OUTSTANDING understanding on web control & App control and rules and policies, cleared all funda lan to wan filtering
@MikeFaucher3 жыл бұрын
Great to hear.
@duyennguyenthi16043 жыл бұрын
Very good and funny videos bring a great sense of entertainment!
@MikeFaucher3 жыл бұрын
Thank you.
@rodnizer33884 жыл бұрын
Sorry Mike was late getting to this video. Thanks for putting it out.
@MikeFaucher4 жыл бұрын
No problem. Thanks for the feedback.
@arvindgupta54574 жыл бұрын
Thanks MIKE very CRISP and informational Video.... Thanks once again...
@MikeFaucher4 жыл бұрын
Awesome, glad you like it, and thanks for the feedback.
@GavinSteiner3 жыл бұрын
This is so valuable. Thank you Mike!
@MikeFaucher3 жыл бұрын
Glad you found it useful. Thanks for the comment.
@satamototo3 жыл бұрын
Very good brief video, thanks Mike. Can you enlight me where to turn on and how to configure UPnP and if there are SQM or CAKE QOS?
@MikeFaucher3 жыл бұрын
For security reasons, UPnP is not supported. To the best of my knowledge Sophons uses its own QOS protocol which can be found under System Services, Traffic Shaping. You will see a bunch of predefined rules and can create you own as well.
@Liv4IT3 жыл бұрын
Pretty nice video thanks 😊
@MikeFaucher3 жыл бұрын
Thanks for the feedback. Appreciate it.
@samueladuamah-yeboah81793 жыл бұрын
Hi Mike, I have an XG 125 with Lan setup on port 3 with a all the Office friendly web and App filters , now i have a new network setup on port 4 for a residential setup which will need a much relaxed web and App filters or to allow youtube,social media and other Streaming services running, how do i set this up?
@MikeFaucher3 жыл бұрын
It very much like setting up VLAN but you just need to setup Port 4 with a new network. Setting up a VLAN is the same as a physical port except for all the swtiches and items plugged into Port 4 will get the addressing from that network. Good luck.
@azeezyusuf88283 жыл бұрын
Very informative. Thank u so much!
@MikeFaucher3 жыл бұрын
Glad it was helpful! Thank you for the feedback,
@JasonLeaman3 жыл бұрын
No uefi boot :( bummer. Spent 3 days trying tonget this to work on a HP Dl20 :(
@kabwealex90942 жыл бұрын
Hello Mike Faucher, I have one sophos firewall, and i'm facing one issue, I'm connecting my network to one of my customer network via interfaces on LAN zone both, normally the customer's server should be able to ping me and me also I should be able to do so, but the issue is that, I cannot ping my customer server, while he can ping me. Could you please advice on the mentionned issue? I'm lost, I do not understand what i'm missing actually.
@MikeFaucher2 жыл бұрын
Not 100% sure of your configuration but are you both on the same subnet address such 192.168.X.XXX? If you are, both attached to the same zone and the same subnet it should work, however, if you are on different ranges, you will need firewall rules to allow traffic. On a side note, I would not recommend you and your customer being on the same firewall but if you have too, make sure that each network is on a separate interface (physical or VLAN) and that you are on the primary network. For example, 172.16.16.XXX you, and 192.168.10.xxx for them.
@kabwealex90942 жыл бұрын
Hello @@MikeFaucher , with my customer, i'm connected directly by p2p IP /30, and actually I can ping his IP(/30) but not his server, while he can ping me. I'm sure I had the route both for in and outbound. should I add some route policy? The traceroute from his side showing that is taking same path, on my side it's stopping by my firewall. Not that my server is reachable from internet via a public IP, so I configure also the DNAT(Business Application rule), seems like this DNAT rule is taking advantage on all other rules and it's not allowing the outside ping.
@Gab3ssz833 жыл бұрын
Hi Mike! Could you explain what is the purpose of the traffic to Internal zones firewall rule? And why did you delete it?
@MikeFaucher3 жыл бұрын
The rule for internal traffic allows traffic to pass through various internal subnets such as VPN, DMZ and other networks. My objective is to build it up from scratch and control what has access to what so I typically delete the default rules. It is easier to troubleshoot what is not working rather than trying to verify if something is allowed to communicate that maybe you do not want to.
@samueladuamah-yeboah81792 жыл бұрын
Hi i am thinking of disabling wan on my sophos xg but if i do how can i access the web interface when i am not on the lan
@MikeFaucher2 жыл бұрын
LAN or direct connect using the Ethernet port is the way. Just curious why you want disable WAN? Defeats the features of the firewall.
@TheAgrianas3 жыл бұрын
Fantastic!
@MikeFaucher3 жыл бұрын
Thank you. Appreciate it.
@kachwahed22383 жыл бұрын
very useful! thank you sir
@MikeFaucher3 жыл бұрын
Appreciate the feedback.
@Sky13 жыл бұрын
I am at 71% memory with 4 Gigs or ram, upgrading it but I think my version will only recognize 6 is that correct?
@MikeFaucher3 жыл бұрын
It will recognize 6 gigs.
@amitsharma-rm3ir3 жыл бұрын
Hi Mike, Do you have the image of Sophos xg
@MikeFaucher3 жыл бұрын
You can download it for free at www.sophos.com/en-us/mysophos/my-account/network-protection/download-installers.aspx. Just create the account and answer a few questions.
@renjithknair77244 жыл бұрын
hello i need a help with two wan isp for two seperate zone . WAN1 for zone1 WAN2 for zone2. How we select the primary gateway for each zone in v18 sfw.
