Hi Karl Baltazar, Currently, we do not have any reports to meet your requirement. Please submit a feature request to have this report included in the future versions.
↧
Forum Post: RE: List of Computer Name with IP
↧
Forum Post: RE: Sophos heartbeat not working
hi, i am connecting directly from my LTE router and am not using xg firewall , meaning am connecting outside my organization but its the same not connecting
↧
↧
Forum Post: RE: XG85 SSL VPN test internal with same network - join a drive to a directory on a joined drive error
Hi Patric, The VPN connection from LAN will not work , it has to be connected to WAN interface from the external network.
↧
Forum Post: RE: Cannot establish NTLM authentication channel with Domain
Hi Noushad , As mentioned on your other post the issue is a known bug and would suggest you to move to SFOS for the fix
↧
Forum Post: Event 2887, Event 2889 on Domain Controller
Hello. I have a Sophos UTM running version 9.509-3. At the domain controller the above events are logged. I attached the files. The IP address logged belongs to the UTM. It is configured (Definitions & Users-->Authentication Services-->Servers) to use the domains controllers to synchronize AD users. Does it have to do with UTM settings? Regards (Please visit the site to view this file)(Please visit the site to view this file)
↧
↧
Forum Post: RE: 17.0.8 MR8 is out... Hundreds of "VPN Down" logs in just an evening ... Imagine how many I received since 17.0.8 was installed.
I thought I had posted this somewhere but realized I did not. My IKEV2 tunnels have been very, very stable. I had some issues with one router but it looks like that may be resolved as well. I just checked my logs and I have not had a single site out of 24 drop in the past 7 days. Prior to reconfiguring my tunnels like I am going to show you, they were dropping multiple times every day. This configuration was a lot of work but it appears to have fixed my issue. I worked with support for several hours on this and they were outstanding. I asked if this was documented anywhere and was told that they were in the process of doing this. You have to create two IPSEC policies. One for initiators, and one for responders. You cannot have two sides set as an initiator or they will continually fight each other to build the tunnel. Sophos' recommendation was to set the smaller site to initiator and the larger (headquarter) site as responder. This is backwards to my thinking but their reasoning is that initiation takes more resources than responders so make the smaller site take that workload. Here is my IPSEC Policy for Initiators (larger sites) Note only DH Group 14 & 16 are selected for Phase I. Here are my responder settings: On the IPsec Connection for initiators, you have to set the gateway type to Initiate the Connection and policy to the initiate policy you previously created. On the IPsec Connection for responders, you have to set the gateway type to Respond only and policy to the Respond policy you previously created. Hopefully this resolves your issues like it did mine. We had to modify 24 different routers each with 24 tunnels for a total of 576 connections and knock on wood, so far it has been working very well and was worth the effort. I have restarted multiple routers and have only had a couple of tunnels that didn't come back up. The vast majority came right back up after a minute or two.
↧
Forum Post: RE: XG85 SSL VPN test internal with same network - join a drive to a directory on a joined drive error
But on the UTM it was possible from LAN. Is it not possible when I activate the LAN zone for SSL VPN under Administration -> Device Acess -> Local Service ACL ?
↧
Forum Post: Hollow Process - VeryPDF PDF2Vector Converter stopped by Intercept X
We use a tool called VeryPDF to convert files to swf. Now Intercept X stops this process because of 'HollowProcess'. So what to do now? Is VeryPDF untrusted? Is it a false positive?
↧
Forum Post: RE: Accept Terms and Conditions Page not Displaying for some Customers
You should get a ticket open with Sophos Support, Aaron - this is not a configuration issue. Hopefully, there's a better solution than taking a config backup, installing from ISO and restoring. Please let us know what you learn. Cheers - Bob
↧
↧
Forum Post: RE: REMOVAL OF SOPHOS HOME ON MacBook Pro
Hi Tanya, Please refer the article Sophos Anti-Virus for Mac: How to uninstall and let me know if this helps resolve your query.
↧
Forum Post: RE: FOG Server PXE Boot Issues.
Hi Neil, Please allow me to check on this and get back to you. In the meantime, it would be helpful if you could say which Sophos product are you using (Model number)?
↧
Forum Post: RE: 17.0.8 MR8 is out... Hundreds of "VPN Down" logs in just an evening ... Imagine how many I received since 17.0.8 was installed.
Hello BrianH Thanks for you answer . I'll criate the policy and schedule with the end customer any time to drop the tunel em apply the new policy Update after we have some news Thanks again
↧
Forum Post: RE: Please, help me PUA On-access to detect in Sophos Linux
[quote user="DouglasLeeder"] As you can see from the popup - that is a detection on a file (in the mozilla cache). Nothing to do with the network connection or the URL being fetched. [/quote] Thats right For detect URL I have the Firefox and uBlock Origin protection. From the VirusTotal link you can see the detection for signature ( phishing ) in file " Dropbox sign in.html ". Thanks
↧
↧
Forum Post: RE: Sophos Endpoint Intercept X 2.0 impacting Performance - slow?
Ok. If i ask to sophos team via a ticket we can apply this update to our group sooner?
↧
Forum Post: RE: Can't access NVR or CCTV cameras on internal Vlan from Internet
can you draw a topology, because nobody answered. That means nobody understood
↧
Forum Post: RE: Version 17.5 or 18.0
While it's not exactly what you want, it does give some insight in terms of what to expect in future versions of XG. Hope it helps. (Please visit the site to view this file)
↧
Forum Post: RE: Additional addresses on one uplink interface, not accessible to other uplink interface
Have you reconfigured the Comcast IP in UTM, I mean Disabling enabling UPLINK recently? Because i think the DNAT rule has changed, instead of destination "WAN1" has changed to "Uplink Interfaces" Take a look of DNAT Rule
↧
↧
Forum Post: RE: Suddenly flooded with "Policy non-compliance: Exploit Detection" alerts
Hi Andy, Are these messages still appearing non-stop, or just showed up once per device after the changes were made? Please have a look at the What to Do Section from the article below: Policy non-compliance: [Component] message displayed in the Sophos Central Admin Have the machines been updated/restarted since the policy changes went thru? If not, could please test forcing a Sophos update on a few of them, and rebooting to see if that alleviates the issue? Otherwise, for testing purposes, can you confirm if removing the Java exception changes this behavior at all? (As in does the message go away after removing the exception?) One more question if I may, are there multiple policies including this Java exclusion (or multiple paths for the exclusion itself)?
↧
Forum Post: RE: Some Sophos services are not running/missing
What scenario of the 2 I mention in my previous post do you have? Is this issues following initial deployment or much later, I.e the computer has been running OK for a while. Which service(s) and therefore component(s) are you having an issue with? Even if you just take the first 5 computers with the issue. The only known issue I am aware of is the failure for the device encryption service to occasionally fail to start. Regards, Jak
↧
Forum Post: RE: How to block ICMP Echo Reply with UTM 9.
Hi, I switched to the xg firewall home. But the problem remains the same. Greetings and thanks.
↧