Important note about SSL VPN compatibility for 20.0 MR1 with EoL SFOS versions and UTM9 OS. Learn more in the release notes.

Thread Info
  • State Suggested Answer
  • Replies 3 replies
  • Answers 1 answer
  • Subscribers 39 subscribers
  • Views 263 views
  • Users 0 members are here
Options
Suggested

Sophos XGS 6500 Notification Emails not working

Josh Rogalski

We have a Sophos XGS 6500, we are trying to configure it to send Firewall notification emails to a small mail server that is INSIDE our network behind the XGS.  We have it configured, but we aren't seeing any traffic attempt to pass to the mail server.  What address does the XGS use to send the mail notification?  Does it use the "Management interface IP address" in the "Administration -> Notification settings" screen or some other address?  

I created a firewall rule with the WAN interface that I thought it was coming from, but I see no traffic being sent even when I run the "Test mail" button.  Is there a special setting that I need to flip on that I am missing or?  Any suggestions are welcome. 



Edited TAGs
[edited by: Erick Jan at 11:38 PM (GMT -7) on 24 Jun 2024]
Parents
  • 0

    What we discovered, was that the notification emails send from the LAN port IP address if you are using an internal mail server inside your network.  If you switch it over to using the internal XGS mail server, it uses one of your WAN ports to do the sending.  Additionally, a trick Sophos support showed me was that even without the Sophos XGS "Email Protection" license, you can still use the "Email > Mail spool" and "Email > Mail logs" pages to view errors in sending.  Specifically the Mail spool page had a wealth of knowledge as to why a message would fail to send to an internal mail server. 

    We had assumed it wouldn't work since we didn't subscribe to the "Email Protection" license.  

  • 0 in reply to Josh Rogalski

    SNAT system generated traffic from the XGS itself to the mailserver. Especially if the mailserver is in a network, not routed by the XGS like a core router or other firewall.

    console> set advanced-firewall sys-traffic-nat add destination yourmailserverIP snatip firewallinterfaceIP

    like:

    console> set advanced-firewall sys-traffic-nat add destination 192.168.2.100 snatip 192.168.1.1

Reply Children
No Data
Unfiltered HTML