Hi,
Looking for a bit of help, I have an XG210 firewall in place and need to access a webserver via port 80 on the internal network which listens on port 8040.
Currently, with the rule in place, I can see the webpage appearing slowly with some elements…
Hello,
i accidently click incoming connection to any while setting up Dnat and now i cant access sophos webportal, how can i delete this DNAT rule , is there any way to delete from cli?
Dear Team,
I have looked through similar topics in this community but still was not able to enable RDP port forwarding from external network to a dedicated host within internal network. Please advise on what is configured wrong. I have created a firewall…
Hi,
We would like to get an example configuration for port forwarding with an external port and a different internal port.
For example I would like people to hit my RDP with port number 3356 and forward it to my internal server port rdp (3389…
Hi
spiele mich mit der Home Version und Freigeaben. Ausgangslage
Fritzbox (Einwahl ins Netz) Expost Host auf Sophos .Nat Regel erstellt wie unten . Komme nicht von außen auf den Webserver . Diverse Anleitungen schon versucht, Setup ist Routed.
Jemand…
We have XG310 configured in active-active HA. We are in plan to procure a pool of static IP addresses for our organization. We have three ISPs Internet terminated on the firewall. Can we use our public IP addresses on the Internet of all the ISPs using…
I've a simple configuration on XG86, Just a rule for navigation and a DNAT. If i try to reach the exposed service fails, my log say that fw rule and nat rule is correct but still reach the service. No strange routers or double nats.
Any suggestions…
Hello, I've setup a Minecraft server on one of our computers, and I tried using the wizard in the NAT Rules section. I have been working on this all day and have been reading other posts and nothing seems to work.
Thanks, Yasha.
Needing some help - i've followed every guide and no matter what i cant get it to work.
I have port 1 as my lan connected to my switch serving out IPs including my Plex server 172.16.16.30
Port 2 is my WAN connected directly to the internet cat…
Hi,
I want help in this scenario:
Access from outside to more than one internal server (3 as example ore more) with the same internal port (3389 as example, to access remote desktop for them), in fact I did it by DNat but for one server but not more…
I have a Sophos XG 18.5 VM deployment within a proxmox virtual environment. LAN, WAN, and DMZ are, at this point, all talking and working as expected with the rules I've created. Sophos' ports are actually VMBRs within the VE: vmbr0 to lan, vmbr1 to wan…
Hello,
I created a Countryblock Rule as described here ( https://docs.sophos.com/nsg/sophos-firewall/18.0/Help/en-us/webhelp/onlinehelp/nsg/sfos/tasks/CreateFirewallSecurityRule.html ) but this rule does not match.
My published Webserver must…
I have created a Guest Wifi network on my XG UTM and placed it in a separate Zone and allowed ANY traffic to the WAN. It works fine. But I would like to be able to connect BACK to the WAN port for EXTERNAL access to certain port forwarded servers. Currently…
I have just setup a DNAT rule on an XG running SFOS 18.0.4 MR-4. I created the rule using the Server Access Assistant. I can see traffic being allowed through on the firewall rule that was created but am unable to see the webserver that I have created…
Hi,
I want to configure IPSec remote access on a XG FIREWALL VM v18.0.4 that i am currently using as a smtp gateway for our mail server. I configured IPSec to use the same public address and when i try to connect to the firewall using the sophos connect…
Internally, I can not access the dns address as well as any other site that was published by sophos XG125. What must rule release to be able to access the publications made by sophos through my internal network ???
internal ip : 192.168.1.41
public…
So i have this domain and i need to do port forwarding
from https://sub1.mydomain.com.au to my app01server at port 20443.
So i created an A record that points the https://sub1.mydomain.com.au to my static ip address 14.XXX.XX.XXX.
and now i need…
Good morning all,
I have a single windows DMZ box set up which is hosting a number of different websites, apis etc.
I have one site on that box that I want to restrict by external IP address.
I know in the firewall rules you can restrict by port…
Hi Guys,
I'm using XG with the newest firmware (18.0.4-MR4) and I have a onlyoffice workspace test installation behind it. When I open onlyoffice via private IP or FQDN, it automatically redirects from http to https. So I think it's working as it should…
I found an earlier thread that GeoIP blocking was not working as the system take precedence over firewall rules and therfore are never hit. The Sophos advice was to create a DNAT Blackhole rule to a non existing IP adress.
So I tried creating a DNAT…
Good morning all
I ask myself the question of the interest of the creation of a firewall rule when creating a DNAT rule (PAT).
After my migration from 17.5 to 18, the import of my rules went well. I then needed to access an equipment from the outside…
Here my question:
1. How can I set up SNAT if my public Subnet (3.3.3.0/24) it´s not configure in any interface? It´s possible? Can I create a Loopback interface on XG?
2. Publish my website (DNAT)!
Any idea?
Notes:
- I push my network (3…
Hi, I've been working on a Soiphos XG 125 v18 for the last week to get it production ready, setting up the WAN interfaces (2) and the DNATs and FW rules. I thought I had everything covered, but I'm running into an issue I simply cannot resolve. So if…
My set up at the moment is
ISP 210.250.200.10 => Router 192.168.1.1 => XG WAN interface 192.168.1.55 => DMZ Server 192.168.206.10.
I would like to RDP to my server in DMZ from the internet. The problem i am having is that my XG is not directly connected…