• How to config traffic using SD WAN routes instead of default gateway route ?

    Anhar Panduwinata
    Anhar Panduwinata
    Need help on this issue, I tried to configure the SD WAN routes destination to use SD WAN profile, but the traffic keep going through default. I have tried to disable the Underlay SD WAN route and access speedtest.net (I put speedtest.net as destination…
    • 1 month ago
    • Sophos Firewall
    • Discussions
  • Sophos XGS OSPF

    Dominic Pageau
    Dominic Pageau
    Hi all, I'm using OSPF but don’t want to redistribute all routes. On Cisco, I would probably use a route map to filter which routes need to be advertised. Here with XGS, I have unchecked "Redistribute connected" and "Redistribute static." I’m using…
    • 1 month ago
    • Sophos Firewall
    • Discussions
  • Firewalls do not connect backup to the internet after ISP goes down and back up

    Nicholas Pick
    Nicholas Pick
    I have two clients that use the same ISP. One client has an XGS87 and the other XGS116. The ISP does scheduled maintenance at night knocking the firewall offline. My clients will have to power cycle the firewalls to get them to connect in the morning…
    • Answered
    • 1 month ago
    • Sophos Firewall
    • Discussions
  • FreePBX triggers Network attacks - protocol-voip

    148Points
    148Points
    Hi, all of a sudden we see that our FreePBX installations triggers Network-attacks in our XGS. "Attacker" is our FreePBX, 192.168.1.22 - "Victim" is the IP of our SIP-Trunk Provider. Attack : PROTOCOL-VOIP Contact header format string attempt. This…
    • 1 month ago
    • Sophos Firewall
    • Discussions
  • Adding MAC ranges to a MAC list

    Sobhi Abufool
    Sobhi Abufool
    Hi, I have a proxmox hypervisor I use it to spin up VMs and LXC containers, and I use MAC addresses to enforce some rules on my Sophos firewall. how can I add a MAC range so all the new VMs that have random generated MAC addresses (under the same vendor…
    • 2 months ago
    • Sophos Firewall
    • Discussions
  • trouble with Diagnose

    GernotMeyer
    GernotMeyer
    Hi all, Sophos XGS SFOS 20.0.2 MR2. When I try to check a ping: It only accepts IP Addresses or names without capital letter! I can resolve blabla.domain.local but not BlaBla.domain.local "Please enter a vlid IP or hostname". Is that bug or…
    • 2 months ago
    • Sophos Firewall
    • Discussions
  • PABX and SIP cant ping my sophos in

    Jasper Dredd Guibani
    Jasper Dredd Guibani
    I’m currently facing some connectivity challenges with my network setup. My PABX and SIP systems are working fine—they respond to ping requests, so they’re definitely online. However, I can’t seem to get any incoming connections from the PABX to my Sophos…
    • 2 months ago
    • Sophos Firewall
    • Discussions
  • rules

    Serkan Dağlı
    Serkan Dağlı
    1 Firewall 2024-10-26 14:10:51 Appliance Access Denied N/A 0 PortA1.10 10.10.1.3 10.10.1.255 137 …
    • 2 months ago
    • Sophos Firewall
    • Discussions
  • MAC filtering WLAN-Network

    Manfred Werner
    Manfred Werner
    Hallo Gemeinde Auf der alten UTM konnte ich in den Netzwerkdefinitionen Mac-Adresslisten erstellen und diese dann als Black oder Whitelist verweden. Auf meiner XG-Home Sfos 20.0.2 MR-2 Build378 gibt es unter Wireless / Wireless-Networks / "myWLAN…
    • Answered
    • 2 months ago
    • Sophos Firewall
    • German Forum
  • X-Ops seems not to be working on V21 GA?

    EdmundSackbauer
    EdmundSackbauer
    Hi, I moved to Version 21.0 GA (Home Edition) recently. I noticed that in control panel, no events in the log or counters are logged that X-Ops is doing anything: A configured third party threat list (abuseipdb.com) is working properly and blocks…
    • 2 months ago
    • Sophos Firewall
    • Discussions
  • IPS-Policy, Portscan/NMAP blocken

    Mike Ullrich1
    Mike Ullrich1
    Hi Zusammen, ich hadere gerade damit, das IPS einer Sophos so einzurichten, dass sie einen Portscan blockiert, oder zumindest überhaupt mal erkennt. Meine Richtline hat einen Smartfilter "nmap" (hab aber auch schon alle 7k Richtlinien aktiviert…
    • 2 months ago
    • Sophos Firewall
    • German Forum
  • Port Freigabe - Eingrenzung auf Herkunft?

    GG-Star
    GG-Star
    Hallo Zusammen, ich würde gerne in der Sophos XGS107 eine Portfreigabe für einen Telefoncloudanbieter einrichten. Welche Ports das sind, wird hier sehr gut beschrieben. https://www.easybell.de/hilfe/telefon-konfiguration/allgemein/firewall-fuer…
    • 2 months ago
    • Sophos Firewall
    • German Forum
  • unable to create ip network - "You must enter a network IP address."

