I've got 2 web servers on different local IP. Both IIS. (x.x.x.7 and x.x.x.21) I've done 2 waf rules on firewall but i've got a DNAT on HTTP direct connect to 1 server (x.x.x.7) It is necessary have DNAT rules (loopback and reflexive also)? Infact…

Hello, I created a Countryblock Rule as described here ( https://docs.sophos.com/nsg/sophos-firewall/18.0/Help/en-us/webhelp/onlinehelp/nsg/sfos/tasks/CreateFirewallSecurityRule.html ) but this rule does not match. My published Webserver must…

Good morning all, I have a single windows DMZ box set up which is hosting a number of different websites, apis etc. I have one site on that box that I want to restrict by external IP address. I know in the firewall rules you can restrict by port…

Hi Guys, I'm using XG with the newest firmware (18.0.4-MR4) and I have a onlyoffice workspace test installation behind it. When I open onlyoffice via private IP or FQDN, it automatically redirects from http to https. So I think it's working as it should…

I found an earlier thread that GeoIP blocking was not working as the system take precedence over firewall rules and therfore are never hit. The Sophos advice was to create a DNAT Blackhole rule to a non existing IP adress. So I tried creating a DNAT…

Hello, We have setup WAF for our internal webserver hosting a site. We see that any public user IP accessing our site is being changed to the local interface ip going through the WAF. This changed local ip is seen in our webserver access logs. There…