I have followed the video guide for DNAT on https://www.sophos.com/en-us/support/products/xg-firewall/how-to-library.aspx#NetworkConfiguration
But inbound packets are being dropped even though I'm pretty sure everything is correct. There is no alias involved so the DNAT should be traffic on TCP 444 from the WAN to #port3 is forwarded to an internal host called "pth-idr"
The firewall rule is:
The DNAT rule is:
Service is setup as:
I have to use the console to view the drop logs but when filtered to the source host on the internet it shows the packets are being dropped...
2021-12-01 12:31:07 0103021 IP <source IP>.51995 > <destination IP>.444 : proto TCP: S 1720371234:1720371234(0) win 64240 checksum : 57340
0x0000: 4500 0034 788b 4000 7306 f69a a7b3 81b9 E..4x.@.s.......
0x0010: 31ff 3d32 cb1b 01bc 668a c822 0000 0000 1.=2....f.."....
0x0020: 8002 faf0 dffc 0000 0204 05b4 0103 0308 ................
0x0030: 0101 0402 ....
Date=2021-12-01 Time=12:31:07 log_id=0103021 log_type=Firewall log_component=Local_ACLs log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=Port3 out_dev= inzone_id=2 outzone_id=4 source_mac=<Source MAC> dest_mac=<destination MAC> bridge_name= l3_protocol=IPv4 source_ip=<Source IP> dest_ip=<Destination IP>l4_protocol=TCP source_port=51995 dest_port=444 fw_rule_id=N/A policytype=0 live_userid=0 userid=0 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=0 hotspot_id=0 hotspotuser_id=0 hb_src=0 hb_dst=0 dnat_done=0 icap_id=0 app_filter_id=0 app_category_id=0 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 nat_id=0 cluster_node=0 inmark=0x8003 nfqueue=0 gateway_offset=0 connid=2989602752 masterid=0 status=256 state=1, flag0=824635817984 flags1=17179869184 pbdid_dir0=0 pbrid_dir1=0
Anyone have any ideas?
Many thanks in advance.
Barry
This thread was automatically locked due to age.
