The VPN connection was working for a long time. Now Sophos shows that the connection ia active with one tunnel and the Fritz!Box also show a functional connection. But the tunnel is not working, I am not able to connect to the remote network. The Fritz…

Hello everyone, We are currently using the SSL VPN to connect our employees from the home office. As our Internet line was very slow, we have now upgraded to a faster line in addition to the previous one. The two lines will run in parallel for a while…

This site doesn't allow deletions of posts so I'm putting this here.

I am using UTM 9.720.5, which is the newest firmware. I know, it is a Russian IP and I am not the only one which tried to be hacked! Under WebAdmin I have only allowed access from the internal network! So my question is, why it is possible, that somebody…

Good evening everyone, I'm asking here because it looks like to open a ticket in the Sophos portal I have to pay even though I have a subscription. For a very long time we had a site-to-site VPN with AWS, this stopped working for few days ago. I've…

Hi, I want to bypass the Hotspot function in UTM 9 with predefined clients (MAC adresses). I did not find any option for this. How can I do this?

Bei einer UTM aus 2012 ist das VPN Signing CA mit sha1 und 1024 bit; bei einer UTM aus 2018 ist das VPN Signing CA mit sha256 und 2048 bit. Wie kann ich das VPN Signing CA der alten UTM so erneuern, dass es auch sha256 und 2048 bit hat?

Hello, today we shut down our Sophos UTM 9 router and plugged in a different one. We tried to use that one to connect to the internet using PPPoE. Didn't work. So then we plugged our Sophos router back in. However, now it is struggling with PPPoE…

I have a problem where one of our Let's Encrypt Certificates won't renew. This certificate is used for a virtual web server with our Exchange server (OWA, activesync, etc.) as the real web server. Another certificate, used for the UTM user and admin…

I have the need to change an incomming stream request to an different streaming server with different name name and on different port. For example: Request to www.test.com:8144/abc.mpeg www.test.com:8044/def.mp3 Is this possible and how? I tried…

Good morning! I try to set up IPSEC with DN Match policy through Windows 11 built-In VPN. I configured it on the UTM and on the client, but no connection request is incoming on the UTM, I'm a bit confused. Checked the firewall and the IPSEC logs, but…

Hello, I have a customer with a UTM9 9.715-4 firmware and they need to pass vlan traffic thought the UTM from one DMZ interface to internal zone interface. My idea is to add vlan interface on both physical interface with 802.1q tag and just let…

Hello, I tried to setup a TOTP feature upon SSL VPN and User Portal. I did the same mistake as described in post user Vhince Chua ( Change OTP tokens from SHA-1 to SHA-256 ) and user post Fabio Canabarro ( Sophos SG UTM: OTP QR Code doesn't work …

I am using Sophos UTM and need a certificate for openssl. Therefore I tried to install Certify the Web. For the mail server I using a sophos certificate and the `Exchange Server Webservices` Firewall-Profile! If I try to access to a file inside the inetpub…

I have a couple of UTM clusters that each has more than 200 firewall rules, and I want to load them in excel to make a traffic matrix. The firewalls are managed by SUM but I didn’t find a way to export the rules to a file. While it's possible to do…

Hi all, Have you guys tried to install CheckPoint Gina OS on the SOPHOS SG210 Appliance? We just create R81.2 ISO USB and boot to on SOPHOS SG210. After installing the CheckPoint as an open Server on the SOPHOS, everything is just working…

I keep seeing this message in my system message log even though I have setup DNS correctly. Is there anyway to find out what its trying to access that is calling the DNS server failed to contact. I wonder if its trying to access to an host name that doesn…

Hallo zusammen, im Rahmen der Einrichtung einer SD-RED20 ploppte in der UTM GUI die folgende nette Meldung auf: "Konnte Firmware nicht aktualisieren. Dies ist ein dauerhafter Fehler" Hat das schon mal jemand gehabt und einen Workaround hierfür…

Hello, We have currently two Sophos SG 210 (Sophos UTM, not XG) which are running on HA (Active/Passive). We have two WAN interfaces which were running previously at 400 / 20 Mbps and their bandwidth were good. Recently we proceeded with the upgrade…

Hello folks, I need some help figuring something out. Is it correct that the web-proxy only uses multipath routes and not policy routes? We have multiple WAN interfaces and all our clients use the web-proxy of our UTM firewall. In order to use some…

Hi, I'm using Sophos UTM 9 Firewall, recently, I started receiving complaints from IOS users that they cannot use WhatsApp, unlike Android users who can use it in a normal way. I tried everything but it didn't work. Has anyone encountered this…

What is the best way to block all traffic to .zip TLD via UTM9? Normally I would use web filter profile with regex, but that isn't working. I've already blocked via intune where applicable, but that doesn't cover all devices.

Hello everybody, our UTM9 has detected and blocked outgoing traffic from a potential botnet. According to the Sophos site, the next step would be the Sophos Virus removal tool. Which didn't remove anything. So was it a false alarm or are there any other…

Same here, running multiple HA pairs - SG550s, CPU running at 100% - identified rrdtool process as the culprit. Firmware 9.714-04. Timezone set as London/Europe. Painfully slow to login and administer through the GUI, restarted secondary and waited for…

Problem: slow connection between central office and Site B. We have a central office with 100 Mbit/s and 25 Mbit/s up, similar our Site B has 100 down and 25 up. Now in the Central office lies a SG230 with the 9.713-19 Firmware, connecting to the…