Invalid Traffic between LAN devices

Invalid Traffic is most likely not an issue. https://docs.sophos.com/nsg/sophos-firewall/18.5/Help/en-us/webhelp/onlinehelp/AdministratorHelp/Logs/LogViewer/InvalidTrafficEvents/index.html

Most likely a application issue. And the firewall logs the closure of the application. 

I'm still suffering with this problem of not being able to reach the NAS from one specific machine and I'm convinced that this is a problem with the XG125. Additionally, I just recently discovered that I have another machine that cannot reach the NAS. I have a Canon MFP that I used to be able to scan documents and have them saved to a destination directory on the NAS. With the XG125 in place, that functionality does not work. As a test, I reinstalled my old router that I replaced with this XG125, a Cisco RV325. When the Cisco is used instead of the XG125, all the machines can connect to the NAS with no problem. As soon as I plug the XG125 back in, the Windows machine and the MFP can no longer connect. WTF!!!

I don't know what you're trying to get me to find but I compared three workstations, two Win11, one Win10, and the network properties all look the same across all the tabs, with the exception of the NIC properties, of course.

What I am asking about is the WINS settings - Advanced TCP/IP NETBIOS settings - default.

Ian

Ok, settings on the WINS tab are identical on all three machines

In that case you need to start capturing the traffic so you can review where it is failing.

How is your network connected to the XG?

Ian

The firewall should not be involved in this scenario. It is a LAN to LAN Segment (Broadcast to the same domain). 

Can you show us your LAN interfaces? 

Well, i don't know how much it'll help. As I mentioned originally, the ports are all bridged, but here it is.  

How many devices connect directly to the XG and how many switches are you using?

Ian

i won't be able to do any traffic captures until the weekend, but the network layout is very simple. The NAS is connected to port 8 of the XG125, The WAP is connected to port 5, all other wired devices are connected to an HP J956a 16port switch, which is connected to port 1 on the XG125. My intention for putting the NAS on a specific port was eventually I wanted to perform some creative routing for the NAS but I have to be able to access the NAS from all the devices on the LAN before I can ever consider creative stuff with it.

It looks like you need to enable Permit ARP broadcast.

Permit ARP broadcast hasn't helped either. I hate this POS firewall. I finally gave up and moved the NAS to a port on the HP switch and now the workstations can see the NAS again. Anyone want to buy an XG125 piece of *** firewall? You'll find it on ebay for 10 bucks or maybe at my local garbage dump (i'm not so bad of a person to subject anyone else to this kind of torture).  Life is too short to waste so much time on something that should work in a simple configuration out of the box. Goodbye Sophos, and good riddance. Never again will I waste my time and money on your products, personally or professionally. I'd rather put my entire network directly on the internet without any firewall rather than continue to fight with this piece of ***.!!!!!!!!! Don't bother replying either, I won't be back to read your response.

Permit ARP broadcast hasn't helped either. I hate this POS firewall. I finally gave up and moved the NAS to a port on the HP switch and now the workstations can see the NAS again. Anyone want to buy an XG125 piece of *** firewall? You'll find it on ebay for 10 bucks or maybe at my local garbage dump (i'm not so bad of a person to subject anyone else to this kind of torture).  Life is too short to waste so much time on something that should work in a simple configuration out of the box. Goodbye Sophos, and good riddance. Never again will I waste my time and money on your products, personally or professionally. I'd rather put my entire network directly on the internet without any firewall rather than continue to fight with this piece of ***.!!!!!!!!! Don't bother replying either, I won't be back to read your response.

There are two different situation. You could actually disable two different things as well: 

https://support.sophos.com/support/s/article/KB-000038900?language=en_US

Or try to disable the fastpath: 

console> system firewall-acceleration show

But anyway, you did not create a support case i guess? Because the community is not a support channel.