Important note about SSL VPN compatibility for 20.0 MR1 with EoL SFOS versions and UTM9 OS. Learn more in the release notes.

This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

INTERNAL NETWORK ACCESS TO EXTERNAL IP

Hello, we have implemented the Sophos firewall and we are facing a serious problem, no matter how much we configure the internal network IPs, it does not access the external IP, 
Could you help us?
Grateful


This thread was automatically locked due to age.
Parents
  • Not sure what the problem is since your description is somehwat limited.

    If you cannot get out to the internet you need to create SNAT rule to masquerade the internal addresses

    If you need to get back to the inside of the firewall through an external public IP, you need a normal DNAT rule for access from every other internet connection, but you'll need a full NAT rule to reach it from within your own LAN.


    Managing several Sophos firewalls both at work and at some home locations, dedicated to continuously improve IT-security and feeling well helping others with their IT-security challenges.

  • Dear,

    I apologize for the limited information, well before we implemented Sophos
    we had a web server on our network, we were able to access the web address
    normally with port redirection, but after the implementation we were no longer
    able to do so, outside our local network we accessed the server normally without any problem. web,
    but on the local network we cannot.

    Could you kindly help me?

    Thanks,

    Sergio Alexandre

  • Hi ASP AÇAO SOCIAL DO PLANALTO 

    Please verify the configuration  for DNAT and add LAN zone on WAN to LAN firewall rule on same DNAT firewall rule configured.

    Regards

    "Sophos Partner: Networkkings Pvt Ltd".

    If a post solves your question please use the 'Verify Answer' button.

  • Configure a NAT rule as follwed:

    At 1, configure your WAN interface, at 2 configure MASQ at 3 configure the internal host.

    You also need a firewall rule to allow the traffic, basically you need to allow LAN network (source) to internal server on specified ports.


    Managing several Sophos firewalls both at work and at some home locations, dedicated to continuously improve IT-security and feeling well helping others with their IT-security challenges.

Reply
  • Configure a NAT rule as follwed:

    At 1, configure your WAN interface, at 2 configure MASQ at 3 configure the internal host.

    You also need a firewall rule to allow the traffic, basically you need to allow LAN network (source) to internal server on specified ports.


    Managing several Sophos firewalls both at work and at some home locations, dedicated to continuously improve IT-security and feeling well helping others with their IT-security challenges.

Children
No Data