Important note about SSL VPN compatibility for 20.0 MR1 with EoL SFOS versions and UTM9 OS. Learn more in the release notes.

Two site URLs, 1 public IP, PAT to test server on 443

Port forwarding rule


I have an external ip address (PortB:8) currently used for a production website on port 443.

I would like to be able to access a test web server via the same public IP via port 65443 and translate to port 443 at the server.

i.e. goes to public IP on port 443 which NATs to server 1 on 443

I’d like to set to go to public IP on 65433, and then PAT to 443 to the test server 2.

External DNS, both and point to the same IP address.

There is an existing Firewall rule for port 443 and a NAT rule to send it to Server 1


I have created a firewall rule allowing port 65443


And a NAT rule taking 65443 and PAT to 443 to server 2

But when I test the connection in an external web browser it says the site can’t be reached.


I have read and watched so many guides I’m losing my mind.  I have deleted and rebuilt the rules a dozen times with no improvement. 


Any help is greatly appreciated.

Added TAGs
[edited by: Raphael Alganes at 1:41 PM (GMT -7) on 18 Apr 2024]
  • Hi Ian McGuinness

    Please check with Public static IP URL you are trying to access is working or not ? What is DNS lookup result pointing to WAN  IP of Sophos XG firewall ?

    Do packet capture under MONITOR & ANALYZE || Diagnostics || Packet Capture passing from the same firewall rules and drop packet will help you to point you in the right direction to check the issue.

    Post the service object created.


    "Sophos Partner: Networkkings Pvt Ltd".

    If a post solves your question please use the 'Verify Answer' button.