Important note about SSL VPN compatibility for 20.0 MR1 with EoL SFOS versions and UTM9 OS. Learn more in the release notes.

This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

XG125 Blocking Programs or Ports

Hi,

Is it possible that an XG125 Firewall can block programs and TCP/UDP ports for network traffic between a Windows Server and client computers within the same LAN?  I know the firewall can block traffic between the LAN and the internet but my question is specific to traffic within the LAN.

The client has a single domain server running Windows 2019 Essentials connected to a single network address LAN with client computers which are domain members.  Additionally, the client uses Sophos Central with InterceptX as their endpoint protection.

Domain logins, user rights, and file, folder, & printer sharing, are working properly but other services such as Windows Server Updates Services and access to a SQL 2019 Express database are not.  I have used Port Query to test the server LAN IP address to check if the expected ports are available but they do not respond when queried from any of the client computers.  I have checked the domain group policies, local policies, the Windows Firewalls on the server and the clients, and everything seems to be setup correctly.  If I query the ports on the server they respond so I know the services are listening.  The relevant ports 8530, 8531, 1433, 1434 have all been added to the respective firewalls for both TCP and UDP.

Having found these network problems with different programs and services I am now considering the possibility that the Sophos XG125 is blocking traffic between the server and clients within the LAN.

I would appreciate insights from anyone with experience of this happening, any suggestions I could try, or to rule out that the XG125 cannot interfere with traffic between computers within the LAN.

Many thanks in advance.

Brian



This thread was automatically locked due to age.
Parents
  • Hi Brian,

    Thank you for reaching out to Sophos Community.

    Sophos Firewall can block traffic between devices on the same LAN if configured.

    I recommend further checking the firewall’s traffic logs to see if any indications of blocked traffic related to the ports and services you’re having issues with.

    Use packet capture/dropkt to monitor traffic between the server and clients and confirm if the firewall is dropping packets.

    Also, kindly create a test firewall rule allowing all traffic between the LAN devices and place it at the top of the rule set to ensure it’s applied. 

    Check IPS and application control 

    Erick Jan
    Community Support Engineer | Sophos Technical Support
    Sophos Support Videos Product Documentation  |  @SophosSupport  | Sign up for SMS Alerts
    If a post solves your question use the 'Verify Answer' link.

  • Hi Erik,

    Many thanks for your quick reply.  I cannot access the firewall today but on Wednesday this week I will have access to it so I will try your suggestions and let you know the results.  Once again, many thanks.

    Brian

Reply Children