• Nat Rule 0

    David Jumbi
    David Jumbi
    Hi all I have a requirement to split NATing between different users in my office. I managed to configure this successfully but after going live some PCs have access to the internet while some do not. On the Log viewer, the ones that do not have access…
    • over 3 years ago
    • Sophos Firewall
    • Discussions
  • Sophos XG Firewall experience - feedback wanted

    bruze hual
    bruze hual
    I was hoping for those whom work with Sophos XG firewalls could provide some feedback. We have a few in deployment, but on version 16 and 17 of their firmware have hit a number of issues this includes but not limited to; NAT rules not working…
    • over 3 years ago
    • Sophos Firewall
    • Discussions
  • Windows Server in DMZ dosn't fetch Windows Updates

    SophosAdmin User1
    SophosAdmin User1
    Dear community, at present I'm looking for a solution for the following scenario: I've got a Windows Server sitting in the DMZ. For security reasons, direct I-net access is not allowed. To allow Windows Update Downloads, I followed this KB article https…
    • over 3 years ago
    • Sophos Firewall
    • Discussions
  • DNS server behind XG firewall NAT

    Youcef Rahmouni
    Youcef Rahmouni
    Hello community, Recently i was asked to migrate an existint configuration from a router to XG firewall and here is the scenario : an application running in my local server with the name : transmission.local.co IP@ is 192.168.62.11 DNS serve r…
    • over 3 years ago
    • Sophos Firewall
    • Discussions
  • NAT rule (sNAT] rule were created during migration?

    David Harrison1
    David Harrison1
    Hi all, I'm not sure if I should delete these Migrated NAT rules? Looks like there is a load of connections being made against these? could that cause a potential risk to my firewall?
    • over 3 years ago
    • Sophos Firewall
    • Discussions
  • How to NAT subnet class B to class C through IPSec VPN

    Samuel Tjen
    Samuel Tjen
    Hi Guys, Need help !! My company has network subnet class B (ex : 172.16.xx.xx) I need to setup IPSec VPN connection to our client with subnet class C (ex : 192.168.82.xx) Here's the diagram Question is , how to configure NAT on my device…
    • over 3 years ago
    • Sophos Firewall
    • Discussions
  • translate static nat fortinet to sophos

    Paola Vazquez
    Paola Vazquez
    Team, Good morning Currently I need to migrate approximately 600 rules NAT the Fortinet to Sophos, but I can't found how to do it. I share a rule as an example. Thanks for your help
    • over 3 years ago
    • Sophos Firewall
    • Discussions
  • Loopback Rule not working for DNAT Policy v17.5 16

    NM_1987
    NM_1987
    Loopback Firewall Rule is not working for CCTV Firewall rule id 3 & 4 Created for CCTV Application. It is working fine from WAN as expected however, when we tried to open same CCTV from LAN using Public IP, it's not working. This is new setup. Serial…
    • Answered
    • over 3 years ago
    • Sophos Firewall
    • Discussions
  • XG v18.05: MTA mode and alias IP addresses

    MarkThornton
    MarkThornton
    I will start by saying I am coming over from a UTM that I have loved going back to the Astaro days. Best part about the UTM is the help pages always seem to match what the options are in the actual product they are connected too. I haven't found that…
    • over 3 years ago
    • Sophos Firewall
    • Discussions
  • NAT'ing an IP Range

    Jacob Holman
    Jacob Holman
    Hello All, I am creating a new network structure with as little impact as possible to the current production network. I have added a new vlan to my core and I am receiving traffic as it should, however, for the sake of not having to call all my partners…
    • over 3 years ago
    • Sophos Firewall
    • Discussions
  • Unable import the configuration from the selected firewall - Sophos Central

    Michael Southgate
    Michael Southgate
    I am having the same issues as the some other people and I really am stuck as where to fix this. We a client who is on XG86w running on SFOS 18.05.MR05 and we cannot import the configuration into Sophos central. The error we keep getting is SecurityPolicy…
    • over 3 years ago
    • Sophos Firewall
    • Discussions
  • Sophos XGS Bypass NAT

    lrbrown
    lrbrown
    Hi Sophos Community I have a Sophos XGS 3100 Firewall that is connected to our ISP and also to our switch which then connects to VMWare ESXi servers. We have local IP addresses for one of our VMWare servers and its VMs which is then NATted by Sophos…
    • over 3 years ago
    • Sophos Firewall
    • Discussions
  • turn of natting on one of the wan links

    brucepott
    brucepott
    Hi, we have two WAN ports on an XG 135. One port is configured with a public IP address and connects directly to the service provider. Second port is configured with a private IP address ( 192.168.x.x ) and has as the gateway the router of the second…
    • over 3 years ago
    • Sophos Firewall
    • Discussions
  • force smtp over specific wan link

    brucepott
    brucepott
    Hi, we have a XG135 with two WAN links. I would like to create a rule to direct all smtp traffic from our internal mail server to the outside via one of these links. All smtp traffic should be routed via that port. SO far I did not manage to solve…
    • Answered
    • over 3 years ago
    • Sophos Firewall
    • Discussions
  • 1:1 NAT for Site-to-Site Tunnel - how do I do it ?

