Hi,
I have a firewall rule for my devices that are not connected to the internet and have Sophos Endpoint installed. With this rule, these devices only connect to Sophos services and pull Endpoint updates and communicate with Sophos Central.
The configuration of this rule is as follows:
Source zone and Source networks and devices are in "Any". My Destination zone is WAN. Destination network and devices are FQDN Host group. This FQDN Host group contains 4 FQDNs.
*.sophos.com
*.sophosupd.com
*.sophosupd.net
*.sophosxl.com
Allowed services are HTTP,HTTPS and PING.
Every features under "Security features" and "Other security features" tabs are disabled.
I can successfully pass all the tests made through the Endpoint Self Help Tool. Everything is green. No warnings or errors and I can do my updates very successfully.
Now let's come to the problem. There is no problem with Live Response feature on my devices that access the internet normally, but I cannot use the Live Response feature on my devices that can only access the internet with the rule I explained above.
In Sophos Central, Live Response is turned on for both computers and servers, and my user is Super Admin. However, I cannot use the Live Response feature on devices that do not access the fully Internet. When I move the cursor over the Live Response button, it says "The device is not currently online".
Do I need to add a different FQDN or service to use the Live Response feature?
Thanks in advance for your help.
This thread was automatically locked due to age.
