Important note about SSL VPN compatibility for 20.0 MR1 with EoL SFOS versions and UTM9 OS. Learn more in the release notes.

This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Port Forwarding Question - Plex or Embry

  • I believe I have everything right  but I cannot see traffic in the firewall logs and I cannot get remote access to ether media server.

    NAT Rule : Port 2 is WAN, Port 1 is LAN, Synology is a local IP

Any Suggestions? I already called my ISP and they confirmed the port is open and my ISP modem has port forwarding enabled to my Sophos firewall.

ISP to Modem, Modem to Sophos WAN on 192.168.x.x, Sophos Lan to Network device on 10.x.x.x





This thread was automatically locked due to age.
  • Hi,

    Thank you for reaching out to Sophos Community. 
    I would recommend to do a traceroute from the client side and also checking tcpdump from the firewall side .

    Kindly check where the packet traffic stops 

    • Test also on different port
    • Check the Firewall Rule

    kindly check the fillowing which might assist you

     Sophos Firewall: CLI Troubleshooting Tools 

    Erick Jan
    Community Support Engineer | Sophos Technical Support
    Sophos Support Videos Product Documentation  |  @SophosSupport  | Sign up for SMS Alerts
    If a post solves your question use the 'Verify Answer' link.

  • Hi,

    you will have a double NAT which more than likely is confusing the issue. DO you really need your ISP in router mode, why not use bridge mose?

    Ian

    XG115W - v20.0.2 MR-2 - Home

    XG on VM 8 - v21 GA

    If a post solves your question please use the 'Verify Answer' button.

  • I put my modem in bridge mode, and I think it's working, I will test a bit more and confirm.

    One question, I have worked with Watchguard firewalls for about 16 years as an MSP consultant and I'm just now switching over to Sophos. 

    During that time, I have run across many small (less than 500 users) clients who were not best practice and had double NATs and would not turn on bridge mode.

    Historically all I had to do on a WG firewall was port forward what I needed from the modem to the firewall, and everything was hunky dory if a bit nonstandard. I never once ran into an issue like this, so it threw me off and I didn't expect Sophos to just ignore the traffic it was receiving.

    I could see before bridge mode with Wireshark that the modem was sending the packets to Sophos but Sophos log viewer didn't show them, so they just disappeared.

    What is Sophos doing that WG does not that causes it to fail when using port forwarding? If all I did to fix it was turn on bridge mode, then shouldn't a port forward have worked unless Sophos is doing some form of validation and ignoring the traffic if its double natted?