I want to configure my Sophos Firewall so that only Firefox can access the internet from a PC, and all traffic must go through the Sophos explicit web proxy (configured on port 3128). Direct HTTP/HTTPS traffic from the PC should be blocked entirely. …
The SSL VPN client is not connecting immediately after installation and returns the error below We have just uninstalled the previous version of SSL client and re-installed the above. The last time a colleague installed a fresh OS on their machine, the…
Hello, We want to add a Radius Server on the XGS. Which entry must be stored for the item ‘Groupe Name Attribute’? Where can I find this attribute on the Radius Server?
Thank You!
Exactly the same question as the thread here
RE: Does Sophos support Intel i226-V 2.5G? Except I would like to know then this support will be introduced as these nics have been out forever and linux kernel fully supports now as well.
Hey,
after deploying our new XGS3300 with SFOS v21 we noticed several IPS Alerts which are created from a Veeam Guest Interaction Proxy to the Veeam Backup Server: Attack : FILE-OTHER Adobe Premier Pro ibfs32.dll dll-load exploit attempt Attacker: Guest…
Hello, I have a problem with mainly HTTPS connections showing up in the log as Invalid Traffic / Invalid TCP state. See screenshots below.
example domain is https://telekom.de
I have 2 Internet connections with separate NAT and SD-WAN routes. Routing…
Good day
l have create a site to site to vpn , the vpn is up , but we cannot ping the branch site
On the head office there is ospf configured, and if we trace route from the firewall it's showing that the traffic is going through the ospf vpn of…
Hello,
I'm seeing more and more ISPs asking for CPE P-bit setting for their connections. As far as i know, Sophos Firewalls still doesn't support this forcing us to use a bridged router supporting this feature in front of the Sophos FW.
Please consider…
Today we've had a partial outage due to high /var partition usage.
It was flapping between 70% and over 90% in a short time.
/dev/var 179.3G 138.6G 40.7G 77% /var
/dev/var 179.3G 138.8G 40.5G 77% /var
/dev/var 179.3G 138.9G 40.4G 77% /var
/dev/var…
Sophos FW for Production has failed to open on Google Web Browser however the IP is reachable.
Version: XGS4500 (SFOS 20.0.0 GA-Build222)
Mode: HA
Any solution towards that. Thank you
Hi all,
I have a XG135 firewall and several RED devices, I also have several devices from Ubiquiti (UNVR and CloudKeys) and they are causing problems. Ubiquiti support keeps telling me that I need to allow access on UDP port 123 which they use for NTP…
Hi,
I am exploring Sophos CENTRAL now with a bunch of XGS firewalls and Intercept-X installations and one thing that bothers me a lot is that firewalls in logs, alarms, events and such are all named by SERIAL NUMBER. Like in example below. It is really…
Hallo zusammen, ich möchte von einem Linux Server, der sich im Internet befindet, eine VPN Verbindung (SSL oder IPSec) zu meiner Sophox XG Firewall herstellen. Bisher wurde der sich im LAN befindliche SFTP Server (Telefonanlage) über einen dedizierten…
Hi,
I’m using a third-party threat feed with Sophos and under the impression that it should provide WAN to LAN protection. However, I’ve conducted a test and observed unexpected behavior.
Here’s what I did:
Created a custom text file list containing…
Hello,
we have a VPN-tunnel from our XG330 (SFOS 20.0.2 MR-2) to Azure and want to host a web application in azure.
The VPN Tunnel was done via the configuration file and is route based, with the xfrm interfaces being in the169.254.0.0/30 subnet…
Noticed a change in the Talos / Snort blocklist from the website. Reason I looked further is I can't get the list to update on the Sophos v21 feeds and this would make sense. Also noting that it no longer works on a pfsense instance I have.
"Thursday…
We have an XGS116 firewall and after updating to the SFOS 20.0.2 MR2-Build 378 I can no longer log in to the admin web portal, only login failure. Even trying to access via SSH when you can log in, navigation between the options is extremely slow and…
Dear all,
I am facing a problem that my WAN Port always showing RED and i could not ping the WAN Gateway. At the same time, the same line with the same Static ip address is working in my laptop / nearby desktop without any problem.
Kindly let…
Hallo zusammen,
Wir nutzen momentan XGS2100 (SFOS 21.0.0 GA-Build169)
ich habe bemerkt, dass wir einige Dienste durch SSLVPN nicht erreichbar haben.
Z.B wir haben ein Programm/Link, was wir Intern ganz normal nutzen kann aber über VPN geht nicht…
We're a rural school, 200 students. Grade 5-12 all have a device, as do teachers. K-4's have access to a iPad cart. We just moved out of our UTM and into a XGS 2100. (4 - AX320 on the firewall, 4 - AP55 on Central) Our WIFI setup was never quite ideal…
I'm trying to configure an SSL VPN. Our WAN subnet has 5 IP addresses, with 4 aliases set up for the additional IPs:
Port2
Port2:0
Port2:1
Port2:2
Port2:3
Currently, I have a web server running on Port2:0 .
I want the SSL VPN to run…
Hi,
Every month, when users change their Windows password, the VPN credentials do not update automatically. On the administration side, we have to delete the User, purge the AD users, and re-register them again.
We have already tried setting the …
Hi all,
I created a new alias interface but missed on digit, so the address doesn´t belong to a existing interface configuration.
Now I cant delete that alias because its not showing up in gui. Is there a way do get rid of that alias via console?
Hello,
we performed a firewall migration from an XG450 model to the XGS4500 model last weekend. The firewalls are in a HA configuration. The migration process worked seamlessly. The primary firewall is working with no issue, all services started. To…
Hello everyone,
We have imported groups from the AD on the XGS and now wanted to tidy up a bit and remove various AD groups from the firewall again. When trying to delete the groups we get the message:
Thank You!