• I already added the server port and created the rule but I get this error.

    Patricio Gómez
    Patricio Gómez
    • 9 months ago
    • Sophos Firewall
    • Discussions
  • making traffic bypass firewall NAT and go straight out to WAN

    Sophos User1175
    Sophos User1175
    hi all, so on our sophos FW i have set up two SD Wans as we have 2 Wans, one for our main network (wan1) and another for our guest network (wan2) as we wanted them separated so there using different public ip addresses problem is i have a laptop going…
    • 9 months ago
    • Sophos Firewall
    • Discussions
  • Block Specific WAN IP address to acces all the LAN

    gouellet
    gouellet
    Hello All, Yesterday my Firewall start trigger IPS alerts, 8 in totals. I see a specific WAN IP address in the rapport i want to completely block. I have read couple older disscution but nothing fully help me. I have already do this firewall rule: …
    • 9 months ago
    • Sophos Firewall
    • Discussions
  • port Forwarding not working in sophos XG135

    Shabeer K
    Shabeer K
    Dear Sophos Support Team XG135 sophos firewall port forwarding not working properly on our customer ..he has remote access on IPPBX branch..how can i solve this issue
    • Answered
    • 10 months ago
    • Sophos Firewall
    • Discussions
  • Need help portforwarding to strongswan IKEv2 vpn server

    Teererai Marange
    Teererai Marange
    I have an IKEV2 vpn server with internal IP 10.83.185.200. I am attempting to portforward traffic from my WAN port to to LAN port. For some reason, I am able to access the vpn server from the LAN side using my public IP. However, when I attempt to access…
    • 10 months ago
    • Sophos Firewall
    • Discussions
  • I want to configure my external IP to access internal Web server IP

    Meet Gajjar
    Meet Gajjar
    I want to configure my external IP to access internal Web server IP
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • Issues with VPN Connection and Firewall Port Forwarding after XGS2300 Firmware Update

    New Chennai Township Pvt Ltd NCTPL
    New Chennai Township Pvt Ltd NCTPL
    Hi team, I wanted to bring to your attention some issues we've encountered following a recent firmware update on our XGS2300 device. After the update, we are experiencing difficulties with the VPN connection—it is not working as expected. Additionally…
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • Unable to access to internal server web from outside through DNAT firewall rule

    Rachid MAZOUZI
    Rachid MAZOUZI
    Hello Please be informed that i have an ERP which is accessible locally "LAN" but when i tried to access from outside im not able to, however i set up a DNAT rule please find below the screenshot it is in french language i set up port forwarder on the…
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • Port forward keeps failing after sometime

    Ahmed Mohsen
    Ahmed Mohsen
    I've created a firewall rule & NAT rule to forward port 5555 to my local server ssh server and it was working perfectly -for sometime- but it keeps failing now and i can't access, after scanning port it keeps saying that it's closed? I recreated the…
    • Answered
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • Bug in Server access assistant [DNAT]

    midnightSun
    midnightSun
    Simple test using PING Create a server on local LAN using SAA and ping to it from an outside network. (Default rules wont reply). Steps taken Add an alias to WAN with a 2nd public facing IP. - Mine (Port2:0) Ran the Server access assistant. …
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • First time user looking to switch from another product due to it being sold and stripped

    midnightSun
    midnightSun
    Sophos Firewall is NOT very intuitive so far. Nothing inbound works...but the default rules to let everything outbound does. So figured id ask the community. I've reverted to the simplest test I can think of....Port forward ICMP from WAN to a LAN workstation…
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • XG v19.5 IPv6 DNAT not Working? See Below (src-ip = dst-trans-ip)

    Brian Thill
    Brian Thill
    2023-11-28 21:19:50Firewallmessageid="00001" log_type="Firewall" log_component="Firewall Rule" log_subtype="Allowed" status="Allow" con_duration="134" fw_rule_id="62" fw_rule_name="DNAT to Spiderman (IPv6)" fw_rule_section="Local rule" nat_rule_id="4…
    • Answered
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • Allow IPSec from certain endpoints, deny the rest

