Hello Mantas Lenza , with the Deployment Packager you'd have to set Sophos as Secondary update location (and use some syntactically valid but unresolvable HTTP URL as Primary). Christian
↧
Forum Post: RE: How to configure Sophos Endpoint and Server for Windows (AV-only) installer
↧
Forum Post: RE: Multi Tenant Site to Site RED
as you are a Partner, you can ask your Account Manager or your regional Presales engineer.
↧
↧
Forum Post: RE: Change SSL VPN Port
Sad it's not fixed yet. My users run into an issue with being behind a 80/443 only portal a couple times a month and I can only say, "sorry, the NEW firewall doesn't support this the way the old one did - yet." Makes me look awesome for upgrading. Love it! *facepalm*
↧
Forum Post: Business Rule with Destination Network a Red Link
Hi Business Rule/Destination Network includes all interfaces except RED. How to you add a RED interface to the list? I cannot get traffic incoming on RED forward out of another interface.
↧
Forum Post: RE: How to configure Sophos Endpoint and Server for Windows (AV-only) installer
Thanks for link Christian.
↧
↧
Forum Post: RE: Installation fails while updating - Windows Pro 64
I assume that Sophos AutoUpdate gets installed and you get a log file under: C:\ProgramData\Sophos\AutoUpdate\logs\ Can you provide the SophosUpdate.log file? Regards, Jak
↧
Forum Post: RE: https inspection - decrypt and scan using public cert?
Hi David and welcome to the UTM Community! Please PM me your email for a copy of "Configure HTTP Proxy for a Network of Guests" and then come back here to make suggestions for improvements. Cheers - Bob
↧
Forum Post: RE: CISCO VPN broken after XG 17 release
I am sorry dna but I had to change my configuration to resolve the issue at least by workaround, and I am unable to share logs right now. I basically switched my VDSL modem from bridge to router mode and now the modem establishes the WAN link with my network provider and gets dynamic IP instead of XG firewall. Certainly this required assigning also a static IP for the modem on its LAN interface and assigning static IP on the WAN interface of XG firewall. As the XG has now static IP on the WAN interface - the problem is resolved. Certainly this means that I have double NATed connection now, which is maybe not very convenient with regards to port forwarding, but also is not a big issue for me. At least my VPN works ok :) Basically it looks now like below: VDSL MODEM (PPPoE) XG Firewall LAN switch
↧
Forum Post: RE: SNMP is not working on UTM 9
Hi Joshua and welcome to the UTM Community! Please show pics of your UTM SNMP configuration. Also, does doing #1 in Rulz provide any insight? Cheers - Bob
↧
↧
Forum Post: RE: SNMP is not working on UTM 9
I have tried to add the External WAN to the allowed networks field with no result or change in behavior. The current allowed network I have listed in the allowed networks is the public IP address of our network monitor. The hosts/networks in the previous screenshots were for testing. Ideally, we will only have the one labeled Skyhawk Netman as an allowed network. To define what each is: Skyhawk Netman - External to network, bandwidth monitoring server Skyhawk - Dude - External to network, PING monitor (Used for up/down alerts for non-Mikrotik devices.) Skyhawk Office - External to network, ONLY for testing from my physical location. FPCBR01 - Internal to network, internal server. Used to do some testing for our RMM tool. To address the lack of VPN concern: Our thought process on why an IPSEC tunnel is not necessary at this time is that we are trying to only allow the IP from our network monitor, also using a non-typical community string, and we have not interested in writing to the box, just querying interface statistics. It would be a completely different story if any one of those three reasons changes. As our needs evolve (Or if it is required to expose the box to more than just our monitoring IP.) we will certainly look at something .
↧
Forum Post: RE: CISCO VPN broken after XG 17 release
AdamMickiewicz thanks for the feedback anyways, i'll update this thread when i can tell more about the fate of the problem.
↧
Forum Post: RE: SFM / License expired message
Hi Sachin That is also no solution. See below, I receive only the alarms of the expired license: Following alert(s) were generated as per the Device time 2018-01-08 15:01 and time zone - Europe/Zurich configured in Device. The Web Protection license for device with serial number xx is expired. The Email Protection license for device with serial number xx is expired. The Enhanced Support license for device with serial number xx is expired. The Sandstorm license for device with serial number xx is expired. You have received this alert by subscribing for SFM Appliance InstaAlerts. To unsubscribe/modify alerts login to SFM or contact your administrator. best regards, Simon
↧
Forum Post: RE: Cliets show againt 5.7.220 what's meen?