@MikeFaucher4 жыл бұрын
Create two default NAT rules. One will route all traffic from Zone 1 (Not sure what you are defining as Zone 1) to one ISP (WAN Port) and the second will route zone 2 to the other WAN Port (iSP 2). Remember that V18 separate firewall and NAT rules. So even if you have two LANs going through a firewall wall rule, your NAT rule can route each the way you want. It is actually easier in V18 for this type of configuration.
@amitsharma-rm3ir3 жыл бұрын
@@MikeFaucher correct me if I am wrong.....for this issue we have to perform configuration in SDWan and over there we may select any ISP link as primary and secondary
@zaluq2 жыл бұрын
Would you make one showing how to time restrict childrens computers and phones internet time and webfiltering aka youtube and games ?
@MikeFaucher2 жыл бұрын
Unfortunately I moved away from Sophos about 3 months ago so I can't do any more videos on the topic.
@zaluq2 жыл бұрын
@@MikeFaucher thx for answer, are you recomending something other now ?
@MikeFaucher2 жыл бұрын
@@zaluq I still really like Sophos, but I had issues when I went to a 1Gig internet connection with IPS/IDS and filtering enabled, and it was cutting my speed to about 600K. Even after upgrading the hardware, I could not get the full speed, so I upgraded to the UniFI Dream Machine Pro SE, which handles it just fine. I would not have upgraded if I could have gotten full speed.
@renjithknair77244 жыл бұрын
Thank You and appreciated
@MikeFaucher4 жыл бұрын
Thank you for the feedback. I appreciate it.
@renjithknair77244 жыл бұрын
@@MikeFaucher please make brief video about webproxy and dpi engine. Because DPI is the main advantage of new sfos v18. Also we can reset the traffuc count manually from firewall rules. In sfos v17 it was not possible.
@MikeFaucher4 жыл бұрын
@@renjithknair7724 I will, it is on my list of feature videos I want to do. Thanks for the suggestion.
@btw_iam_mominmhamza3 жыл бұрын
Dear Sir, The way you teach is very impressive,highly appreciated. Bundle of thanks. Technical Support Engineer Momin Mohammad Hamza IJ CONNECTS Islamabad, Pakistan.
@MikeFaucher3 жыл бұрын
Thank you very much for the feedback. It is appreciated.
@AFiB19992 жыл бұрын
Thank you Sir!
@MikeFaucher2 жыл бұрын
My pleasure. Glad you liked it.
@AFiB19992 жыл бұрын
@@MikeFaucher Would be posible make a video about setting up a PIA VPN? Im transitioning from pfsense to Sophos but I cannot find a good tutorial on how to. Thanks and please keep up with those awesome videos
@MikeFaucher2 жыл бұрын
@@AFiB1999 The reason you can't find a tutorial is I do not think they support it. I will look into it but last time I checked they did not support third-party VPN relays. PIA will work with your clients to pass through but will not configure on the firewall to the best of my knowledge.
@AFiB19992 жыл бұрын
@@MikeFaucher Got it! Thanks Mike!
@stepaheadsolutionsinc.73903 жыл бұрын
Hi Mike, How are you? Gone through all the videos you had posted it was very helpful for all as I'm new to this Firewall configuration, I had few couple of queries for which i need support from you, Using BYOL I configured my firewall XG V18 in AWS at the same time i created another instance Windows 2012 R2 and deployed sophos endpoint agent I try to see the security heart beat but it is missing can you help me in this to fix. Thanks Nandakumar
@MikeFaucher3 жыл бұрын
Thanks for the input. I am not sure I understand your exact configuration however heartbeat is only available for the paid version. It is one of only two features that require a full license to use. Assuming you have a paid subscription, then I would would reach out to their tech support to they could examine your exact settings. If you are using the free version (XG) you will no see the heartbeat. Hope that helps.
@p.a.sudayanga73084 жыл бұрын
Sir how to download new firemware ?
@MikeFaucher4 жыл бұрын
You have install the latest version of 17.5 which you can get from site. After the install it will update to V18.
@liliankim7763 жыл бұрын
Character In the video It's great, I like it a lot $$
@MikeFaucher3 жыл бұрын
Thanks
@p.a.sudayanga73084 жыл бұрын
sir please upload next video
@MikeFaucher4 жыл бұрын
Thank you I am working on a couple of them, any particular topic you are interested in?
@p.a.sudayanga73084 жыл бұрын
@@MikeFaucher Sir I am new to sophos firewall, can you make a video for strangers that includes everything? All facts included.
@andreasweiss85934 жыл бұрын
@@MikeFaucher Hello! I found your videos very interesting, because I also decided to setup a firewall. Thank you so much for your detailed explanations. But after watching all your videos about the XG Firewall, reading all your articles on thedocsworld.net/home-network/ I still have troubles configuring the XG Firewall to forward VPN requests so that my QNAP-NAS will answer. I'm running the XG Firewall in Bridge-mode as you explained and I am able to access the XG Firewall via VPN but not my QNAP-NAS. Would it be possible to show us how to configure the XG Firewall especially for a QNAP-NAS (e.g. using PPTP, L2TP and QBelt)?
@MikeFaucher4 жыл бұрын
@@andreasweiss8593 I will put it on my list of future videos. Than you.
@hendramvp44883 жыл бұрын
Saya jadi selesnya di Indonesia
@MikeFaucher3 жыл бұрын
Sorry, not sure what you are asking.
@armaGKU3 жыл бұрын
thank you so much for the tutorial, very useful!
@MikeFaucher3 жыл бұрын
Great to hear. I have a few more on my list for the future. Thanks.