Does the order of Sophos UTM "Network Protection" firewall rules matter at all?!?!?! On my sophos utm, the "Network Protection" firewall rules are as follows (summarizing) Top Rule = deny PrivateIP#1... any protocol... to any external ip (block…

Hello. I am using UTM version 9.7. I have configured a web server inside with UTM's WAF. But when I access the site from outside, I cannot see the site properly because of garbled characters like Arabic characters. Can someone please lend me some…

For all searching for this Problem with Teams not showing the calender app using hybrid szenario. Refering to this basic guide: Sophos UTM: Create WAF to allow traffic through Exchange 2016 using the MS Connection Tool: https://testconnectivity…

What is the best way to block all traffic to .zip TLD via UTM9? Normally I would use web filter profile with regex, but that isn't working. I've already blocked via intune where applicable, but that doesn't cover all devices.

Hi, I am having issue with my dyndns.org:8081 to brows from inside of network. I have an Oracle Server and this server i can access from outside of network through dyndns.org:8081 but when i am in local Lan…

Hello all, Having some issues with a pair of SG-330's running in HA Active-Passive mode. When I get Node2 powered on it stays on for about a minute, begins Synchronizing, and then powers off with seemingly no warning. When I power Node2 on without…

Hello all, May be a silly question, however, in the IPS service: Do we need to include the RED networks for remote offices as well? Similarly, do they (RED networks) need to be listed in the Firewall rule for Teams and the like: Finally, besides…

Hi, yesterday (sunday) at 3 am SNORT stopped to work with the result that internal nets couldn't reach Internet anymore. In the logs I found FATAL ERROR: Failed to load /usr/lib/snort/so_rules//file-java.so: /usr/lib/snort/so_rules//file-java.so:…

Hello everyone! we have a newly deployed Remote Desktop Gateway Server (on Windows Server 2019) installed in our environment and I was successfully able to publish it through our UTM 9 WAF. Unfortunately, by doing this I am only able to get RPC-HTTP…

Hello Community, I have a special testing scenario: We have setup DSCP values on our Computers for Microsoft TEAMS, e.g. DSCP 46 for audio port 3478-3481/UDP. In our test we want to use DSCP only internal in our LAN/WLAN. So, the UTM must rewrite DSCP…

Hi everyone, im thinking about buying a Sophos UTM9 Appliance and i wanted to know which method of nat it is using (Full-Cone, Symmetric, Restricted-Cone or Port-Restricted Cone). Sadly I didnt find any information on this topic. Can someone tell…

Hello, I have weird problem. I have new server with ESET PROTECT and I am trying to update users endpoint antivirus, but it is not working because firewall is blocking eset urls. I am using exception list for eset and when I try Policy Helpdesk it is…

Hi, I'm seeing this logs on our SG 430 9.705-3 2021:02:02-09:57:08 firewall-2 ulogd[12675]: id="2104" severity="info" sys="SecureNet" sub="ips" name="ICMP flood detected"...... 2021:02:02-09:58:05 firewall-2 snort[3052]: WARNING: SMTP memcap exceeded…

How many RED devices can be connected to each UTM model (in HA configuration) ?

Hello, The intention here is to put all the mobiles phones onto an SSID Guest network (VLAN7?) with no access to the business IT assets, while leaving an SSID MGMT (untagged) for the laptops. How do I configure the SG115 UTM to only allow VLAN7 access…

Hello I'm using Sophos UTM SG210 with Two ADSL Lines (Slow Uploads) , that make sending emails take very long time, and i plan to add a 3rd 4G line (very fast Upload, but Limit Quota), the two ADSL Line interface work in Load balancing, are…

I have a domain and would love to be able to access my UTM from that domain as a subdomain. Something like firewall.mikesdomain.com. How would I go about doing this and what ports would I need to open up? I can already access my webadmin and the user…

Hi, I'm running several Sophos UTM's at different places. Some in business environments, one at home with the home use license. When configuring DNS I used these two guides and that worked Pretty well. https://community.sophos.com/kb/en-us/120283…

Hi, We need to publish a new mail server for a new domain, but we want to publish it with it's own public ip. The story :) We have Sophos UTM to manage mail protection for our principal domain, let say example.com The public ip for the UTM is…

Hello all, I'm seeing a lot of bounces on the mail manager, and I'm hoping you can help me narrow down the cause. I've got 3 WAN interfaces and a bunch of extra public IP addresses assigned to them. x.x.x.83 is the default ip address of WAN-X2 and the…

Hello All! Does anyone know why a SNAT rule needs to be configured for Radius when sending the traffic over a IPsec connection? To my understanding IPsec should simply encapsulate the packet and send it out the of the WAN interface with a destination…

OK, here is my dilemma. I have my AD setup the way I want. When I do Lite Touch, and Zero Touch deployments with my MDT servers, the tasks place the computers in specific OUs based on the role the computer deployed is going to do. I have GPOs that apply…

So I have successfully been able to establish a ssl site to site between two offices. I have added the local networks from each site to the ssl config and can see the firewall rules have been auto added. However I'm not able to reach some workstations…

We recently discovered that our UTM was blocking packets that we needed for VoIP. RTP packets were being discarded because IPS detected a UDP Flood Attack. The issue was difficult to find because the UTM was only discarding a relativly small number…

Hi all: I have implemented a Mikrotik RB2011 series router/firewall that works great with the exception that I have realized the Mikrotik firewall is very lacking compared to the UTM firewall that was on the old Fortinet router/firewall. I'm thinking…