Important note about SSL VPN compatibility for 20.0 MR1 with EoL SFOS versions and UTM9 OS. Learn more in the release notes.

Thread Info
  • State Suggested Answer
  • Replies 2 replies
  • Answers 1 answer
  • Subscribers 40 subscribers
  • Views 155 views
  • Users 0 members are here
Options
Suggested

Loopback for Firewall in LAN (behind Home Router)

kdoberitz

Hi Sophos Community

After a lot of trial and error I'm hoping you can help me finding a solution to my scenario:

 

In my home setup I have my wan-interface of the sophos in a transit network. My ISP router forwards any traffic to the sophos.
Now I would like to create a loopback rule to be able to access my services via my external (dynamic) IP.

The transit network makes this difficult as it seems. I can't get it right.
Here is my NAT-Rule after my last try:



Do you have any idea on how to solve this? is this even possible?

Best Regards



Edited TAGs
[edited by: Raphael Alganes at 10:57 AM (GMT -7) on 1 Oct 2024]
  • 0

    Mostly accessing the external IP from ISP-Router from internal network + forwarding traffic back to firewall didnt't work.

    my solution: create a internal DNS-Entry for the internal host ... or if you wish to use FW-WAF, DNS pointing to external FW-IP (10.255.255.253) 

    (FW-DNS entries are used before trying external DNS)


    Dirk

    Systema Gesellschaft für angewandte Datentechnik mbH  // Sophos Platinum Partner
    Sophos Solution Partner since 2003
    If a post solves your question, click the 'Verify Answer' link at this post.

  • 0 in reply to dirkkotte

    Hello Dirk

    Thanks for your answer on this. A pitty that you are telling me exactly what I was afraid of.

    I'm already resolving to internal DNS entries, but this comes with a few shortcomings. It seems that I will have to live with that or need to get a business contract with the ISP.

Unfiltered HTML