Hi there, since some days, we encounter Bruteforce-Attacks against our Mainfirewall (Sophos XGS): Access from IP address '92.53.xxx.xxx' is blocked for '30' minutes after '5' unsuccessful login attempts I've tried to block all requests from…

hello, I got this intrusion attempt for the first time. just don't know what to do. I looked for any recent downloads and browsing history, and asked the user if he plugged any device to the computer but nothing suspicious found. this is a screenshot…

Hello, I've added a DHCP-Server for an interface on my XG. The interface is an RED-VLAN-Interface and ping from the switch is working. An Accesspoint connected to the switch did not get an IP-Adresse. Today we found out, that we have the same problem…

A customer site has a 2nd gateway that is required to access one of their vendor's systems. Our Sophos XGS has static routes in place to direct any traffic intended for the vendor network to the 2nd router. Rather than adding host entries for the vendor…

Hello, we also have 2 DVR devices in our network. I can access it via HTTP (Web). I cannot reach the second device. It seems like it is going to log in to the second DVR device, but it doesn't. It gives ERR_CONNECTION_REFUSED error. I tried many things…

HI How can i check the interface counters for WAN interfaces in the Sophos firewall ?

Hi, I have set up a free account with FreeDNS. My public IP address is pointing to the correct subdomain.mooo.com However, I have a query about the hostname, SF only accept: subdomain.mooo.com. But in order to work, you need to include the update…

I'm having an issue where we have two vendor routers that need to be highly available to all branch and data center locations (No changes permitted on the vendor R1 and R2) The networks at all the branch locations consist of a Sophos XG135 as the Gateway…

Hi everyone, I have some problems with the STAS service. The picture shows the topology: I have two locations, the HQ with an XG210, and the branch with XGS136. Both are connected through a VPN tunnel. The STAS server is in HQ location. The communication…

Hi, we have the below IP series in Wan port and alias, all tunnel services are running. now ISP is providing a new alias /29 subnets with different IP series if we add a new alias /29 subnets with the existing setup it will work or not. - Port…

For firewall rules that allows access to a sensitive system (host) and where access is usually not required all the time, it would be nice to have a feature to enable them manually when needed but with a timer that disables the rule after 60 minutes or…

Hello everybody, Just new to the forum so please be gentle. I have 2 WAN's on Port 3 and port 6 What I wanted to do is put the guest and staff wifi to use the connection on Port 6 instead of the main connection on port 3 I made firewalling…

I want to drop the connection to my Sophos SG 310 from one country for example Xcountry. what must I do Thanks

Hi folks, a question about XG ability to decode DNS over HTTPS and TLS, can the current version of XG decode DNS requests sent to it using HTTPS or than TLS? Ian

Currently I have some trouble providing Firewall access to some load balanced CDN services on Akamai Servers, where the corresponding DNS names have short TTL's when using wildcard FQDN like *.docusign.net when the URL accesses will be demo.docusign.net…

Hello there, Just wondering if there is anything that we can do to block Bing video preview. We have blocked youtube and other video sites. However in when bing search is used, it previews the video and seems there is no way to block. Even there is…

Hi Team, Kindly schedule support call for Gmail block setting in Firewall.

Hello, I would like to create a DNAT and PAT rule for a customer. However, this doesn't quite work the way I want it to. When saving, I always get the message ‘Original and translated services do not match’. Normally I would also like to use port…

Hello there, I have been searching long time to do the following with Sophos XG 230 Firewall. But still could not find solution. Can anybody help 1. Block Microsoft 365 One Note alone. Rest of the Microsoft 365 should work. Blocking One Note on Application…

Hello World, I have to Internet gateways from my ISP as part of a package deal. I would like to use one internet gateway as my production traffic and the other gateway as my lab traffic. None of the resources behind need to talk to each other. I just…

Dear tEam, I cannot allow traffic from an external ip and a specific port to my local server. I tried differents things but it doesn't work.

I have been having an issue where my smart tv hangs when apps first start up. It hangs for...several minutes sometimes. Checking my firewall logs, this is the reason, and after the several minute hang, everything works, which makes sense since it's now…

Hello all, I'm used to another known firewall vendor but I decided to give this for my home network a try since the other solution is way too expensive. My goal is to use a single link between my switch and my Sophos appliance so I do not need lots…

I have an XG330 running 20.0.2. I'm trying to configure BFD+BGP. The BGP portion works great. However, the BFD portion does not. I enabled BFD from the CLI. The following is what my BGP configuration looks like from the CLI: Current configuration: …

Hi, Is there any option to detect internal network port scans from within the network or networks? Like for example using nmap or netcat or others from inside the local network, not from a wan source. I'm posting this in endpoint as well. Thanks…