Support access

Use the Support access page to allow a Sophos Support team member to temporarily access your firewall for troubleshooting purpose.

Support access enables the Sophos Support team member to connect to the web admin console of your firewall without requiring admin credentials. When the feature is enabled, an access ID is generated, using which the support team member can access your device. The admin needs to share this ID with the support person.

When Support access is enabled, support can access your XG Firewall over HTTPS on TCP port 22 from the WAN. All connections between XG Firewall and support are initiated by your XG Firewall.

Specify the following:

  1. Enable the support access on Sophos XG Firewall under Diagnostics > Support access and click the toggle switch.
  2. Confirm the enable message with OK.
  3. From the drop-down menu Grant access for select the time the access is valid.
  4. Click Apply to update the settings.
  5. Click OK.
    Sophos XG Firewall establishes a secure control connection to APU (access proxy for UTM) and negotiates a unique access ID.
  6. Communicate the Access ID to the support.
The support uses this access ID to sign in to your XG Firewall. The control connection remains established until the specified time, which is displayed next to Access until.
You can disable the connection manually any time by clicking the toggle switch and confirming the disable message with OK.