Sophos XG Firewall Web Interface Reference and Admin Guide v16.5

| System | 501

Time

You can set the time and date to the device's clock or synchronize the device with a Network Time Protocol (NTP) server.

1. Go to System > Administration > Time.

2. Current Time displays the device time and date.

3. Select the Time Zone based on the location in which the device is deployed.

4. Select from the following options to choose how you set the time and date:

• Use pre-defined NTP server (pool.ntp.org). The device uses NTP version 3 (RFC 1305). Click to Sync Now.

• Use Custom NTP server. Enter the IPv4 address or IPv6 address or domain name. You can configure up to 10

NTP servers. At the time of synchronization, the device queries the configured NTP servers sequentially until it receives a valid reply from a server. Click to Sync Now.

• Select Do not use NTP Server to configure the date and time based on the device’s clock. Set the date and time.

Figure 464: Setting Device's Date and Time

Notification Settings

Notification Settings allows you to configure the mail server IP address, port, and email address to send and receive alert emails.

The device allows you to configure email notifications for system-generated events and reports to inform the administrator about:

• Change in gateway status

• Change in HA (high availability) link status (if HA cluster is configured)

• Change in the state of IPsec tunnels

1. Mail Server Settings

Click to Send Notifications Via:

Built-in Email Server

Select if you want to use the built-in Email Server in the Device to send system-generated emails.

External Email Server

Select to configure an External Email Server to send system-generated emails.

1. Specify the Mail Server IPv4 Address or FQDN Address and Port Number. Default Port: 25

2. Select Authentication Required to authenticate the user before sending an email. Specify Username and

Password.

3. Select Connection Security mode to be used for establishing a secured connection between an SMTP client and the SMTP server for SMTP mail notification. Available Options:

• None

• STARTTLS

• SSL/TLS

Default: None

4. Select a Certificate to be used for authentication by the SMTP client and the SMTP server.

Default: ApplicanceCertificate

| System | 502

Figure 465: Mail Server Settings

2. Email Settings

Enter the sender and recipient email addresses.

Figure 466: Email Settings

3. Email Notification

Select IPsec Tunnel UP/Down to enable receipt of email notifications if IPsec VPN tunnel connectivity is lost.

Email alerts are sent to the configured email address.

An email is sent only when Host-to-Host and Site-to-Site tunnel connections are disconnected for one of the following reasons:

• A peer is found dead (DPD)

• Failed to re-establish connection after Dead Peer Detection (DPD)

• IPsec Security Association (SA) is expired and is required to be re-established.

• IPsec tunnel comes up without administrator intervention after losing the connectivity.

Note:

• An email is sent for each subnet pair in case of Site-to-Site connections with multiple local/remote networks.