I'm finishing the deployment of a Sophos XGS 136 client, some NAT publications were made so that both externally and internally, users can access the web server (http) and the DVR that manages the surveillance cameras, everything ok.
But I also created a NAT for a Leucotron switchboard, the externally published port is TCP 10987, falling into the SIP port (5060) of the switchboard on the LAN.
It just doesn't work, even if the user is external, with another internet link, as well as internally. I've recreated the NAT and firewall rule several times, but it doesn't work, I'd like some help trying to identify what's wrong, because before it worked normally, with Full NAT, in a Sophos UTM9 VM. I'm attaching the images of the NAT and
Firewall rules in this case. Thanks !
Try disable SIP module using CLI
Option 4. Device Console
console> system system_modules sip unload
And check again your SIP connections
If you had a full nat, you also need a full nat on SFOS. Change the SNAT translation to MASQ and try again.
It didn't work either, follow images of the rules again.
Any other suggestions ?
Would recommend to create a support case.
Yes, I opened a case on the support portal. I hope I can solve it, because generally Sophos technical staff here in South America have a very low technical level.
I've solved several problems here, than by Sophos support.