Thread Info
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

DDoS Bypass Rule for SSL VPN

Trio Fandi

Hi,

I was experience problem with Sophos Firewall, SSL VPN traffic dropped by DDoS UDP Protection.

Our Sophos Firewall is XG310 (SFOS 20.0.3 MR-3-Build427).

Here is our network topology :

network topology

I've try to create DDoS Bypass Rule (as below capture), but it's not working. VPN UDP packet still drop.

dos bypass rule

Kindly need advice how to create correct DDoS Bypass Rule as above topology.

Or any better approach for DDoS Protection ?

I have Support Ticket number : 02206493

Thanks,

Fandi



This thread was automatically locked due to age.
  • 0

    Hello Fandi, 

    Thanks for sharing the case ID with us. The engineer has provided an update advising on adjusting the threshold rate to a certain value.

    Kindly update us on the case feed regarding the outcome of the configuration. We shall also monitor progress of case on our end.

    Thank you

    Raphael Alganes
    Global Community Engineer, Support & Services
    Are you a Sophos Partner? | Product Documentation | @SophosSupport | Sign up for SMS Alerts
    If a post solves your question, please use the 'Verify Answer' button.

    The award-winning home for Sophos Support videos! - Visit Sophos Techvids

    • +1 in reply to Raphael Alganes

      Hi,

      I have resolve this issue by help from Support team.

      Based on Firewall logs, they found that UDP packet drop is come from IPSec Site-to-Site VPN, it's not SSL VPN.

      Then I add Remote site Public IP to DoS Bypass Rule, and now problem solved.

      Thanks.