Disclaimer: This information is provided as-is for the benefit of the Community. Please contact Sophos Professional Services if you require assistance with your specific environment.
Table of Contents
Applies to:
All Sophos Firewall (XGS, Virtual, Software, Azure, AWS) Firmware v18.0+
Configuration:
Sophos Firewall > Admin UI > Protect>Rules and Policies >
Steps:
- As shown in "Where do I configure this?" you’ll log into your Firewall via HTTPS//172.16.16.16:4444 or MGMT interface
- Select "Protect: Rules and Policies" in the left menu, then Add Firewall Rule.
- Within the Add Firewall Window, you’ll see the following. Open the drop-down menu on "Rule Group":
- Click Add to add a new Rule group that will automatically put all firewall rules we have to create now and in the future into a "LAN-to-WAN" Rule Group.
- Give your new "Rule Group" an appropriate name based on the targeted Firewall Rules. In this example, I have named it "LAN-to-WAN" and described other admins and myself when reviewing it later.
- Continuing down the window, we will now specify our Group Matching Criteria
- After creating this rule, you will return to the previous firewall creation menu and notice that you have a Rule Group selection of "LAN-to-WAN."
- From here on out, whenever you create a firewall rule with this matching criteria, you can leave the Rule Group selection as "Automatic," which will place the rule into the appropriate Rule Groups.
- Rule Groups are often seen to be effective:
- LAN-to-WAN (Group internet Traffic Rules)
- LAN-to-LAN
- LAN-to-DMZ
- DMZ-to-LAN
- LAN-to-VPN
- VPN-to-LAN
- WAN-to-LAN
- You can also refer to this Documentation for creating Firewall Rules
Revamped RR
[edited by: Erick Jan at 9:03 AM (GMT -7) on 18 Sep 2024]
