Important note about SSL VPN compatibility for 20.0 MR1 with EoL SFOS versions and UTM9 OS. Learn more in the release notes.

Thread Info
  • State Verified Answer
  • Locked Locked
  • Replies 6 replies
  • Subscribers 40 subscribers
  • Views 46468 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Port Forwarding

AristidesBaez

Hello everyone,

Looking for some help setting up port forwarding. I set up Sophos XG firewall home edition on a shuttle DS57u. Sophos is set up and running. I've attached a screen shot of my rules. I have the default rule from the set up wizard and another rule that was set up to exclude some devices from web filtering which caused issues with steaming netflix. I'm not trying to set up port forwarding to forward some ports to a synology nas. The nas is set up with a static IP address out of the DHCP scope. I've created a Host IP which I've used in the rule. Everything seems to be set up correctly however I can not reach the synology device externally. Is there anything else here that i could be missing? Thanks for the help.



This thread was automatically locked due to age.
Parents
  • 0

    Thank you,

    After turning on Security Policy logging. This is what i see in the logs.

    Time
    Log Comp
    Action
    Username
    Policy Rule
    In Interface
    Out Interface
    Source IP
    Destination IP
    Rule Type
    Message ID
    2016-01-10 15:17:41
    Local ACL
    Denied
    -
    0
    Port2
    -
    50.29.99.31 :TCP(43011)
    24.184.187.158 :TCP(32400)
    02002

    This is the only entry in the log i can see regarding port 32400. However i'm not sure why the source ip is showing a different TCP port. The request i'm making is http://WANIP:32400/web. Another thing i'm seeing is that all of the logs are just showing denied events. Shouldn't is also show some allowed requests? could that be pointing to something else being wrong with my setup? Attached pictures show how i've set up the port forwarding rules. I've turned of IPS to rule that out as well. Thanks for the help.

  • 0 in reply to AristidesBaez
    Aristedes,

    the rule seems to be correct. Could you enable log traffic on non-http rule?

    Luk
Reply Children
Unfiltered HTML