Hello volks, yesterday I stumbled over a weird new issue. It seems that our NAT masquerading rules are not applied when traffic matches a policy or multipath route (in interface mode). So I tried a traceroute with a port so the trace would match the…

Hello everyone! we have a newly deployed Remote Desktop Gateway Server (on Windows Server 2019) installed in our environment and I was successfully able to publish it through our UTM 9 WAF. Unfortunately, by doing this I am only able to get RPC-HTTP…

Hi everyone, im thinking about buying a Sophos UTM9 Appliance and i wanted to know which method of nat it is using (Full-Cone, Symmetric, Restricted-Cone or Port-Restricted Cone). Sadly I didnt find any information on this topic. Can someone tell…

Hallo zusammen, ich habe eine SG125 mit einer Home Lizenz aktiviert. Ich bin leider über die Anzahl der Clients gekommen, geringfügig :-) mit 40Clients. Was komsich ist das erst nach monaten das Problem auftaucht das Clients keine IP-Adressen…

Hi all, I'd appreciate some help on this matter, basically we have purchased an extra range of IP addresses from our ISP which we want to apply to different webservers. Now the way I thought this was done on the UTM and the way that others have detailed…

Hi, We need to publish a new mail server for a new domain, but we want to publish it with it's own public ip. The story :) We have Sophos UTM to manage mail protection for our principal domain, let say example.com The public ip for the UTM is…

I have a UTM 9.5 in the cloud. I connect to it with a L2TP over IPsec connection. I establish the connetion and visit some site to check my IP and it shows the IP of my UTM. If I drop the L2TP over IPsec connection and refresh it shows my work IP. So…

Good Morning, i have cluster UTM SG310 with firmware version 9.509-3 WAN IP IS: 1.2.3.4 Additional Address: 1.2.3.5 Internal LAN: 192.168.0.100 MPLS Gateway: 192.168.0.15 Web Server: 192.168.5.19 (Under MPLS) Static Routing configured on…

Hi all: I have implemented a Mikrotik RB2011 series router/firewall that works great with the exception that I have realized the Mikrotik firewall is very lacking compared to the UTM firewall that was on the old Fortinet router/firewall. I'm thinking…

Morning All! Just installed a new Panasonic NS700 phone system at the Office. It's working perfectly here onsite but I have a handset at home that is connecting to the external IP I have setup for the PABX, downloading all its settings etc I can log in…

Sophos UTM Configuration Interfaces External (WAN) 82.x.x.x DMZ 10.0.0.1 /8 Internal (LAN) 192.168.0.1 /24 Network Services - DNS - Global - Allowed Networks DMZ Network LAN Network Forwarders - DNS Forwarders Google DNS…

Hello! We have an AWS VPC setup with one private subnet only and hardware VPN access ( scenario 4 ). The private subnet contains one Windows EC2 instance which we connect to using SG105 UTM through RDP. Everything works fine and we are able to connect…

Hello, We have a VPC scenario 4 ( private subnet only with hardware VPN access ) implemented on AWS with one Windows EC2 instance in the private subnet. We are using SG105 UTM as the customer gateway. Currently, we RDP into our instance using VPN which…

Hello, on a specific NAT rule, i receive too many requests and i would like to limit that number. Is that something possible? Thank you!

I am having a very strange problem with a 3rd party app communicating through my Sophos if they are coming through an IPsec tunnel. I don't know if this belongs in the IPsec discussion group, the web filtering group, or here because it includes parts…

Hello, I'm trying to set up FileZilla Server on a server and I'm running into an issue. Everything works fine internally, but when I try and access the site externally, I am able to log in but directory listing fails. I an only imagine I'm missing…

Hello, Could anyone help me understand the concept of Masquerading rules? I am not able to wrap my mind around what exactly they do? Also what is the most effective rule to apply for RED networks when running in either split or unified mode? Thanks…

Hello, I use Sophos UTM9 VM home edition. Behind UTM9 I have a Synology box. It serves two purposes: Plex (Port 32400 with HTTPS) Management Web (Port 8443) I set up the Web Protection for forwarding 443 to 8443 for the Synology box. …

Hi all, I'm trying to replace my old TMG with my SG210, the problem is when I create a new rule, it doesn't work. I noticed that my LAN can't access internet even with the firewall rule "Any-Any-Any" so I had to create a NAT rule to make this happen…

hello after configure NAT role i checked firewall live log and see this transaction NAT rule #2 TCP 10.0.1.57 : 62362 → 196.218.167.4 : 3389 [SYN] len=52 ttl=128 tos=0x00…

Hi Everyone, I have question on Sophos firewall and I am new to Sophos appliances. Question/I need to ---> Configure Sophos SG 135 (UTM 9) to allow Microsoft Routing and Remote Access Service (Microsoft RRAS). Customer requirement ---> Microsoft…

Good Morning, Evening or Afternoon I'm playing around with UTM9 for about a week now but I didn't figure out how to allow my synology diskstation to access the internet. I wanted to allow: the system to check for updates and download them, the package…

Hello, I have installed Sophos UTM Home v9.409-9 on a fanless PC behind an Xfinity Arris Modem/Gateway in DMZ mode and it's working well. I do have a new problem though and am unsure how to best re-configure the UTM and/or the network. I was previously…

So i have no other choice but to post here ans hope for the best. I have Sophos UTM9 on an ESX server at my house and at my buddies business. Both locations are behind a NAT router, my home setup has a ZyWall SUG20 as the main gateway/router. I (so…

Hello, I've recently come across a problem that in my eyes makes no sense, I have been trying to get DNAT to work with a new DMZ server. We have an additional server in the DMZ already, fully functioning. I've tried copying every single rule and configuration…