• Intermittent connection/access to file server

    I have the following set up for my home network: A) Incoming Internet (ISP Modem)----> Sophos UTM ----> WiFi Router / \ All wireless devices File Server/Wired connections The Wi-Fi router is in "Access-Point only" (AP) mode, which, as I understand…
  • Web traffic over IPsec tunnel NAT

    I am having a very strange problem with a 3rd party app communicating through my Sophos if they are coming through an IPsec tunnel. I don't know if this belongs in the IPsec discussion group, the web filtering group, or here because it includes parts…
  • FTPS not allowing directory listing

    Hello, I'm trying to set up FileZilla Server on a server and I'm running into an issue. Everything works fine internally, but when I try and access the site externally, I am able to log in but directory listing fails. I an only imagine I'm missing…
  • Very frequent pattern updates stated 2017/06/26

    On 2017/06/26 my ASG120 went from 1 or 2 pattern updates a week to 10 or 20 a day. Firmware is 9.501-5. Pattern version is 9.24013. Yes,I know this is an old model firewall. As far as I can tell everything is working. Should I be concerned about large…
  • L2TP over IPsec on iOS Fails

    Hello! I have a Sophos SG 310 running UTM 9.501. L2TP over IPsec is configured and working from Mac and Windows laptops, but I cannot figure out how to get it to work on iOS devices. I configured the User Portal and logged into it with an iPhone 7 on…
  • Sophos UTM firewall UDP prot 80 & 443 problem

    Hi All: I got problem with firewall UDP port 80 and 443. Here is the detail information: Our company network is use sophos firewall. And our company need to use other company application just like chat tools :skype. the application server is open…
  • IPv6, Webfiltering and Netflix

    There appears to be an issue with IPv6 and Netflow where on any device, the thumbnails refuse to load, this is the scenario: - 1. IPv4 only and web-filter - All netfilx images load as they should, starting a program works instantly. 2. IPv4, IPv6…
  • Unable to access certain websites from Guest Wireless

    I have an SG 310 running 9.414-2 and have run into a strange problem. There are two specific websites that users connected to the guest wireless are unable to access, but users on the wireless bridged to the LAN can access them just fine. There is only…
  • Effective Masquerading Rule

    Hello, Could anyone help me understand the concept of Masquerading rules? I am not able to wrap my mind around what exactly they do? Also what is the most effective rule to apply for RED networks when running in either split or unified mode? Thanks…
  • Block Metasploit and Wireshark

    Hello, We have a SG105 UTM and 3REDs within our network. All clients are connected to the REDs only. We are wondering if there is a way to totally block applications such as Metasploit and Wireshark sniffing from running within our network?
  • Default Deny Not Blocking Traffic Across Interfaces?

    I'm using the software version of Sophos Home UTM on my ESXi server and have three vNICs added. The connections are my WAN/Internal (192.168.1.0/24 router on this network), Lab (10.10.0.0/24), and Lab2 (172.16.1.0/24). If I set a firewall rule to allow…
  • Youtube & Youtube TV Speed Limited ONLY When Using Chrome

    Hey Guys, Here's the backstory: I recently subscribed to Youtube TV, so as such I've started to use Chrome for watching videos a lot more (Chrome is the only browser Google lets you watch the streaming service on). As such "use a different browser…
  • Release Range AKAMAI

    Good afternoon Mrs. I need to release all AKAMAI ips range on the firewall, but I can not do that because there are many. Any tips or concerns?
  • Odd DMZ behavior?

    I setup a DMZ on a separate physical interface on a SG330; however, I can still ping hosts on all our internal networks. The only way for me to get this to stop is to disable both "Global ICMP Settings" and "Traceroute Settings" under the Network Protection…
  • QOS definem values and limit aplications

    Hello all! O would aprecciate some help from the comunity concerning UTM 9 for home. My setup at home is a ISP internet line with 14MB download and 1MB upload, we have a couple of computers where the kids play, a Apple TV for media streming like netflix…
  • Need help adding IPS Exceptions

    When visiting nfl.com/draft/2017 and clicking on the Tracker tab packets are being blocked and I receive alerts like the following. Intrusion Prevention Alert An intrusion has been detected. The packet has been dropped automatically. You can toggle…
  • VoIP QoS and SIP Protocol Support

    Hello, We've recently switched from analog to a cloud VoIP solution... it's only been a couple of days but there are definitely times where we notice some jitter and drops. We did set up SIP under the VoIP section today but I'm not entirely sure it…
  • Bind IP address from a Pool to MAC address Pool

    Hello, Has anyone figured out a way to bind through DHCP a specific list or pool of IPs (ex. 192.168.1.1 to 192.168.1.20) to a specific list of predefined MAC addresses? The idea is that the MAC addresses in the list or group always get an IP from the…
  • QOS - Still baffled after all these years

    Hi, Every so often I delve into this then give up because my brain starts to hurt. The myriad of posts and articles seem to answer things then other ones seem to say something different. Maybe it has to do with how different people ask questions, so…
  • Firewall port not allowed

    Hello, I have a strange issue because i don't understand it really. On the UTM i have created VLAN based interfaces. I have a server in VLAN 100 and a load balancer on VLAN 200. I want the server to be able to contact the load balancer. When i…
  • Sophos UTM9 Firewall appears to be blocking all dot tk DNS lookups from the LAN

    Sophos SG135 running UTM9.4 If I do an nslookup of dot.tk using 8.8.8.8 as the server from inside my LAN I get timeouts. From another workstation that is connected directly to the ISP it works fine. All other DNS lookups from inside the LAN work fine…
  • DNAT Rule doenst work for Internal Network

    Hey there, we used a mail server behind the sophos with a specific domain. The domain pointed to one of our Interfaces. We used a DNAT-Rule to redirect all mail specific traffic on this interface to the mail server. It worked fine. Now i needed to…
  • SSTP / PPTP on our server

    I've just started using Sophos, and basic functionality works. Unfortunately I'm having issues enabling outside access to our PPTP / SSTP server. UTM doesn't have SSTP at all, and the PPTP requires the use of local users (we already have everything…
  • Allocate bandwidth to a specific device - or prioritize bandwidth to that device over all others in my SG125 UTM9.

    I want to allocate bandwidth to a specific device - or else prioritize bandwidth to that device over all others in my SG125 UTM9. I was pointed to the article on setting up traffic selectors and throttling bandwidth but I couldn't understand how to do…
  • Reset packages

    Hello, I am running an application with persistent connections behind a UTM. I am having the issue that when a user disconnects from that application for some reason, the UTM does not send a reset package to the service. Let me give you an example…