In our OT network, we're considering adding a Level 2.5 DMZ to bolster security. This would serve as an additional layer of protection between the control systems (Level 2) and the enterprise network (Level 4). Specific Design: Level 2.5 DMZ: Host…

I have a Sophos UTM9 cluster where each firewall is connected to two different ISPs (let’s call them WAN1 for Provider A and WAN2 for Provider B). Let’s name the interfaces 1-2 (node 1) and 3-4 (node 2). I want that: 1) the traffic to failover from…

Hey everyone, i have a problem here which turns out to be my final boss. What am I planning to do? I run two Sophos UTM firewalls at home, a UTM 320 which manages the LAN and an SG115 which manages the WLAN. I switched to VLAN operation, before…

Hello Community, we use a Sophos UTM cluster consisting of two nodes running on Sophos UTM 9.718-5 This Cluster routes the traffic through specific vlans. We have strange behavior with windows server vms that are operated in vlans behind the sophos…

Hi everyone, this is not a technical issue but a desparate call for advise. Our Sophos UTM-firewall (firmware version: 9.816-2) is suffering from a (D)DOS-attack that is going on for several days now. Since our internet-connection only comprises of…

Hi I'm using Sophos UTM 9 Firewall and recently I've faced the following issue with site certificate which is (" Certificate is not valid") i tried this solution in this link but still it doesn't work https://support.sophos.com/support/s/article…

Hello everyone, Today I observed something interesting. We run two SG450 appliances in an HA cluster. An interface of a RED was incorrectly set to local eth0. When we wanted to transfer the interface from local eth0 to the remote RED, our master…

Greetings; 3 days ago I completed the ET80 course and passed the exam, but only the course completion certificate appears. I need the pdf of the certification as it appears when one passed the Administrator exam.

I have two internet connections from two different ISPs. Let one be called X and the other be called Y. X and Y are separately connected to a firewall. I use X actively. I want Y to be active when X loses internet connection. Then, when X internet connection…

Does the order of Sophos UTM "Network Protection" firewall rules matter at all?!?!?! On my sophos utm, the "Network Protection" firewall rules are as follows (summarizing) Top Rule = deny PrivateIP#1... any protocol... to any external ip (block…

Hi all, Have you guys tried to install CheckPoint Gina OS on the SOPHOS SG210 Appliance? We just create R81.2 ISO USB and boot to on SOPHOS SG210. After installing the CheckPoint as an open Server on the SOPHOS, everything is just working…

Hallo zusammen, ich habe momentan das Problem das ich die Lizenz von einer SG115 über MyUTM verlängern muss. Leider ist der Zugang für den MyUTM Account wo die Firewall Registriert ist scheinbar verloren gegangen, somit kann ich meinen UPG Lizenzschlüssel…

Hello Sophos Community, I noticed a strange phenomenon when I wanted to set up a guest network. Since this network has no access to other networks and should be able to browse the internet freely, I created a firewall rule as follows: Guest network -…

Hallo zusammen, eine bestehende UTM-Firewall (9.7) Umgebung, die aktuell zum größten Teil mit ANY-Regeln arbeitet, soll optimiert (gehärtet) werden. Das Problem dabei: Einen Überblick über den Traffic zu bekommen, ist nahezu unmöglich, da via ANY…

Hallo zusammen, ich versuche gerade bei mir in einer Testumgebung eine Sophos UTM auf W11 Hyper-V zu installieren. scheitere schon beim start an: Probing EDD (edd=off to disable) ... ok Danach hängt die Installation... hat jemand einen Tipp Dankeschö…

Hi We have a datalink L2, to communicate site A and Site B. On the Sophos site (site A), we receive the ip automatically, and can ping to gateway. On the site B, we have a unifi UTM (unifi UDM pro), we already make the firewall rule to able communicate…

Hello All, I am reaching out because I require assistance with a particular issue. My aim is to install knowBe4 PAB (Phish Alert Button) for Outlook 2019, but I am encountering difficulties during the installation process. Each time I attempt to install…

Hi all, Since days we have the following entries in the Advanced Thread Protection One physical site a) Sophos UTM, other physical site b) Sophos XG Assumed it is an Advanced Persitance Thread, how we can get rid of it? KR Olli

I’m documenting my numerous issues with SOPHOS Firewalls so that others can be aware of what they are getting themselves into. Episode 1 community.sophos.com/.../sophos-purposefully-designs-bugs-into-their-firewalls-episode-1---vpn-failover-and…

Hello, I have multiple messages in Advanced Tread Protection. 2023:06:22-03:43:37 xxx ulogd[13536]: id="2022" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped (ATP)" action="drop" fwrule="63001" initf="eth0" threatname="C2/Generic…

For all searching for this Problem with Teams not showing the calender app using hybrid szenario. Refering to this basic guide: Sophos UTM: Create WAF to allow traffic through Exchange 2016 using the MS Connection Tool: https://testconnectivity…

Hi, I'm using Sophos UTM 9 Firewall, recently, I started receiving complaints from IOS users that they cannot use WhatsApp, unlike Android users who can use it in a normal way. I tried everything but it didn't work. Has anyone encountered this…

What is the best way to block all traffic to .zip TLD via UTM9? Normally I would use web filter profile with regex, but that isn't working. I've already blocked via intune where applicable, but that doesn't cover all devices.

Hi, I am having issue with my dyndns.org:8081 to brows from inside of network. I have an Oracle Server and this server i can access from outside of network through dyndns.org:8081 but when i am in local Lan…

Looking for suggestions on how to find the cause of tcp communication failures. I have some systems running "behind" a DomU SG UTM Firmware version: 9.714-4 on a XCP-ng 7.6 hypervisor with an AMD Opteron 6220 CPU. Everything works fine. Specifically…