Still 5.7.2 here...
↧
↧
Forum Post: Remote Desktop not routing to correct computer from outside
This is my first post on the site, so please bare with me if I don't make sense. I just installed Sophos UTM 9 (Home version) and love what I see and have things working except for RDP from the outside world. I'm using DynDns for a public IP address and have set that up in the DynDNS section of DNS. I also created these two DNAT entries for the computers that I want to RDP into. I'm using FQDN in my remote desktop app... BI-75HF1.domainname.com and BI-75HF2.domainname.com. When I turn on both of the RDP entries and turn on the DynDNS entry. I can only RDP to the first server HF1 not the second one, HF2. Yes the image shows HF2 as turned off but when I was attempting to connect, I had it open. The issue is when both of them are turned on and I try to connect to HF2 it automatically connects me to HF1, even though I use BI-75HF2.domainname.com in the address field of the RDP app. Also thought I would add what my DynDNS configuration looks like in case I missing something in there. (Again showing off but was on when trying to RDP) Any help would be greatly appreciated.
↧
Forum Post: APs SNMP
Hello. I'm trying to monitor via SNMP SOPHOS Wireless APs, without success... Does anyone know if SOPHOS APs have SNMP enable/MIB definitions/or something else? Any enterprise product should have a way to monitor it. Thanks, Mattia Trussardi
↧
Forum Post: RE: I do not find the Sophos Home version 1.2.11 for Windows according to article "Kernel memory issue affecting multiple OS: How to confirm you have the Sophos update"
Perfect, my sophos home client now version 1.2.11 reards Thomas
↧
Forum Post: RE: Can't reach admin interface from SSL VPN
Hello. I find out that on the SSL vpn config file (downloaded from the firewall) the "comp-lzo" parameter is always set to "no" (also on other firewalls we manage) although on the SSL vpn configuration parameters the "use compression" is flagged. Maybe on old firmware versions client and server used to negotiate that parameter: not now with new firmware releases. I have to manually set "yes" in the configuration file or disable compression in the VPN ssl config to make things work right again. Mattia Trussardi
↧
↧
Forum Post: sounds daft
been nearly 9 months can’t get rid hijacking all pcs and tabs etc killed 2 hhd files changing etc admin rights wiped formatted still came back looked in my repair drive X win nt on a win 10 ethos connections to boot help fella thinks i’m chasing ghosts thx
↧
Forum Post: RE: Meltdown and Spectre
Hi Paul Jr, Please continue to follow our KB article for updates. It has been updated over the weekend regarding rollout dates. Cheers, Karlos
↧
Forum Post: RE: Netflix 4K and v17
[quote user="Michael Dunn"]Application control sees the video stream as a video stream. I don't think it detects it as the NetFlix application. I've looked at it - the HTTP request don't even have a User Agent that declare itself to be NetFlix, there is very little at the layer7 that can tell this is NetFlix (and not some other video stream). ... So layer7 (eg deep packet inspection) cannot detect the Netflix video stream [/quote] And yet SG sees this as netflix doing layer7 Heck even a chinese router knows what netflix is and we are running NGFW that doesn't know netflix and thinks its file transfer? Wasn't the reason for moving from iptables to snort openAppID was to get better control and more insight into the traffic. Whats the point of having synsec, snort openAppID, and being called NGFW if the firewall doesn't know netflix? If I have to run an agent on my endpoint and then say foo is generating netflix traffic then we are not moving forward at all and my firewall with all its bells and whistles is as dumb as a 15 year old NAT router. Sorry for being completely off topic but just because XG can't do it doesn't mean it can't be done. Edit: Forgot to add the insight provided by XG on the traffic my roku is generating hmmmm, I wonder who is transferring all those files???? Great news, very little streaming media traffic so everyone is being productive. Oh never mind, its roku streaming Netflix or amazon or hulu or who knows what. better start running whois on those IPs that we have in that colorful report[:#]
↧