Sophos Firewall v22 EAP is now available! Click here to learn more.
Sophos Firewall v22 EAP is now available! Click here to learn more.
This is actually a very generall question. I often spend hours to trace a problem within the Firewall Rules and Policies, if there is blocking rule then I am actually able to find it fast in the log viewer.
But if there is no rule then I mostly go trough endless trial an error sessions.
For example I have a camera which was on port 86 with HTTP only. So I switched it for a new one which has HTTPS, so I changed the port from 443 to 440.
I opened the port in my DSL Router just as the other so I am pretty sure it comes in. But chaning it in the Firewall and NAT rules did not help.
So my question is how would I trace this problem?
Hi DAENG,
Thank you for reaching out to Sophos Community.
Assuming you're able to access Camera internally on port 440 == https://<local_camera_IP>:440
You can check the following things on XG to narrow down the reported issue.
==> Ensure that you've configured service with source port: 1:65535 and destination port:440
==> Login to SSH > 4. Device Console and run below command.
console> tcpdump 'port 440
and then try to access camera on puclic IP == https://<public_IP>:440
==> You may check drops with below command.
console> drop-packet-capture 'port 440
==> If you're able to see un-replied packets on XG for destination port 440 then try to apply SNAT as 'MASQ' in the NAT rule.
Quote