• How to do a Port Translation in a SOPHOS UTM 9

    Here is a step by step help article on how to do a port translation in a SOPHOS UTM 9 for RDP Step 1: Log into your SOPHOS UTM 9 appliance and go to "Definitions & Users" Step 2: Click on "Network Definitions" Step 3: Click "New Network…
  • Blocking PopCorn Time

    Hi, Im looking into the option to block Popcorn Time. It's not under the application control. One of you have any idea's?
  • Port Forwarding on RED

    Hello, We have three devices in our network. ADSL Router: WAN IP - 185.168.41.75 (static) LAN IP - 192.168.1.1 RED10: WAN IP - 192.168.1.2 LAN IP - 50.50.50.1 CCTV DVR: Port - 91 LAN IP - 50.50.50.233 We would like to…
  • Publish FTP Server

    Hello, Sorry but I am new to Sophos and I'm running in to a bit of trouble when trying to set up a rule to access our ftp server on the LAN, from the WAN. I am using a Sophos UTM 9 with the latest patches, and an IIS 8.5 as an FTP server. …
  • Pages don't fully load and/or load extremely slowly

    I'm having issues with my home-use UTM. I set it up a few weeks ago, but ever since I did many webpages either won't load, won't load fully, or take forever to load. I noticed on the firewall log there is a lot of drops that seem like replies from the…
  • UTM 9 and Cisco ASA 3030 IPSec VPN

    Dear all, First I would like to say HI to you all and I am looking forward to be a part of this Community. So as Subject describes I am fighting with IPSEc VPN connection to the Cisco ASA 3030. I have to say that Cisco is not in our control so we…
  • Blackhole route for IP, still having portscan alerts

    Hi, i get more and more frequent portscan alerts running for multiple hours. I would like to block them manually on an IP basis. I created a network group populated with bad IP addresses and implemented this as a blackhole route, but still having…
  • Web Browsing stop for a few minutes

    Hi, We are facing an issue on one of our UTMs, It has 4 wan interfaces, one is the main link with 50mbps. Sometimes usually in the morning or early afternoon the internet browsing stops, we can ping but cannot browse internet pages. We've tested the…
  • UTM SG 115 won't connect to Internet

    I have a brand new Sophos SG 115 appliance The WAN interface connects directly to my Comcast cable modem and gets a DHCP address (I do not have a static IP address from Comcast). My SG 115 uses the Internal IP of 192.168.2.1 IP settings on my…
  • Firewall Default DROP IGMP - how to allow?

    Hi all, I'm troubleshooting an issue with google Chrome Cast and I suspect my issue is with IGMP. I have two APs, setup in Access Mode and I'm seeing a lot of Default DROP IGMP entries in the FW Logs. 09:33:05 Default DROP IGMP …
  • MAC FIltering Question

    Hi all, I'm trying to do MAC filtering for a client. However, I'm not sure if what they're asking is possible. They want to give me a list of MAC addresses to whitelist to the Internet, then blacklist any MAC address not on that list. I can make firewall…
  • Additional Interface not pingable when it says up in WebGUI (DNAT)

    Hello, I've recently come across a problem that in my eyes makes no sense, I have been trying to get DNAT to work with a new DMZ server. We have an additional server in the DMZ already, fully functioning. I've tried copying every single rule and configuration…
  • Plex Media Server not working with DNAT

    Howdy folks. I have read a few other posts on folks configuring a DNAT for a Plex Media Server behind UTM. I've tried and beat my head against this, but it simply isn't forwarding traffic. What gives!!?!?! I have a network object defined for my Plex…
  • Connect external offices each others

    Hello All, We are migrating to Sophos SG330, I have some doubts because there is not corrispondence between Cisco Asa and Sophos. I would like to permit to our branch offices to communicate each other. We use IPSEC VPN tunnel. I think I should create…
  • Remote access SSL VPN not working

    Hi folks. I am trying to establish a Remote Access VPN tunnel on my newly deployed UTM 9 Home. The configuration for the SSL VPN is pretty straightforward and I've followed all of the instructions that Sophos published here . The remote browser gives…
  • Issue with throughput - IPS exception do not work

    I have a problem with bandwith when IPS is ON and exclusion is used, which do not work, as i get the same speed with or without exeption ON. Copy from ftp to video IPS off: Copy from ftp to video IPS on with exception: IPS exception: Copy…
  • Limit total bandwidth used by UTM external interface

    I've got a Sophos UTM running V9.317-5 connected to a 20Mbps leased line. I want to stop the UTM from using more than 16 Mbps when downloading from external locations, as I have other devices connected to the leased line, and I want to prevent the UTM…
  • Create a firewall rule at position 1 even when there are automatically created rules associated with NAT entries?

    How do I make a firewall rule the position 1 rule, even before the automatically created firewall rules associated with NAT entries? Firewall rules that were automatically created with NAT rules have the lowest positions so any user created firewall…
  • DROWN Vulnerability: Blocking SSLv2 with UTM9

    Hello, I would like to write a firewall rule to drop all SSLv2 traffic attempting to travel through our UTM because of the DROWN vulnerability . We have a couple of servers susceptible to the attack and it would be nice to first block the attack at…
  • Sophos UTM as default route on core switch

    Hi, I have a network with multiple vlan. the default gateway of each is the core switch. and all traffic must be routed to sophos utm vlan 36 192.168.36.0/24 gw: 192.168.36.1 (core) vlan 37 192.168.37.0/24 gw: 192.168.37.1 (core) sophos internal…
  • Since 9.354/355: Mobile devices on WiFi or Cellular networks can no longer send emails with attachments to internal ActiveSync server.

    Reference: We are using the SG230 at UTM 9.355001 with Full Guard as of 12:35AM today. Our UTM appliance manages all inbound and outbound and internal traffic. Issue: Since we have deployed 9.354 (and all updates since), all of our mobile devices…
  • Router behind Sophos UTM

    Hi, I have clients behind a router behind a sophos UTM which I am trying to get internet access but not sure where to go from here. My setup is below: Sophos UTM Connected to Modem (which connects to internet) LAN IP address of 192.168.1.1/30…
  • Branch Office connected via MPLS, can't get to internet.

    I Just hooked up a branch office up via MPLS and I am a bit stumped I have a Laptop plugged in on the Branch office MPLS router, it sees my main office, and vice-versa, but I can't get to the internet from the branch. I added a static Gateway…
  • Kommunikation zwischen zwei Netzen (NAT) | Communication between two networks (NAT)

    Hallo Community, Ich kenne mich leider mit dem Thema Sophos Firewall wenig aus. Beispieldarstellung: Ich habe 2 Interfaces (eth2 und eth4 an den vorderen Anschlüssen angeschlossen), welche in der Firewall auch angelegt sind (Interfaces & Routing…
  • Sophos UTM and IPv6 ICMP packets

    As one of the lucky (or unlucky) ones to be on IPv6, I have noticed while the firewall blocks traffic through from the outside world, it doesn't seem to block ICMP packets to local devices. The firewall itself doesn't respond to ICMP, but if I ping…