hi all,
so on our sophos FW i have set up two SD Wans as we have 2 Wans, one for our main network (wan1) and another for our guest network (wan2) as we wanted them separated so there using different public ip addresses
problem is i have a laptop going…
Hello All,
Yesterday my Firewall start trigger IPS alerts, 8 in totals. I see a specific WAN IP address in the rapport i want to completely block. I have read couple older disscution but nothing fully help me. I have already do this firewall rule: …
Dear Sophos Support Team
XG135 sophos firewall port forwarding not working properly on our customer ..he has remote access on IPPBX branch..how can i solve this issue
I have an IKEV2 vpn server with internal IP 10.83.185.200. I am attempting to portforward traffic from my WAN port to to LAN port. For some reason, I am able to access the vpn server from the LAN side using my public IP. However, when I attempt to access…
Hi team,
I wanted to bring to your attention some issues we've encountered following a recent firmware update on our XGS2300 device.
After the update, we are experiencing difficulties with the VPN connection—it is not working as expected. Additionally…
Hello Please be informed that i have an ERP which is accessible locally "LAN" but when i tried to access from outside im not able to, however i set up a DNAT rule please find below the screenshot it is in french language
i set up port forwarder on the…
I've created a firewall rule & NAT rule to forward port 5555 to my local server ssh server and it was working perfectly -for sometime- but it keeps failing now and i can't access, after scanning port it keeps saying that it's closed?
I recreated the…
Simple test using PING
Create a server on local LAN using SAA and ping to it from an outside network. (Default rules wont reply).
Steps taken Add an alias to WAN with a 2nd public facing IP. - Mine (Port2:0)
Ran the Server access assistant.
…
Sophos Firewall is NOT very intuitive so far. Nothing inbound works...but the default rules to let everything outbound does. So figured id ask the community.
I've reverted to the simplest test I can think of....Port forward ICMP from WAN to a LAN workstation…
I understand I need to create a blackhole DNAT to block inbound IPSec traffic. What I also need to do is allow a few endpoints to establish a tunnel. To me, this means I need two NAT rules -- one to passthru legit IPSec and the other to blackhole.
I…
Hello guys,
Im struggling on this case:
I want to open port ( 37777/tcp ) to get acess CCTV from exterior like a phone, tablet or computer. This acess is from Public IP ( WAN ) so i create the service ( print1 )
After that i create firewall…
Hi
I finally setup my sophos XG 106
I have a WAN/LAN/DMZ and WiFi Zone.
WAN use PPPoe Passthrough
In the DMZ zone I'm currently running an docker host with some container.
I created a DNAT rule to access one of the container running on Port…
Good Day,
Could anyone assist me?
I have created a VLAN for CCTV to sperate from the company network. Want to allow the CCTV to be connecting from the WAN Port from our ISP to use the Public IP so that we can monitor the CCTV remotely without VPN…
Hi
I have a XG and im trying to get 3CX working correctly. I have nat and firewall rules set but when i run a test from 3cx I'm getting the full cone error i cant see what I'm missing
XGS136/ SFOS 19.5.2 MR-2-Build624
DNAT rule for on-prem mail server does NOT have email scanning turned on. Microsoft 365 Exchange Online Protection (EOP) is the spam filter.
When I send an email to a distribution list of about 35 members from an…
Hello!
I got IPSec Tunel between this two networks:
192.168.5.0
192.168.38.0
On this network ( 192.168.5.0 ) i got 3 Servers one of them is 192.168.5.2 and i can ping everything between this networks.
If i create DNAT of this server…
We have an application running on a machine that has the ability to be connected through outside networks through port 47808. As I have had no luck I have made the rule as open as possible with no luck. The firewall rule has Source Zone and Source Network…
I have using third party DNS provided to point my web server domain to specify public IP.
Currently, all setting is in Peplink and i want to remove it. When remove Peplink and direct plug my internet line to sophos, I cannot access my web server from…
I am trying to translate destination addresses from 192.168.0.0/16 network to 172.16.0.0/16 network with one-to-one natting. I am getting an error saying "Protected application server on IPV4 cannot be bound with non-HTTP-based policy with IP range more…
Dear Sophos Community,
we are facing the following situation:
- 2 WAN IP addresses
- 2 Interfaces each holding one of those IPs
- we need one WAN IP address on the Mail Protection feature (incoming mail from the Internet)
- we need the 2. WAN…
Hi There,
Recently switched over from a Draytek that had very basic PFW functionality and I've managed to get everything else working for my internal VOIP phone, but unable to get my plex port forwarding to work.
For context, I use unraid to host…