I believe I have everything right but I cannot see traffic in the firewall logs and I cannot get remote access to ether media server. NAT Rule : Port 2 is WAN, Port 1 is LAN, Synology is a local IP Any Suggestions? I already called my ISP and they confirmed the port is open and my ISP modem has port forwarding enabled to my Sophos firewall. ISP to Modem, Modem to Sophos WAN on 192.168.x.x, Sophos Lan to Network device on 10.x.x.x

Hi, you will have a double NAT which more than likely is confusing the issue. DO you really need your ISP in router mode, why not use bridge mose? Ian

This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Port Forwarding Question - Plex or Embry

DaniellsFirewall 5 months ago

I believe I have everything right but I cannot see traffic in the firewall logs and I cannot get remote access to ether media server.

NAT Rule : Port 2 is WAN, Port 1 is LAN, Synology is a local IP

Any Suggestions? I already called my ISP and they confirmed the port is open and my ISP modem has port forwarding enabled to my Sophos firewall.

ISP to Modem, Modem to Sophos WAN on 192.168.x.x, Sophos Lan to Network device on 10.x.x.x

This thread was automatically locked due to age.

Top Replies

rfcat_vk 5 months ago +2 verified

Hi, you will have a double NAT which more than likely is confusing the issue. DO you really need your ISP in router mode, why not use bridge mose? Ian

0 Erick Jan 5 months ago
Hi,

Thank you for reaching out to Sophos Community.
I would recommend to do a traceroute from the client side and also checking tcpdump from the firewall side .

Kindly check where the packet traffic stops

Test also on different port

Check the Firewall Rule

kindly check the fillowing which might assist you

Sophos Firewall: CLI Troubleshooting Tools
Erick Jan
Community Support Engineer | Sophos Technical Support
Sophos Support Videos | Product Documentation | @SophosSupport | Sign up for SMS Alerts
If a post solves your question use the 'Verify Answer' link.
Cancel
Vote Up 0 Vote Down

Cancel
+1 rfcat_vk 5 months ago

Hi,

you will have a double NAT which more than likely is confusing the issue. DO you really need your ISP in router mode, why not use bridge mose?

Ian

XG115W - v20.0.2 MR-2 - Home

XG on VM 8 - v21 GA

If a post solves your question please use the 'Verify Answer' button.
Cancel
Vote Up +2 Vote Down

Cancel
0 DaniellsFirewall 5 months ago in reply to rfcat_vk

I put my modem in bridge mode, and I think it's working, I will test a bit more and confirm.

One question, I have worked with Watchguard firewalls for about 16 years as an MSP consultant and I'm just now switching over to Sophos.

During that time, I have run across many small (less than 500 users) clients who were not best practice and had double NATs and would not turn on bridge mode.

Historically all I had to do on a WG firewall was port forward what I needed from the modem to the firewall, and everything was hunky dory if a bit nonstandard. I never once ran into an issue like this, so it threw me off and I didn't expect Sophos to just ignore the traffic it was receiving.

I could see before bridge mode with Wireshark that the modem was sending the packets to Sophos but Sophos log viewer didn't show them, so they just disappeared.

What is Sophos doing that WG does not that causes it to fail when using port forwarding? If all I did to fix it was turn on bridge mode, then shouldn't a port forward have worked unless Sophos is doing some form of validation and ignoring the traffic if its double natted?
Cancel
Vote Up 0 Vote Down

Cancel