Forum Post: RE: Faster IPSEC shut down
I've set up SDWAN routes, and failover is definitely faster (<15 seconds when defaults are modified) - however, I'm seeing sessions stick on the IPSEC tunnel interfaces. For instance: I have 2...
View ArticleForum Post: SOPHOS TO SOPHOS CONNECTIVITY AND WAN FAILOVER USING LOOPBACk
GREETING!!! 1. I have site-1 and site-2 with there own sophos xg firewall connected to wan link on port-8, port-1 is on lan, and port-f1 uplink is connected on both sides. so what rule should i create...
View ArticleForum Post: RE: WAF (Reverse Proxy) without Logon for internal Networks
Hallo Peter, Use split DNS and set up a separate Virtual Server on an Additional Address of your Internal interface. Cheers - Bob
View ArticleForum Post: RE: When the vendors HowTo's are not rebuilding the reality or...
Seems, the Sophos-Artice is OK ... Do you really do the part "Select Subordinate Certification Authority for your template" from "Open the CSR file you downloaded from Sophos Firewall, and copy the...
View ArticleArticle 12
"The client is available for download, and has been distributed to SFOS firewalls via pattern updates. " you can download it from the Config-Page of your UTM look at the VPN pages for Download Sophos...
View ArticleForum Post: Need a faster way to transfer UTM to XG objects (got 20,000)
I'm migrating from a UTM to a XG firewall manually. There is an insane amount of network, host and service objects and this is a very time-consuming process prone to human error. I know there is a...
View ArticleForum Post: RE: UTM Web Protection opening vlan seperation of the Firewal
Hallo Rene, I don't know what "Half Transparent" means. A Transparent Mode Web Filtering Profile will also respond to a Standard Mode access. You may be able to solve your problem for a short time by...
View ArticleForum Post: RE: DHCP Log of an XGS3100
Moving this thread to the proper forum for you, Roy. Cheers - Bob
View ArticleForum Post: RE: IPS, the firewall,RED networks, and bypassing for MSFT IPs.
Hi Dave, Yes, I would put the RED networks in both places. My IPS Exception is simple, but maybe something has changed in the last 14 months as we stopped using Teams regularly about then. Still it...
View ArticleForum Post: RE: Endpoint Protection Error Certificate Chain could not be...
Hi Kheir, Thank you for reaching out to the Sophos Community Forum. I suggest checking if automatic updating of root certificates is disabled on the affected device. You can find further information...
View ArticleForum Post: RE: IPS, the firewall,RED networks, and bypassing for MSFT IPs.
Thanks Bob! For Teams right now, I have 5 CIDR networks defined. Out of curiosity, what are the ".....Responses" in your screen grab for Services?
View ArticleForum Post: RE: Need a faster way to transfer UTM to XG objects (got 20,000)
It sounds like you are a partner if you have used the migration tool before... I would just use the migration tool. I've not seen any issues with things broken other than NAT rule issues (which we...
View ArticleForum Post: RE: SSPService, high memory usage in win10 - multiple systems
Sorry I missed the reply, given it grows so quickly I would run: wpr.exe -start VirtualAllocation Leave it for 3 minutes while growing, then run: wpr.exe -stop C:\ VirtualAllocation.etl if you give...
View ArticleForum Post: RE: Windows Server 2022 Remote Desktop Services Outlook security...
Outlook Trust Center shows antivirus status as unavailable - Outlook | Microsoft Docs
View ArticleForum Post: RE: XG135 - SFOS 19.0GA-317 ignored firewall/NAT rules and policies
Hello Anderson, Once you have the Case ID please share it with me so I can follow up. I would recommend you to follow the steps I provided in the post above as well. Regards,
View ArticleForum Post: Syslog format SFOS 19.0
Hello! There is a doc to describe new syslog settings for SFOS 19.00? Here is real syslog from Web Content policy: device_name="XG210" device_id=XXXXXX log_id=050901616001 log_type="Content Filtering"...
View ArticleForum Post: RE: Sophos XG V19
I have created the SDWAN profile and routes but nothing positive yet. do I need to creat a NAT rule for the my Wi-Fi firewall rule to a specific outbound port?
View Article