Browse By Tags

  • Port Forwarding a Minecraft Server

    Hello, I've setup a Minecraft server on one of our computers, and I tried using the wizard in the NAT Rules section. I have been working on this all day and have been reading other posts and nothing seems to work. Thanks, Yasha.
  • Struggling getting plex port forwading to work

    Needing some help - i've followed every guide and no matter what i cant get it to work. I have port 1 as my lan connected to my switch serving out IPs including my Plex server 172.16.16.30 Port 2 is my WAN connected directly to the internet cat…
  • Access to more than one internal server with the same serivice

    Hi, I want help in this scenario: Access from outside to more than one internal server (3 as example ore more) with the same internal port (3389 as example, to access remote desktop for them), in fact I did it by DNat but for one server but not more…
  • Setting up DNAT on an XG VM behind a virtual bridge

    I have a Sophos XG 18.5 VM deployment within a proxmox virtual environment. LAN, WAN, and DMZ are, at this point, all talking and working as expected with the rules I've created. Sophos' ports are actually VMBRs within the VE: vmbr0 to lan, vmbr1 to wan…
  • Countryblock Rule does not match

    Hello, I created a Countryblock Rule as described here ( https://docs.sophos.com/nsg/sophos-firewall/18.0/Help/en-us/webhelp/onlinehelp/nsg/sfos/tasks/CreateFirewallSecurityRule.html ) but this rule does not match. My published Webserver must…
  • Connect to WAN interface from Guest Wifi Network

    I have created a Guest Wifi network on my XG UTM and placed it in a separate Zone and allowed ANY traffic to the WAN. It works fine. But I would like to be able to connect BACK to the WAN port for EXTERNAL access to certain port forwarded servers. Currently…
  • DNAT not working

    I have just setup a DNAT rule on an XG running SFOS 18.0.4 MR-4. I created the rule using the Server Access Assistant. I can see traffic being allowed through on the firewall rule that was created but am unable to see the webserver that I have created…
  • IPSec remote access with xg firewall

    Hi, I want to configure IPSec remote access on a XG FIREWALL VM v18.0.4 that i am currently using as a smtp gateway for our mail server. I configured IPSec to use the same public address and when i try to connect to the firewall using the sophos connect…
  • internal ip issue

    Internally, I can not access the dns address as well as any other site that was published by sophos XG125. What must rule release to be able to access the publications made by sophos through my internal network ??? internal ip : 192.168.1.41 public…
  • [how to] create a port forwarding rule for a subdomain

    So i have this domain and i need to do port forwarding from https://sub1.mydomain.com.au to my app01server at port 20443. So i created an A record that points the https://sub1.mydomain.com.au to my static ip address 14.XXX.XX.XXX. and now i need…
  • Restrict by IP address. - but only for one URL?

    Good morning all, I have a single windows DMZ box set up which is hosting a number of different websites, apis etc. I have one site on that box that I want to restrict by external IP address. I know in the firewall rules you can restrict by port…
  • WAF rule works while disabled - strange behaviour

    Hi Guys, I'm using XG with the newest firmware (18.0.4-MR4) and I have a onlyoffice workspace test installation behind it. When I open onlyoffice via private IP or FQDN, it automatically redirects from http to https. So I think it's working as it should…
  • Block GeoIP rule - DNAT Blackhole - WAF no longer working

    I found an earlier thread that GeoIP blocking was not working as the system take precedence over firewall rules and therfore are never hit. The Sophos advice was to create a DNAT Blackhole rule to a non existing IP adress. So I tried creating a DNAT…
  • Why create a police rule + a DNAT (PAT) rule

    Good morning all I ask myself the question of the interest of the creation of a firewall rule when creating a DNAT rule (PAT). After my migration from 17.5 to 18, the import of my rules went well. I then needed to access an equipment from the outside…
  • DNAT XG86w

    Hallo, möchte eine dnat regel anlegen um die Ports 49152-50175 zur telefonanlage zu öffnen. Bin wie folgt vorgegangen Host angelegt: IP Telefonanlage Dienst angelegt mit Quellport 49152:50175 Zielport 49152:50175 Über Serverzugriffsassistent…
  • XG | BGP multihomed (WAN) | DNAT & SNAT

    Here my question: 1. How can I set up SNAT if my public Subnet (3.3.3.0/24) it´s not configure in any interface? It´s possible? Can I create a Loopback interface on XG? 2. Publish my website (DNAT)! Any idea? Notes: - I push my network (3…
  • Problems with inbound traffic on one WAN interface in a multi WAN setup

    Hi, I've been working on a Soiphos XG 125 v18 for the last week to get it production ready, setting up the WAN interfaces (2) and the DNATs and FW rules. I thought I had everything covered, but I'm running into an issue I simply cannot resolve. So if…
  • RDP to Server with the XG WAN having a private IP

    My set up at the moment is ISP 210.250.200.10 => Router 192.168.1.1 => XG WAN interface 192.168.1.55 => DMZ Server 192.168.206.10. I would like to RDP to my server in DMZ from the internet. The problem i am having is that my XG is not directly connected…
  • Regarding 80 and 443 ports

    Dear sir, I have been using Sophos xg firewall(cyberoam NG cr100ing). Iam facing a problem that my port 80 and 443 are opened for wan side, Our cyberfortress team is scanning the above said ports from wan side and telling this is vulnerability. plz…
  • Whitelist IP Address PCI Scan

    Hello, I am new to Sophos. We recently had a Sophos XG 125 installed on our small network at work. In order to stay PCI compliant, a scan is run every few months on our IP address. The IP source addresses are: 64.39.96.0/20 64.39.106.0/24…
  • Reflexive rule blocks WAN connection for the host mentioned in that rule

    Hi everyone, After using the DNAT assistant to enable access to my Synology from WAN ( https://community.sophos.com/xg-firewall/f/discussions/125700/synology-nas ), there are 3 NAT rules that have been created. The problem right now: My SynologyNAS…
  • External Websites showing user portal

    This morning we switched over to our Sophos XG FIrewall. Professional services did alot of the leg work for us in the main configuration and while it appears most things are working properly we did find a few things wrong after we got off the phone with…
  • XG and Dnats

    I am coming from the old utmost's side and busy learning all the new xg stuff. One thing I have not found is if I am trying to build a new XG and obviously trying to build all the gnats from the utmost side. It will load the gnats and bind the appropriate…
  • external RDP access does not work - XG Firewall bridge mode

    I need to learn how to free external access to RDP. Before placing the Sophos Firewall on the bridge, my Mikrotik was solely responsible for releasing the RDP ports of each server of mine. Now I can't communicate externally with my servers, only locally…
  • Synology NAS

    Greetings, I guess it's a simple and common asked issue, but unfortunatelly the search function seems to be disabled/malfunctioning right now - despite trying different keywords. And some (video) guides that I found show some setups on old versions…