We'd love to hear about it! Click here to go to the product suggestion community
I have a customer with an XG135W SFOS 17.0.6 MR-6 and they need port forwarding set up.
Very simple, in fact it couldn't be more simple. Port 4235 needs to go to one of their servers.
Checked on the internal LAN that the port is open on the receiving machine - telnet 192.168.x.x 4235 Connection is fine
But from an external address it does not reply to telnet <WAN IP> 4235
If I get rid of the mapped service and set that to ANY, I can make this telnet connection.
Also, if I search my logs for any connections to 4235 it finds nothing, so troubleshooting is impossible.
Set up DNAT rule.
Source Zone: WAN (also tried ANY)
Allowed Client Networks: ANY
Blocked Client Networks: None
Destination Host: WAN PORT
Services: TCP Source 4235, Destination 4235
Protected Server: Internal server IP
Protected Zone: LAN
Change Destination: unticked
Unticked Rewrite source address, Create Reflexive rule
Log Traffic Ticked.
I've been on this for hours, and frankly am starting to look useless in front of my client and this really should be a five minute job (Cisco Accredited engineer). I was thinking of moving my customers to Sophos but on what I've seen so far it's over complicated and buggy. Have also replicated the same problem on a spare XG210 I have in the office.
I'd really appreciate some quick help with this this morning.
This is solved through Sophos Support and I shall update this case in the hope it saves someone else the waste of time I've had.
In the Service that I set up for the port 4235.
Source Port is *
Destination Port is 4235
This seems completely wrong to me, but that's how it works.
Hope that helps.
In reply to Neil Lough:
This Sir has been a GOD SEND!... I am just testing out SOPHOS and have encountered many ISSUES to SIMPLE configuration request and shitty documentation. I agree with your premise that his setup makes no sense, but when has that ever stopped anyone.
Thank you again!