    GernotMeyer
    GernotMeyer
    Hi all, I have several SFOS V20 in place. I can nomore add an ip network: "You must enter a network IP address." There is not much room for making things wrong and I did this couple of times before. No problem to add an ip host but no chance for…
    • 2 months ago
    • Sophos Firewall
    • Discussions
  • WAN Link Load Balancing in v20

    Nathan Kuhl
    Nathan Kuhl
    What is everyone's experience with WAN link load balancing in v20? We're a K12 private school with two identical WAN links from different ISPs, Frontier and Comcast. Our goal is to enable WAN link load balancing in an active-active config, weight 1 and…
    • Answered
    • 2 months ago
    • Sophos Firewall
    • Discussions
  • I want to get all the IP host objects that are currently configured through an API call

    Yashas Manjunath
    Yashas Manjunath
    I am referencing this documentation https://docs.sophos.com/nsg/sophos-firewall/19.5/API/SYSTEM/Host%20and%20Services/IPHost/operations/AddIPHost&EditIPHost.html There's information on how to add or update an existing IP host object. However, I just want…
    • Answered
    • 2 months ago
    • Sophos Firewall
    • Discussions
  • Guest network on separate public IP

    jtaylor
    jtaylor
    We have a /29 subnet from our ISP. I want to use a dedicated public address for our guest network traffic. I've added an alias on the PPPoE port and thought I could then just use an SD-WAN rule to route the traffic, but the alias doesn't appear in the…
    • Answered
    • 2 months ago
    • Sophos Firewall
    • Discussions
  • snat multiple gateways

    midnightSun
    midnightSun
    SNAT with multiple WAN gateways isn't working.. WAN Gateway 1 = Port3 - its public with /27 worth of aliases WAN Gateway 2 = Port5 - its public with /28 worth of aliases (IP Host) SNAT with Port3 aliases work for all of the rules I've created…
    • Answered
    • 2 months ago
    • Sophos Firewall
    • Discussions
  • intrusion attack

    Charlie Dodd
    Charlie Dodd
    Hi all, im pretty new to the sophos firewall i noted that on the dashboard it showed an attack and also checked the logs whcih are both shown below. From this i can see that it was detected rather than blocked. Is there a way to set the IPS to block by…
    • 2 months ago
    • Sophos Firewall
    • Discussions
  • Unauthenticated traffic on WAN - Captive portal

    Gary McDonald
    Gary McDonald
    Hello All, We have a Sophos XGS connected to a metered WAN connection, in order for devices to connect to the internet the user must authenticate to the Sophos captive portal and at which point a weekly data transfer quota is applied. This has been…
    • 2 months ago
    • Sophos Firewall
    • Discussions
  • Invalid Traffic - specifically using web browser, not via nmap

    jon_hall
    jon_hall
    Hi all, i have had a look at the Invalid Traffic page but as stated at the bottom doesnt resolve the issue, just reduces the number of logged entries My setup is as follows Core network is TPLink Omada (Manages the vlans) Sophos setup: Port1 …
    • 2 months ago
    • Sophos Firewall
    • Discussions
  • Distribute IPSec site-to-site network via OSPF

    Patrick's
    Patrick's
    Hello, I found a solution where IPSec networks are distributed via OSPF and would like to know if this is correct? Can I use this in a productive environment? 1. SSH -> 4. Device Console 2. system ipsec_route add net 192.168.123.0/255.255.255.0 tunnelname…
    • Answered
    • 2 months ago
    • Sophos Firewall
    • Discussions
  • Traffic Shaping / QoS

    Christian Garcia N
    Christian Garcia N
    Good morning. I have been looking for information about the use of Traffic Shaping / QoS and applied what is indicated but in my case it is not working for me. I have 2 offices, each with a Sophos firewall. The server in office A sends data to the…
    • 2 months ago
    • Sophos Firewall
    • Discussions
  • Webserver mit mehreren Domains

    Henrik Seitz
    Henrik Seitz
    Guten Abend, wir möchten gerne mehrere Web-Applikationen auf unserem Server über das Internet bereitstellen. Hierzu habe ich bereits beim Provider die entsprechende Subdomain auf unsere öffentliche IP geleitet. Daraufhin habe ich in der Sophos via…
    • 2 months ago
    • Sophos Firewall
    • German Forum
  • XG 106W reagiert nicht auf ping

    Manfred Werner
    Manfred Werner
    Hallo Forum, ich habe eine XG106w Rev1. Da ich nur eine Home Lizenz habe, wurde von mir die SFOS Home heruntergeladen und installiert Der Lan port1 hat die IP 172.16.16.16 und die Netzmaske 255.255.255.0 Der am LanPort 1 hängende PC hat die…
    • Answered
    • 2 months ago
    • Sophos Firewall
    • German Forum
  • TLS on syslog

    James Morigan
    James Morigan
    Hi, we have a problem with transferring syslog from Sophos firewall to the Arcsight SmartConnector. When we try UDP, logs can be seen in connector. However, with TLS communication fails. This is only example, but ours handshake also fails at Change…
    • 2 months ago
    • Sophos Firewall
    • Discussions
  • View related content from anywhere
  • More
  • Cancel
<>