• Proxy inbound connection to external ip

    LMSIIATO
    LMSIIATO
    Good morning, I currently have a server in an on-premise datacenter that responds to TCP port 12233. So there is a very normal DNAT on the XGS firewall of the public ip 80.80.80.80:12233 towards the private server ip 192.168.1.10:12233 This service is…
    • Answered
    • 6 months ago
    • Sophos Firewall
    • Discussions
  • Server access : port to port won't work

    helmut willems
    helmut willems
    hello , i'll try a simple port forwarding when i setup this like below , it works when i change the source port to 7887 then it dont forward. why o why ?
    • 6 months ago
    • Sophos Firewall
    • Discussions
  • Port Forwarding Question - Plex or Embry

    DaniellsFirewall
    DaniellsFirewall
    I believe I have everything right but I cannot see traffic in the firewall logs and I cannot get remote access to ether media server. NAT Rule : Port 2 is WAN, Port 1 is LAN, Synology is a local IP Any Suggestions? I already called my ISP and they…
    • Answered
    • 6 months ago
    • Sophos Firewall
    • Discussions
  • ENABLING INTERNAL USERS TO ACCESS INTERNAL SERVICES OVER EXTERNAL INTERFACE

    TimothyWanume
    TimothyWanume
    Hello, I am using XGS2300 Version 20 When users are on LAN, they cannot access servers on the same network while using their public IP, they can only access the server over the public IP when they move out of the network. How do I solve that
    • Answered
    • 7 months ago
    • Sophos Firewall
    • Discussions
  • Two site URLs, 1 public IP, PAT to test server on 443

    Ian McGuinness
    Ian McGuinness
    Port forwarding rule I have an external ip address (PortB:8) currently used for a production website on port 443. I would like to be able to access a test web server via the same public IP via port 65443 and translate to port 443 at the server.…
    • 8 months ago
    • Sophos Firewall
    • Discussions
  • Forwarding non-standard ssh port to standard ssh port internal (remote SFTP Server)

    Sofos network
    Sofos network
    Hi all, # XG330 I have a project to set up an SFTP server to transfer data securely from a remote station to the SFTP server located in the DMZ.(Head Ofice) the server is installed, configured and integrated into the dmz. the remote client uses an…
    • 8 months ago
    • Sophos Firewall
    • Discussions
  • I already added the server port and created the rule but I get this error.

    Patricio Gómez
    Patricio Gómez
    • 9 months ago
    • Sophos Firewall
    • Discussions
  • making traffic bypass firewall NAT and go straight out to WAN

    Sophos User1175
    Sophos User1175
    hi all, so on our sophos FW i have set up two SD Wans as we have 2 Wans, one for our main network (wan1) and another for our guest network (wan2) as we wanted them separated so there using different public ip addresses problem is i have a laptop going…
    • 9 months ago
    • Sophos Firewall
    • Discussions
  • Block Specific WAN IP address to acces all the LAN

    gouellet
    gouellet
    Hello All, Yesterday my Firewall start trigger IPS alerts, 8 in totals. I see a specific WAN IP address in the rapport i want to completely block. I have read couple older disscution but nothing fully help me. I have already do this firewall rule: …
    • 9 months ago
    • Sophos Firewall
    • Discussions
  • port Forwarding not working in sophos XG135

    Shabeer K
    Shabeer K
    Dear Sophos Support Team XG135 sophos firewall port forwarding not working properly on our customer ..he has remote access on IPPBX branch..how can i solve this issue
    • Answered
    • 10 months ago
    • Sophos Firewall
    • Discussions
  • Need help portforwarding to strongswan IKEv2 vpn server

    Teererai Marange
    Teererai Marange
    I have an IKEV2 vpn server with internal IP 10.83.185.200. I am attempting to portforward traffic from my WAN port to to LAN port. For some reason, I am able to access the vpn server from the LAN side using my public IP. However, when I attempt to access…
    • 10 months ago
    • Sophos Firewall
    • Discussions
  • I want to configure my external IP to access internal Web server IP

    Meet Gajjar
    Meet Gajjar
    I want to configure my external IP to access internal Web server IP
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • Issues with VPN Connection and Firewall Port Forwarding after XGS2300 Firmware Update