    RanX
    RanX
    Hello to the community, I found some discussions on this topic but as none lead me to success so far, hopefully someone can help me with my topic. Scenario: Sophos XG (18.0.5 MR5) with several IPsec site-to-site tunnels Two of the remote networks (name…
    • over 3 years ago
    • Sophos Firewall
    • Discussions
  • Failing over default gateway with OSPF

    Jeremy Parr
    Jeremy Parr
    We have a site we are deploying XGs at. They have two buildings on campus, with a private fiber link between them. Each building has it's own Internet connection. We'd like to deploy an XG at each site, and allow for ISP failover between them. Scenario…
    • over 3 years ago
    • Sophos Firewall
    • Discussions
  • XGS 2100 Loopback NAT

    Robert Reid
    Robert Reid
    We are looking to deploy an HA pair of XGS2100 firewalls to our data centre. My issue is I cannot get a loopback NAT to work when I am starting the conversation from the same zone as the destination server is in. IF the loopback is to a different zone…
    • over 3 years ago
    • Sophos Firewall
    • Discussions
  • IPSec S2S NAT problem

    Alie2n
    Alie2n
    Hi, I have the following setup: The ipsec policy between RGW and RZGW cannot be extended by the net 192.168.5.0/24 so I have to do a NAT (enabled in the vpn config screen). The main goal that both nets (192.168.0.0/24 and 192.168.5.0/24) can access…
    • Answered
    • over 3 years ago
    • Sophos Firewall
    • Discussions
  • Route from one IPSec VPN with NAT to another IPSec VPN without NAT

    Tim Kallmeyer
    Tim Kallmeyer
    Hello, since Friday weve changed from our Sonicwall NSA2650 to our new Sophos XGS2100. Everything works fine, expect one thing. Weve got 2 VPN Tunnels: Tunnel 1 (Sidebranch): Local Networks: 10.226.208.0/24, 10.226.211.0, 10.0.3.0/24 (Network…
    • over 3 years ago
    • Sophos Firewall
    • Discussions
  • No traffic over IPSec S2S with NAT applied

    Dave Uzeel
    Dave Uzeel
    Hi all, i followed below guide for a S2S tunnel with NAT applied but only one 1 side. Sophos XG Firewall: How to apply NAT over a Site-to-Site IPsec VPN connection I cant seem to get this working properly. When i run packet capture and start…
    • over 3 years ago
    • Sophos Firewall
    • Discussions
  • Connecting a Site to Site VPN when local subnets are the same

    Paul Peterson
    Paul Peterson
    We have two offices we need to connect. One is running a Sophos XG106w while the other is a Sophos XG105w. Unfortunately both are running the same network scheme 192.168.1.x, is it possible to do a site to site vpn and if so how is this accomplished with…
    • over 3 years ago
    • Sophos Firewall
    • Discussions
  • WAN PPOE VLAN TAG - WONT ALLOW LAN TO ACCESS some HTTPS webpages on INTERNET

    Gerencia Tecnica Comercial
    Gerencia Tecnica Comercial
    Hi Sophos Community We have some issues on latest Sophos SFOS 18.0.5 MR-5-Build586 Our ISP give us a PPoE with a VLAN tag to access Internet and on another VLAN TAG a Private VPN VLAN XXXX Internet (((PPoE))) VLAN XXX VPN Static IP Address…
    • over 3 years ago
    • Sophos Firewall
    • Discussions
  • 1:1 Nat possible with Sophos XG V18.5?

    seroal
    seroal
    Hi all, I want to create a 1:1 NAT Rule on SFOS. Is this possible? I want to set "translated destination" to a specific network with the same size (1:1 NAT) as the original destination network. Seems to be not possible with XG? I only see this…
    • over 3 years ago
    • Sophos Firewall
    • Discussions
  • remote SSLVPN to IPSEC Site to Site

    homerjs
    homerjs
    hello i want to use remote sslvpn over a site to site tunnel. I have tried with these instructions Allow Remote Access SSL VPN Traffic Over an Existing IPsec Tunnel without Modifying the IPsec Tunnel in Sophos XG Firewall but i can't get access…
    • Answered
    • over 3 years ago
    • Sophos Firewall
    • Discussions
  • NAT IP addresses coming in the IPSec VPN to local IP addresses

    Matt Haynes
    Matt Haynes
    Hello, We switched my client over to a Sophos XG from an old Cisco Router. They have an IPSec tunnel to a Medical Network that hosts their Medical software/databases. The only thing I can't reproduce on the Sophos is below: ip nat inside source static…
    • over 3 years ago
    • Sophos Firewall
    • Discussions
  • View related content from anywhere
  • More
  • Cancel
<>