Secure your Sophos Network: Use Network Groups for Trusted Remote Hosts.

My primary concern lately as my internet presence has grown has been in the general realm of security. How do I know that no one is accessing my port-forwarded server? How do I know that no one is logging into my router? […] An easy answer to this has always been limiting inbound connections to trusted hosts; But that’s not always an easy solution. Most consumer routers don’t even support this (correct me if i’m wrong) and in most firewall applications it can be cumbersome to append and manage trusted…

Read More

How to fix Sophos UTM 9.4 install.tar wasn’t found on the installation media

I’ve been deploying Sophos Virtual Appliances recently and so I was presented with a bit of a challenge when the install was failing on physical hardware. Error: install.tar wasn’t found on the installation media. Error: install.tar wasn’t found on the installation media. This happens because during part of the installation process. the USB drive is un-mounted and needs to be mounted again. It also expects to find install.tar at /install/install/install.tar and so we must mount the device to the /install path.   You don’t need to be a wizard to…

Read More

Sophos UTM Country Blocking: Oops!

Background: My girlfriend has an AirBnB service for a spare room in her home. I have a Sophos UTM appliance running her home network. Okay! Last night my girlfriend received a text on behalf of our guest stating that the WiFi wasn’t working. We were out for pizza + beer, so we didn’t exactly rush home to check it out. […] This morning we got word again; “the WiFi isn’t working, they say they need to use the WeChat app” I logged in to the Wireless AP and it checked out. It’s…

Read More

How To: Set up Client VPN Remote Access on Sophos UTM for iOS, iPhone, iPad

The iPhone supports IKEv2, IPsec, and L2TP Client VPN. Sophos UTM supports SSL, PPTP, L2TP over IPsec, IPsec, and more VPN protocols. For this guide, we are going to use iPhone’s L2TP VPN Client to remotely connect to our Sophos UTM. To start, log in to your Sophos UTM and select the “Remote Access” section Click L2TP over IPsec for compatibility with iOS   Enable the protocol by toggling the switch to “enabled” Choose Authentication Mode: Preshared key Create a secure key and repeat it 2x below Assign IP address…

Read More