for me.
I have 2 offices, each with a Sophos firewall.
The server in office A sends data to the…
Guten Abend,
wir möchten gerne mehrere Web-Applikationen auf unserem Server über das Internet bereitstellen.
Hierzu habe ich bereits beim Provider die entsprechende Subdomain auf unsere öffentliche IP geleitet.
Daraufhin habe ich in der Sophos via…
Hallo Forum,
ich habe eine XG106w Rev1.
Da ich nur eine Home Lizenz habe, wurde von mir die SFOS Home heruntergeladen und installiert
Der Lan port1 hat die IP 172.16.16.16 und die Netzmaske 255.255.255.0
Der am LanPort 1 hängende PC hat die…
Hi, we have a problem with transferring syslog from Sophos firewall to the Arcsight SmartConnector. When we try UDP, logs can be seen in connector. However, with TLS communication fails.
This is only example, but ours handshake also fails at Change…