Important note about SSL VPN compatibility for 20.0 MR1 with EoL SFOS versions and UTM9 OS. Learn more in the release notes.

Sophos Firewall

Discussions NAT Port Forwarding not working on XGS210 SFOS 20.0.2 MR-2-Build378

Sophos Firewall requires membership for participation - click to join

Thread Info

State Verified Answer
Replies 3 replies
Subscribers 40 subscribers
Views 1207 views
Users 0 members are here

Options

Suggested

NAT Port Forwarding not working on XGS210 SFOS 20.0.2 MR-2-Build378

Mark Tarrant 2 months ago

This was working a month or so ago, but the vendor has just now tried it again and it isn't working. The error is Violation Local_ACL.

Added TAGs
[edited by: Erick Jan at 12:35 PM (GMT -7) on 26 Aug 2024]

Top Replies

Adam Dodge 2 months ago +2 verified

Hi Mark, It's possible that another firewall rule is catching the traffic. Is there another DNAT rule above this existing one in the Firewall and NAT rules? You can also try deleting the existing…

0 Mark Tarrant 2 months ago
Cancel
Vote Up 0 Vote Down

Sign in to reply

Verify Answer

Cancel
0 Mark Tarrant 2 months ago

I added the last screenshot of the 4th related rule just now as the page was playing up and not allowing me to add it to the original post
Cancel
Vote Up 0 Vote Down

Sign in to reply

Verify Answer

Cancel
+1 Adam Dodge 2 months ago

Hi Mark,

It's possible that another firewall rule is catching the traffic. Is there another DNAT rule above this existing one in the Firewall and NAT rules?

You can also try deleting the existing rules and creating a new one using the Server access assistant (DNAT).

You can also check through the Advance shell and conntrack, here is the command: conntrack -E | grep {source IP address} | grep {port number}

here is an example, take note of the fwid and natid if it is hitting the correct rules.
Cancel
Vote Up +2 Vote Down

Sign in to reply

Verify Answer

Reject Answer

Cancel