Hi there,
I'm running the AWS Quickstart cloudformation templates for Sophos UTM 9 for an evaluation of the product as a transparent web proxy. This all works fine and is quite straight forward.
An additional requirement is to enable outbound traffic for logging, which is to be sent to our monitoring tool datadog.
For this we must enable outbound tcp connections on ports 10514 and 10516 to intake.logs.datadoghq.com (ref datadog network config for logs collection)
I've created and enabled the following firewall rule (permissive obviously for debugging)
Source: Any
Service: 10514 / 10516
Destination: Any
Action: Allow
Advanced/Log Traffic: Enabled
I've tested connectivity from the tester EC2 instance and it shows the outbound connection as permitted however it does not work as the telnet client hangs pending connectivity.
aws.amazon.com/.../
34 package(s) needed for security, out of 54 available
Run "sudo yum update" to apply all updates.
[ec2-user@ip-10-100-101-170 ~]$ telnet intake.logs.datadoghq.com 10514
Trying 52.206.235.241...
<hangs />
I've checked the AWS security group and route table for the OGWs - all protocols are permitted and 0.0.0.0/0 routes to the internet.
Telneting to 80/443 for the domain works, so DNS is resolving correctly.
With the exception of web filtering configuration there has been any other modification to the Quickstart CF templates.
Questions
- Is the above the correct configuration for enabling outbound tcp traffic on a specific port?
- Is there any other configuration required within Sophos UTM?
- Are there any AWS config changes that might be required?
Any suggestions or assistance would be much appreciated
This thread was automatically locked due to age.
