How Do I set up my Sophos XGS firewall?

Sophos XGS firewall is known for it’s blistering speeds and ease of use. But setting up a firewall can be a little intimidating for those who have limited experience with the. So as a service to our many Sophos customers, Corporate Armor is going to walk through the set up of a new firewall, from unboxing to unleashing. For our purposes, we will ‘set up’ a Sophos XGS 87.

Let’s get started

After unboxing your Sophos XGS firewall, make sure and connect your LAN interface (computer) to port 1, and your WAN interface (internet) to port 2 on the back of the appliance. You will automatically be assigned an IP address in the 172.16.16 subnet range.

Now go to the Sophos web UI using the default IP address, HTPS port # 4444. Accept the warning message, then you will see a Welcome screen. Click the End User and Privacy Agreements, read every word (yeah, right), and agree. You know the deal. Then, click Start Setup.

Now the fun starts

You will be asked to create a new admin password, and then click Continue. At this point, a ‘Name and time zone’ screen will come up allowing you to name the firewall. Once you’re done with this page, ‘Register your firwall’ comes up. Enter the firewall serial #, or you can continue without registering (for 30 days).

After that, it’s time to create your Sophos ID (or sign in, if you already have one). The registration and verification process is recognizable and straightforward, so we won’t explain it here.

Once your Sophos ID is created, you will be shown a simple screen with your Sophos applications. It will say something like, “My Sophos,” “Sophos Community,” and Support Portal.”

At this point, click back on the “Register your appliance” tab (it will still be open), and click Sign In. Complete the Captcha and fill in the additional info on the next screen, then click Continue. Click what they tell you to. Then, once registration is confirmed and completed, you will see ‘Registration Successful!’ Click Initiate License Synchronization.’

Once that’s done, you’ll see the screen saying ‘Basic setup is complete.’ You will also see a list of your licensing features, along with their expiration dates. Click Continue.

We’re making progress!

The next page will show you the ports on the appliance. You are able to select and de-select the ports that need to be configured as LAN zone. You can also (optionally) change the IP address of port 1 and it’s DHCP range and subnet. If you want. Click Continue.

The ‘Network protection’ page gives you the option to set up permissions for users. You can come back and do this later, also. It enables protections for traffic.

Next comes Notifications and backups. It’s pretty self-explanatory. Then click Continue. Next, you will see a Configuration summary. Click Finish. The firewall will re-boot, using the new configurations from the Wizard. After a few minutes, you will be shown a Welcome page, where you can enter your new Username and Password.

Once you’ve done this, it will ask you to ‘Create the secure storage master key,’ to encrypt sensitive information. Click Create key. You will be prompted to create your secure storage master key. DO NOT lose your secure storage master key.

Almost there

Once you have received the subscription or renewal license key for the Sophos XGS firewall, you can log in to the same Sophos ID customer portal you saw earlier (with your Sophos applications listed). Click on My Sophos. On the next page, click Network Protection on the left side, then click View Devices underneath it. Then click on the serial number of the correct device.

On the next page, there will be an Add Subscription button at the bottom right. Click it, then enter the license key in the box provided, then click Verify to apply the license.

On the main Sophos UI tab (still open), click Administration down on the left side, then click the Licensing tab up top. Then click on the Synchronize button over on the right. There are some nice FAQs on the following screen,

Congratulations! You now have a functioning Sophos XGS firewall. We hope this has been helpful, although it’s a pretty simple process, really. If you have any other questions about setup, operation, or pricing of your firewall, switch, access point, or anything else, just email us or call Corporate Armor at 877-449-0458. Thanks for reading!

Learn more with our original content!

The cyber-implications of the Ukraine War for the rest of us

Russia rattles its’ Cyber-Saber: What could they do to us?