Reflexion will be End-of-life on March 31,2023. See Sophos Reflexion EoL FAQs to learn more.
HelloI have searched and can see others have this issue, however none of the solutions have worked for me so far.I have followed the steps at https://docs.sophos.com/nsg/sophos-firewall/19.5/Help/en-us/webhelp/onlinehelp/AdministratorHelp/RulesAndPolicies/NATRules/RulesPoliciesCreateDNATAndFirewallRulesForInternalServers/index.html#specify-the-nat-rule-settings to create the following policies, with the intention of allowing WAN -> LAN traffic the specified ports:
NAT Rule:
Sophos Public Address is an IP 192.168.0.90
Valheim Server is an IP 172.16.50.110
Firewall Rule:
The service 'Valheim' is defined as:
The packet captures I have been getting are as follows:
(apologies for drop-packet as an image and not plain text)
Any help would be greatly appreciated
Firewall Rule has to be Sophos_Public IP and your Server as Zone in Destination Section.
And the NAT Rule is not applied. The Service is off: You need to change the Source Port to 1:65500 to include the high ports.
__________________________________________________________________________________________________________________
Hi - thanks for your response!I have made the following adjustments:Service is now TCP&UDP 1:65500 / 2456:2458I'm not sure I understood your directions on the firewall rule correctly, but I have done the following:Destination Zone is now WAN, and Destination Network is Sophos Public Address.I have run some further packet captures and am still seeing the Violation / Local_ACL result.
The Firewall Rule should be: DMZ Zone and Sophos Public Address.
Hi againI've tried the each of following configurations on the firewall rule, all to no success - I still see Violation / Local_ACL on the packet capture.
Destination Address
(Game_Server_Zone is a LAN zone, I created Game_Server_DMZ as a DMZ zone just for testing purposes)
Is there something somewhere else I may have gotten wrong that I should check?