Hello all
I want to create NAT + Access rules for DNS and NTP so any UDP 53 and UDP 123 traffic targetted for WAN gets redirected to internal servers.
Can anyone suggest how that can be achieved?
Thanks
A
We have some internal servers on which we have configured NAT rules to expose them to internet via dedicated WAN IPs for each server.
We are able to connect to the servers from WAN without any issues. But we are unable to connect from one server to…
I cannot figure out why my virtual Sophos XG in Azure is NAT'ing traffic across my IPSec VPN tunnel. There is no NAT rule in place for this. In fact, there's only one NAT rule on the whole XG. But all traffic from my local network, going over the tunnel…
After updating from SFOS 18.5.3 MR-3-Build408 to SFOS 19.0.0 GA-Build317 I started getting complaints of services not working, they depend either on outbound firewall rules or inbound DNAT rules.
The first failure to be reported was VoIP, oddly enough…
Hello,
wondering whether a tunnel based IPSEC VPN works with NAT on one (initiating) side. What zone information needs to be provided on the Gateway host?
Is it required that the two XFRM interfaces can ping each other?
The configuration used…
The equipment that connects to the top or bottom of the firewall has changed.
At this time, the snat or dnat policy set on the device is not applied.
You have to turn off the policy and then turn it on for it to work properly.
XG430 (SFOS 17.0…
Dears,
I Have firewall SOPOHS XG230. I have two gateway to internet.
when do rule LAN to WAN and select nat rule MASQ to access intenet.
I want change internet gateway for some LAN's IP, how i can do it?
some LAN access intenet from GW1
…
I am not sure if I always need NAT. Sometimes I do and sometimes I don't. My latest issue was two VLAN networks hanging off the LAN interface of the Sophos XG. I had the correct firewall rules in place but I couldn't get traffic to flow until I created…
I have a File server name Synology, it has option to share files to external users, i tired to share the files but remote users not able to access it,
i have two Firewall in my Domain, one UTM version 9.711-5 another XG.
On XG i just created DNAT…
Hallo zusammen, ich habe eine Sophos XG Home auf einer Proxmox Umgebung virtualisiert. Vor der FW habe ich eine Fritzbox in der die FW als Exposed Host eingestellt ist. Das Problem ist, dass die Pakete nicht in das Netz kommen bzw. an die FW und nicht…
Hi
PPPOE is done on the XG and from ISP provides 10.222.250.5/32.
We have a 213.150.X.X/29 from the ISP routed via 10.222.250.5.
LAN has internet and DNAT works PAT works that's all good.
How to register the sophos and add licenses because the…
Dear,
currently we use a single EX2016 on Premise.
Incomming Mails are delivered to our UTM (SG330), which scans for Spam/Virus and then routes them to our EX-Server. Outgoing Mails are routed to an ext. Smarthost. Outlook Web Access is published…
hi
with UTM we had site to site tunnels and SNAT rules
on the sophos side i was able to create an snat rule
with severanl networks and hosts from our side and say sned them all down the tunnel behind 1 ip address in the range defined in the tunnel…
I have deployed an Active-Passive XG Firewall setup in AWS following the proper guide and have full routing and sorted out the health check on the load balancer for incoming services. One issue I am having is the incoming traffic is being NAT'd to the…
Hi All, newbie in Networking. Currently, we have this network setup
We are planning to get an additional ISP exclusive for one of our departments. Is it possible to connect another modem(ISP) to our router and which configurations should I do to…
Hello Guys,
i have a brain lag with following situation,
I have a IPSEC to IPSEC (Site to Site) connection.
The other side need to connect or need access to our local ip adress 192.168.100.253. But they cant use this local subnet, because…
Hi,
I'm pretty sure that this question was already answered by someone, but I cannot find the answer in the forum or the knowledgbase. Please bear with me...
To my question...
I configured two policy based ipsec tunnels: Site C <10.3.0.0/24 = 192…
Hello, I am new to the forum and have a question directly to the experts here.
We use a Sophos SG230 UTM 9. I would like to establish an external OpenVPN connection from my computer, which is behind the Sophos, to another network. Unfortunately the…
Hey All,
I was kinda wondering, I Sophos V17 you could select the NAT on the FW rule itself and that that's the route it would take
But now in V18 its separated, If you have one link can you add NAT rules on its own with no SD WAN routing would…
HI,
We have 3 ISP(ISP1, ISP2 and ISP3) connected to our firewall in our HQ. In our HQ we have at least 5 subnets. My question is can i let some subnet to utilize only ISP2 for internet, not just internet but fully utilize the link. The other link i…
Hello,
I guess its basics, however cannot understand why traffic for directly connected interfaces are getting source natted by wan public ip.
Set up is Sophos XG firewalls connected directly via HA DMZ interface and have assigned 10.238.238.0/30…
Hi,
We have a head office site that connects to a 3rd party over a site to site vpn for a service that they offer. Their requirements are quite specific on the set up of the site to site vpn for subnets and translation.
Details are:
Office LAN…
Hello,
I would like to change the Load Balling in my Firwall rule which has a migrated NAT rule.
In the NAT rule I cant ch age anything.
How can I chnage this?
Thank you!
Hallo Zusammen,
ich hoffe ihr könnt mir bei einem Problem weiterhelfen.
Ich habe das Problem das meine Sophos SG330 bei erhöhter Last (z.B. Speedtest via fast.com - kommt bis ~4,7Gbit) zum Teil die Verbindung ins Internet verliert - allerdings nicht…