    New Chennai Township Pvt Ltd NCTPL
    New Chennai Township Pvt Ltd NCTPL
    Hi team, I wanted to bring to your attention some issues we've encountered following a recent firmware update on our XGS2300 device. After the update, we are experiencing difficulties with the VPN connection—it is not working as expected. Additionally…
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • Unable to access to internal server web from outside through DNAT firewall rule

    Rachid MAZOUZI
    Rachid MAZOUZI
    Hello Please be informed that i have an ERP which is accessible locally "LAN" but when i tried to access from outside im not able to, however i set up a DNAT rule please find below the screenshot it is in french language i set up port forwarder on the…
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • Port forward keeps failing after sometime

    Ahmed Mohsen
    Ahmed Mohsen
    I've created a firewall rule & NAT rule to forward port 5555 to my local server ssh server and it was working perfectly -for sometime- but it keeps failing now and i can't access, after scanning port it keeps saying that it's closed? I recreated the…
    • Answered
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • Bug in Server access assistant [DNAT]

    midnightSun
    midnightSun
    Simple test using PING Create a server on local LAN using SAA and ping to it from an outside network. (Default rules wont reply). Steps taken Add an alias to WAN with a 2nd public facing IP. - Mine (Port2:0) Ran the Server access assistant. …
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • First time user looking to switch from another product due to it being sold and stripped

    midnightSun
    midnightSun
    Sophos Firewall is NOT very intuitive so far. Nothing inbound works...but the default rules to let everything outbound does. So figured id ask the community. I've reverted to the simplest test I can think of....Port forward ICMP from WAN to a LAN workstation…
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • XG v19.5 IPv6 DNAT not Working? See Below (src-ip = dst-trans-ip)

    Brian Thill
    Brian Thill
    2023-11-28 21:19:50Firewallmessageid="00001" log_type="Firewall" log_component="Firewall Rule" log_subtype="Allowed" status="Allow" con_duration="134" fw_rule_id="62" fw_rule_name="DNAT to Spiderman (IPv6)" fw_rule_section="Local rule" nat_rule_id="4…
    • Answered
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • Allow IPSec from certain endpoints, deny the rest

    Jack Valko
    Jack Valko
    I understand I need to create a blackhole DNAT to block inbound IPSec traffic. What I also need to do is allow a few endpoints to establish a tunnel. To me, this means I need two NAT rules -- one to passthru legit IPSec and the other to blackhole. I…
    • Answered
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • NAT Rule not working

    Sarabjit Singh
    Sarabjit Singh
    NAT rule is not working. Tried both ways (DNAT / Firewall+NAT Rule). My WAN interface named BSNL and LAN interface is on Port #8..
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • try to open port to CCTV

    Miguel Monteiro
    Miguel Monteiro
    Hello guys, Im struggling on this case: I want to open port ( 37777/tcp ) to get acess CCTV from exterior like a phone, tablet or computer. This acess is from Public IP ( WAN ) so i create the service ( print1 ) After that i create firewall…
    • Answered
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • DNAT rule only works for http

    Roman Ranzmaier
    Roman Ranzmaier
    Hi I finally setup my sophos XG 106 I have a WAN/LAN/DMZ and WiFi Zone. WAN use PPPoe Passthrough In the DMZ zone I'm currently running an docker host with some container. I created a DNAT rule to access one of the container running on Port…
    • Answered
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • Struggling to connect to CCTV system from the WAN

    Werner Smit
    Werner Smit
    Good Day, Could anyone assist me? I have created a VLAN for CCTV to sperate from the company network. Want to allow the CCTV to be connecting from the WAN Port from our ISP to use the Public IP so that we can monitor the CCTV remotely without VPN…
    • Answered
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • 3CX Full Cone error

    LeeShellard
    LeeShellard
    Hi I have a XG and im trying to get 3CX working correctly. I have nat and firewall rules set but when i run a test from 3cx I'm getting the full cone error i cant see what I'm missing
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • XGS136 not able to timely process inbound emails to distribution group

    Jeff Vandervoort
    Jeff Vandervoort
    XGS136/ SFOS 19.5.2 MR-2-Build624 DNAT rule for on-prem mail server does NOT have email scanning turned on. Microsoft 365 Exchange Online Protection (EOP) is the spam filter. When I send an email to a distribution list of about 35 members from an…
    • over 1 year ago
    • Sophos Firewall
    • Discussions
<>