Important note about SSL VPN compatibility for 20.0 MR1 with EoL SFOS versions and UTM9 OS. Learn more in the release notes.

This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Publish Exchange server through XG Firewall.

I am looking for an example or directions for publishing an Exchange Server (OWA, active sync, etc) through XG Firewall. I found one for UTM, but nothing for XG. They are different enough that I don't find the UTM example useful. The admin manual is often not descriptive enough to be useful. I am finding the XG OS not very intuitive and am struggling with each rule I am trying to add. (Kinda wish I had opted for the UTM product instead)

I created a rule, and tried connecting through OWA, but the browser eventually gives up with "the connection was reset" I haven't stumbled across any way to know what is happening within the XG with those requests.



This thread was automatically locked due to age.
  • Hi Larry,

    Did you ever get this working?  Any tips or gotchas?

    Cheers,

    Ady

  • Should be able to make it work by setting up a Business Application Rule, and selecting Exchange, and completing the necessary info on the configuration "form."

    CTO, Convergent Information Security Solutions, LLC

    https://www.convergesecurity.com

    Sophos Platinum Partner

    --------------------------------------

    Advice given as posted on this forum does not construe a support relationship or other relationship with Convergent Information Security Solutions, LLC or its subsidiaries.  Use the advice given at your own risk.

  • Hi,

    Is that the same for other things, such as SharePoint?

    Regards,

    Ady

  • Pretty much.

    CTO, Convergent Information Security Solutions, LLC

    https://www.convergesecurity.com

    Sophos Platinum Partner

    --------------------------------------

    Advice given as posted on this forum does not construe a support relationship or other relationship with Convergent Information Security Solutions, LLC or its subsidiaries.  Use the advice given at your own risk.

  • Unknown said:

    I am looking for an example or directions for publishing an Exchange Server (OWA, active sync, etc) through XG Firewall. I found one for UTM, but nothing for XG. They are different enough that I don't find the UTM example useful. The admin manual is often not descriptive enough to be useful. I am finding the XG OS not very intuitive and am struggling with each rule I am trying to add. (Kinda wish I had opted for the UTM product instead)

    I created a rule, and tried connecting through OWA, but the browser eventually gives up with "the connection was reset" I haven't stumbled across any way to know what is happening within the XG with those requests.

    I have exactly the same issue, the manual to XG product is about as helpful as a chocolate teapot and the product itself, geez wasn't expecting to be hitting problem after problem.

    Anyway, that's the way it is but for the life of me cannot get Exchange General - Business Rule working correctly. Just like Larry, OWA just gives up with connection timeout or reset.

    The only way I can get OWA working is setting up a http rule for ports 80 and 443 to be simply passed through onto the internal server.

    Has anyone got this working and would be kind enough to provide real world example of their settings?

  • I'm using WAF template for Exchange rules. But, If you should be off reverse authentication to some dir (/EWS,  /OAB).

    Test version is 2013 and 2016.

  • I got the same problem. Sometimes the I get the "the connection was reset" but mostly the browser gets an sophos login promt. I cant figure out how to use the exchange general rule. When using a DNAT rule everything is fine.

  • I see that this is an old thread, but just wanted to see if anyone was able to get the built-in business app exchange policies working. i'm trying out the Sophos XG and i have the exact same issue; i'm only able to get it working by using a https/ http rule to pass traffic through. If no-one was able to get Sophos's built-in rules for Exchange working, does anyone have a recommendation for a different product that will work for this?