Important note about SSL VPN compatibility for 20.0 MR1 with EoL SFOS versions and UTM9 OS. Learn more in the release notes.

Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 4 replies
  • Subscribers 42 subscribers
  • Views 12677 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

SNMP from Outside

backslash

How can i monitoring over SNMP the XG from outside. What should i do ? 



This thread was automatically locked due to age.
  • 0
    Hi Everyone,

    I do have the same question. I tried to add an ACL exception Rule in System > Administration > Device Access - with no luck (SNMP Service is not within the service's list). Added the public IP (of my management server) in the SNMP configuration page.

    Is there anyway to make SNMP reachable from the WAN port?

    Thanks in advanced,

    Jose
  • 0 in reply to JoseCasanova

    JoseCasanova said:
    Hi Everyone,

    I do have the same question. I tried to add an ACL exception Rule in System > Administration > Device Access - with no luck (SNMP Service is not within the service's list). Added the public IP (of my management server) in the SNMP configuration page.

    Is there anyway to make SNMP reachable from the WAN port?

    Thanks in advanced,

    Jose

    Hi Jose, with the release of MR3 today you can now connect SNMP via the WAN. Please note you will need to enable SNMP for the WAN Zone via the Device Access table (System > Administration > Device Access)

    More information on MR3 can be found at https://community.sophos.com/products/xg-firewall/b/xg-blog/archive/2016/06/08/sfos-15-01-0-mr-3-released

    Leon Friend

    Sophos Sales Engineer

    Sophos XG Firewall - Certified Architect, Sophos Certified Engineer, Cyberoam CCNSE, Cyberoam CCNSP

  • 0 in reply to Leon.Friend

    in mr3 is snmp buggy. in acl rules the snmp type is missing. and additional you can only access snmp by interface ip where you come from.

  • 0 in reply to MarcoScholl

    Hi Marco,

    To clarify, you can only access SNMP from the IP configured in the SNMP Community under "System > Administration > SNMP" so if you enable SNMP on the WAN you will only be able to access SNMP from the SNMP Managers IP Address with the specific “community” string, this is because you defined the SNMP Manager IP Address when creating the SNMP Community. To a large degree, this negates the need to manage a manual ACL.

    I have not run into the issues you describe and I would suggest if they are an issue for you then you should open support tickets. If you are unsure of how to access support please check out https://secure2.sophos.com/en-us/support/contact-support.aspx

    Thanks,

    Leon

    Leon Friend

    Sophos Sales Engineer

    Sophos XG Firewall - Certified Architect, Sophos Certified Engineer, Cyberoam CCNSE, Cyberoam CCNSP

Unfiltered HTML