Important note about SSL VPN compatibility for 20.0 MR1 with EoL SFOS versions and UTM9 OS. Learn more in the release notes.

This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Doorbird connected to Sophos XG with no external access

First of all, I am a noob with Sophos and definitely not an expert at firewalls. You patience is appreciated.

My issue is that before the Sophos XG was put in place a month ago, DoorBird had no issue being accessed from the internet. No port forwarding required. I see nothing being blocked in the Firewall log or Web Filter log. I have seen one other discussion about this but the fix wasn't posted to it. I have tried creating a firewall rule to allow all traffic from the DoorBird IP to the internet with no filtering but that did not change anything. It is usable from inside the LAN.

Any thoughts would be greatly appreciated to figure out why it is not connecting correctly.

Thank you!



This thread was automatically locked due to age.
Parents
  • Hi,

    does the door bird talk to an external server where you control the door bird from?

    I have reviewed doorbird and it requires high speed internet access to a central site where you control the door bird from. Your previous internet access more than likely had allow all out and then you connected to it via the app on your phone.

    Ian

    XG115W - v20.0.2 MR-2 - Home

    XG on VM 8 - v21 GA

    If a post solves your question please use the 'Verify Answer' button.

  • It does talk to an external server where you can watch videos from the camera and so forth. There is a website I can visit to see if it is online but it is constantly offline.

  • You need to create a firewall rule for the doorbird ip with allow all and logging enabled. Use the proxy and tick allow all. The review logviewer based on the ip added of the doorbird to see which ports it uses and sites it visits.

    ian

    XG115W - v20.0.2 MR-2 - Home

    XG on VM 8 - v21 GA

    If a post solves your question please use the 'Verify Answer' button.

Reply
  • You need to create a firewall rule for the doorbird ip with allow all and logging enabled. Use the proxy and tick allow all. The review logviewer based on the ip added of the doorbird to see which ports it uses and sites it visits.

    ian

    XG115W - v20.0.2 MR-2 - Home

    XG on VM 8 - v21 GA

    If a post solves your question please use the 'Verify Answer' button.

Children
  • I will give it a try. Thank you! I will report back.

  • Here is the rule I setup. I can't test until tomorrow but if anything looks wrong, please let me know. As always, much appreciated.

  • Hello,

    I have the same error. The Doorbird doesn't get a connection with the XG-Firewall.

    Have the same rule:

    Additional I added an SSL/TLS Inspection-Rule:

    But I see a lot of errors in the log:

    And I also see this in capturing mode - the Local-ACL-violation is strange:

    This is the detail-view:

    Packet information
    Ethernet header
    Source MAC address:1c:ca:e3:7b:0c:8e
    Destination MAC address: ff:ff:ff:ff:ff:ff
    Ethernet type IPv4 (0x800)
     
    IPv4 Header
    Source IP address:192.168.0.60
    Destination IP address:255.255.255.255
    Protocol: UDP
    Header:20 Bytes
    Type of service: 0
    Total length: 49 Bytes
    Identification:0
    Fragment offset:16384
    Time to live: 64
    Checksum: 31192
     
    UDP Header:
    Source port:3074
    Destination port: 35344
    Length: 29
    Checksum: 47622

    So I don't know what to do. I changed the doorbird hardware but with the new part it's still the same problem. So I think it's an FW-Error.

    Please - is there anyone with a solution?