    Jack Valko
    Jack Valko
    I understand I need to create a blackhole DNAT to block inbound IPSec traffic. What I also need to do is allow a few endpoints to establish a tunnel. To me, this means I need two NAT rules -- one to passthru legit IPSec and the other to blackhole. I…
    • Answered
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • NAT Rule not working

    Sarabjit Singh
    Sarabjit Singh
    NAT rule is not working. Tried both ways (DNAT / Firewall+NAT Rule). My WAN interface named BSNL and LAN interface is on Port #8..
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • try to open port to CCTV

    Miguel Monteiro
    Miguel Monteiro
    Hello guys, Im struggling on this case: I want to open port ( 37777/tcp ) to get acess CCTV from exterior like a phone, tablet or computer. This acess is from Public IP ( WAN ) so i create the service ( print1 ) After that i create firewall…
    • Answered
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • DNAT rule only works for http

    Roman Ranzmaier
    Roman Ranzmaier
    Hi I finally setup my sophos XG 106 I have a WAN/LAN/DMZ and WiFi Zone. WAN use PPPoe Passthrough In the DMZ zone I'm currently running an docker host with some container. I created a DNAT rule to access one of the container running on Port…
    • Answered
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • Struggling to connect to CCTV system from the WAN

    Werner Smit
    Werner Smit
    Good Day, Could anyone assist me? I have created a VLAN for CCTV to sperate from the company network. Want to allow the CCTV to be connecting from the WAN Port from our ISP to use the Public IP so that we can monitor the CCTV remotely without VPN…
    • Answered
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • 3CX Full Cone error

    LeeShellard
    LeeShellard
    Hi I have a XG and im trying to get 3CX working correctly. I have nat and firewall rules set but when i run a test from 3cx I'm getting the full cone error i cant see what I'm missing
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • XGS136 not able to timely process inbound emails to distribution group

    Jeff Vandervoort
    Jeff Vandervoort
    XGS136/ SFOS 19.5.2 MR-2-Build624 DNAT rule for on-prem mail server does NOT have email scanning turned on. Microsoft 365 Exchange Online Protection (EOP) is the spam filter. When I send an email to a distribution list of about 35 members from an…
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • Can't ping after DNAT

    Miguel Monteiro
    Miguel Monteiro
    Hello! I got IPSec Tunel between this two networks: 192.168.5.0 192.168.38.0 On this network ( 192.168.5.0 ) i got 3 Servers one of them is 192.168.5.2 and i can ping everything between this networks. If i create DNAT of this server…
    • Answered
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • Help with port forward rule for accessing application outside network

    George Burnite
    George Burnite
    We have an application running on a machine that has the ability to be connected through outside networks through port 47808. As I have had no luck I have made the rule as open as possible with no luck. The firewall rule has Source Zone and Source Network…
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • How to point my web server domain in sophos firewall?

    Ling Zhong Li
    Ling Zhong Li
    I have using third party DNS provided to point my web server domain to specify public IP. Currently, all setting is in Peplink and i want to remove it. When remove Peplink and direct plug my internet line to sophos, I cannot access my web server from…
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • Could not perform DNAT on more than 255 IP Addresses

    Rajesh Reddy
    Rajesh Reddy
    I am trying to translate destination addresses from 192.168.0.0/16 network to 172.16.0.0/16 network with one-to-one natting. I am getting an error saying "Protected application server on IPV4 cannot be bound with non-HTTP-based policy with IP range more…
    • Answered
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • Sophos XG, Mail Protection, multiple external IP addresses and DNAT. Mail Protection listens on all WAN IPs we need it only on 1.

    wolfman1
    wolfman1
    Dear Sophos Community, we are facing the following situation: - 2 WAN IP addresses - 2 Interfaces each holding one of those IPs - we need one WAN IP address on the Mail Protection feature (incoming mail from the Internet) - we need the 2. WAN…
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • XGS2100 Plex PFW

    Sophos User6061
    Sophos User6061
    Hi There, Recently switched over from a Draytek that had very basic PFW functionality and I've managed to get everything else working for my internal VOIP phone, but unable to get my plex port forwarding to work. For context, I use unraid to host…
    • Answered
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • View related content throughout Sophos Firewall
  • More
  • Cancel
<>