I'm finishing the deployment of a Sophos XGS 136 client, some NAT publications were made so that both externally and internally, users can access the web server (http) and the DVR that manages the surveillance cameras, everything ok.
But I also created a NAT for a Leucotron switchboard, the externally published port is TCP 10987, falling into the SIP port (5060) of the switchboard on the LAN.
It just doesn't work, even if the user is external, with another internet link, as well as internally. I've recreated the NAT and firewall rule several times, but it doesn't work, I'd like some help trying to identify what's wrong, because before it worked normally, with Full NAT, in a Sophos UTM9 VM. I'm attaching the images of the NAT and
Firewall rules in this case. Thanks !
Hi IvanildoGalvão,
Try disable SIP module using CLI
Option 4. Device Console
and execute
console> system system_modules sip unload
And check again your SIP connections
Regards,
Carlos
I did this, but the problem persists.
If you had a full nat, you also need a full nat on SFOS. Change the SNAT translation to MASQ and try again.
__________________________________________________________________________________________________________________
It didn't work either, follow images of the rules again.
Any other suggestions ?
Would recommend to create a support case.
I did this as soon as you gave this guidance. Did not work. Below are which modules are currently loaded.
console> system system_modules showpptp loadedh323 loadedtftp loadedirc loadeddns loadedsip not loaded
Yes, I opened a case on the support portal. I hope I can solve it, because generally Sophos technical staff here in South America have a very low technical level.
I've solved several problems here, than by Sophos support.