Important note about SSL VPN compatibility for 20.0 MR1 with EoL SFOS versions and UTM9 OS. Learn more in the release notes.

This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

port forwarded packets getting denied

I have a pfSense box between sophos XG firewall and the internet because I wanted to use a VPN to have all traffic going through, I have the port forwarded in pfSense to the XG firewall however the XG firewall is denying the packet, which I didn't even know was reaching the firewall until I enabled the log in settings by sheer coincidence.

 

messageid="02002" log_type="Firewall" log_component="Appliance Access" log_subtype="Denied" status="Deny" con_duration="0" fw_rule_id="0" policy_type="0" user="" user_group="" web_policy_id="0" ips_policy_id="0" appfilter_policy_id="0" app_name="" app_risk="0" app_technology="" app_category="" in_interface="Port3" out_interface="" src_mac="00:50:56:b9:fb:3c" src_ip="198.199.98.246" src_country="" dst_ip="10.6.2.1" dst_country="" protocol="TCP" src_port="49209" dst_port="25810" packets_sent="0" packets_received="0" bytes_sent="0" bytes_received="0" src_trans_ip="" src_trans_port="0" dst_trans_ip="" dst_trans_port="0" src_zone_type="" src_zone="" dst_zone_type="" dst_zone="" con_direction="" con_id="" virt_con_id="" hb_status="No Heartbeat" message="" appresolvedby="Signature" app_is_cloud="0"

 

I've tried multiple ports but they are getting denied with similar messages before even getting to the firewall rule to allow them.



This thread was automatically locked due to age.
Parents Reply Children
  • In addition: if you want to forward specific service from Internet to internal network, use dnat firewall rule as described by:

  • everything is not forwarded to the XG firewall from pfSense at the moment, I was thinking about doing it but haven't done at this time. Currently I only have the port 25810 forwarded and I've tried using other ports as well with the same effect. I am using an internet service, https://www.yougetsignal.com/tools/open-ports/ to test whether the port is open or not and that is the packet that is getting flagged by the firewall in this way, it's not someone trying to access the firewall. I am trying to host a service on the port however the XG firewall is stopping the packets before they can even get to the firewall forward rule that I have setup. Thanks for your help in the matter.