Hi everyone,
I am migrating my setup from Sophos UTM to Sophos Firewall XG and I've come across this strange issue with my config that I cannot figure out. Hopefully it shouldn't be a difficult one to track down. I've set-up a DNAT for port 22 and 993 (SSH and secure IMAP respectively) using the Server Access Assistant. The assistant also created the reflexive and loopback rules. I can access the IMAP server from outside just fine, no issues. As a background, the firewall has one static public IP and connections to port 993 are routed to the internal server. The internal network has multiple servers, say server 1 to 5. I can access the IMAP server from all the internal servers using the public IP apart from ONE specific server, let's call this server server 3. For this one server I have another DNAT rule (including reflexive and loopback) for port 80 i.e. incoming connections to port 80 are routed to that server. All internal servers have access to port 80 via the public IP.
From server 3 I cannot access port 993 via the public IP. I can however access port 22 from the public IP. I don't understand why is that the case. I have no other strange firewall rules that might be getting in the way and I don't see what makes server 3 special in this regard compared to servers 1, 2, 4 and 5. Any help would be much appreciated.
Thank you!
This thread was automatically locked due to age.
