Hi All.
I have a XGS136. - Reporting DB shows 100% I have tried purging the reports as well as attemting to delete the files manually but no success. I ran the below and did a purge and I am getting this error: (tail -f /log/reportdb.log /log/iview…
Hi everyone,
We're using the integrated Let's Encrypt feature in SFOS V21. We've noticed some strange behavior when it comes to renewing certificates.
When the firewall attempts to renew the certificate, it fails with the message: "Reason for failure…
Hello.
Recently, a bunch of my locally-generated certificates have expired and I am having trouble finding a way to renew them.
I am using the firewall's local CA to make certificates for WAF rules and the web-admin console.
You'd think there would…
Dear all,
I found a Migration Tool on Github and did everythink like the Instructions told me to do.
Here is the Link to the tool: https://github.com/sophos/Sophos-Migration-Utility-CLI
Now I have a Problem, when I want to Import the "Export…
Hello All,
I have 2 branch offices and one HQ office. I would like branch 1 to be able to communicate with branch 2 VIA the Sophos XGS appliance in the HQ. Can any body give me any pointers for the best way to achieve this.
I know I could connect…
Very good to all!!!
Objective: It is needed that the “SSL VPN” connections of the clients, are allowed to connect through “Sophos Connect” through the main_gateway, and in case of failure of this, they can connect through the backup_gateway.
Case…
Guten Morgen Leute
mir ist aktuell an meiner Sophos v21 die auf einer SG 230 läuft aufgefallen das intern keine DNS Namensauflösungen intern funktionieren. Hier nutze ich verschiedene VLANs .
Ich kann intern keine IPs oder Namen auflösen egal ob…
Hello,
I would like to know the recommended CLI commands to perform hardware diagnostics on the Sophos Firewall 2100 . Specifically, I want to test components like CPU, memory, storage, and network interfaces to ensure the device is functioning properly…
Hi,
ich hatte eine SG230 und hier einen VPN IPSEC Tunnel zum Kunden. Hier wurde gewünscht, dass unsere Daten nur von einer IP Adresse gesendet werden. Somit hatte ich hier einen SNAT hinterlegt. Die Kollegen haben sich mit einem Service-User per SSL…
On one of our XGS-firewalls, we need a NAT rule for HTTP/HTTPS. On this firewall, it's not possible to create or renewal a Let's Encrypt Cert.
We need to disable the NAT rule, then it works to create/renewal the certificate.
But this can't be the…
Problem: When I go to the portals from my LAN zone I can get into all of them except the captive portal. Ports 4443 (user) , 4444 (admin) work. Port 8090 gives me an error in the browser: Firefox v133.0: PR_END_OF_FILE_ERROR Chrome v131.0.6778.87: ERR_CONNECTION_CLOSED…
Hello,
We are using onbox email protection with our SFOS 20.0.2, XG-System.
I defined an FQDN-Host object as having the FQDN-wilcard *.outbound.protection.outlook.com. This object is listed correctly under the tab "FQDN-Host" at the "Hosts and Services…
Hi!
I am currently exploring Sophos based on my prior experience with it back in 2014. I am gradually migrating from my MikroTik setup to a Sophos Home Firewall, primarily due to its advanced security features.
I have set up Sophos Home Firewall on…
Hi,
My employer uses Sophos Connect VPN. I currently use an Intel PC but am looking at changing to an ARM Snapdragon X PC. However I'm not sure whether Sophos Connect is compatible with Snapdragon X.
Sophos "Supported platforms" on this support page…
Hey everyone,
today i noticed our Windows DCs want to communicate with Windows Clients behind a RED Device, where SFOS is recognizing it as a Freegate Proxy Application and blocks it
Src IP = Win DC
Dst IP = Win Client behind RED
Seems to be…
Hallo liebe Gemeinde,
habt Ihr eine Idee wie wir z.B. unsere IPsecs wirkungsvoll gegen die Angriffe von Quantencomputern schützen können? Was ist da die Best Practice auch im Bezug auf den Zeitraum für einen Schlüssel Tausch, welche Cipher welche…
Hi folks,
a question for those who can provide guidance and maybe even answer.
The daily report shows various classifications for NTP type traffic.
1/.
2/.
3/.
I was reviewing the hairpin NAT configurations and found there were some items…
i have configured a clientless sftp policy that contains the bookmark and the bookmark contains the private and public key along with server information. I created a user on our portal and allowed it to use this policy. I did on the side another rdp policy…
Hi.
I have a default firewall policy configured like this and web filtering is not configured to any other firewall rule. I do not use HTTPS decryption.
Web filter works and I get a block message for denied HTTP sites and certificate error for…
Hi
I have an issue whereby users cannot send images or documents on whatsapp mobile app. We have policy rules for social restriction but whatsapp i alloewd but seems not to be working
We recently upgraded our Sophos XGS 4300 to SFOS v21. Since then, we are finding that a number of our users were receieving connection reset messages in their browser (Edge and Chrome) when attempting to access some websites with transparent TLS decryption…
I have XG 115 which only has an active basic protection license. Now I need to add new sd-red 20 devices. Can I purchse the Network Protection license and proceed? Will it work? Cuz one of Network specialists told me it won't work, no more licenses for…