• Sophos XG Interface Aliases Do Not Receive Traffic

    Chris Carter1
    Chris Carter1
    I have installed Sophos XG SFOS 17.0.5 MR-5 on a PC. I have set up several DNAT Business Rules for the WAN interface's default IP address. However, none of the DNAT rules for the interfaces's alias receive traffic. I have followed the information included…
    • over 6 years ago
    • Sophos Firewall
    • Discussions
  • NATing and Firewall Rules

    drkdragonarcher
    drkdragonarcher
    I recently switched from UTM to XG and I'm having trouble figuring this out. I understand how to create the DNAT rule. On UTM I had created the the 1:1 NAT and then used regular firewall rules to control who could hit what ports. After adding a DNAT Business…
    • Answered
    • over 6 years ago
    • Sophos Firewall
    • Discussions
  • Explanation or guide on reflexive rule

    Massimiliano Busano
    Massimiliano Busano
    Hello Guys! I can not find any guide explaining exactly how the "reflexive rule" in the "Business Application Rule" works. If there is already a "lan to wan" or "dmz to wan" rule that authorizes all outgoing traffic to the Internet, what is the…
    • over 6 years ago
    • Sophos Firewall
    • Discussions
  • 2 subnets 1 network

    James Ridings
    James Ridings
    Problem, I currently am using a Sonic Wall TZ200 with a subnet of /23. I assigned ALL IP address's manually to every machine/device and ALL switches or unmanaged. I am moving from the TZ200 to a XG210. My problem is I am running out of IP address's on…
    • over 6 years ago
    • Sophos Firewall
    • Discussions
  • Experiences with v17 XG Setup Wizard

    Dean Hammond
    Dean Hammond
    I just received an XG125 and am configuring it in a lab environment. I hope to achieve the following high-level configuration. 1) Port 1 - LAN, call it LAN A, with 192.168.25.x address space. Use a firewall DHCP in lab but an external DHCP server in…
    • over 7 years ago
    • Sophos Firewall
    • Discussions
  • SG17, help with setting inbound port translation as a part of a DNAT?

    Lyndon Hall
    Lyndon Hall
    I'm not sure what I'm doing wrong or if this is a bug in SG17. I am trying to nat an inbound destination ip and port from the WAN address and WAN port to an internal server and a different port. eg. Before DNAT: src IP: ANY src tcp port: ANY…
    • Answered
    • over 7 years ago
    • Sophos Firewall
    • Discussions
  • No rule for Wan to Lan

    CEBU_XG
    CEBU_XG
    Hi, We are having problem transferring calls from AU to PH but PH to AU can transfer call. I tried to packet captured it and it showing me "status=incoming" but "rule=0" for the source IP= (which is the VOIP server) to Dest IP= (our isp) Do I have to…
    • over 7 years ago
    • Sophos Firewall
    • Discussions
  • Is it possible to forward traffic to specific interface?

    John Henry Vindas Carballo
    John Henry Vindas Carballo
    Hi, We're creating a DNAT rule to forward the traffic from a public IP that is configured as an Alias in the Port8 of our XG firewall. All the traffic that enters the Port8 will be forwarded to Port7 that have the 172.16.16.1/24 IP. As you know…
    • Answered
    • over 7 years ago
    • Sophos Firewall
    • Discussions
  • 2x Emailserver DNAT

    Thomas Fricke
    Thomas Fricke
    Hallo, Ich habe folgendes Problem. Ich betreibe 2x Exchange Server mit unterschiedlichen domains. Dafür habe ich 2x DNAT-Regeln eingerichtet: DNAT Verkehrskennzeichner: Any → SMTP → WAN [Domain1 (x.x.x.106)] (Address) Zielübersetzung: Exchange1 →…
    • over 7 years ago
    • Sophos Firewall
    • Discussions
  • DNAT im internen Netzwerk

    TheJ0ker
    TheJ0ker
    Hallo Zusammen, ich versuche gerade einen Navision-Server erreichbar zu machen. Interne Adresse: 192.168.100.178:8080/.../ Auf dem Webserver habe ich die Default Site auf diese URL umgeleitet. Der Dienst soll über nav.Domain.de erreichbar sein. …
    • Answered
    • over 7 years ago
    • Sophos Firewall
    • Discussions
  • Publishing internal web server app to internet without vpn

    lara20
    lara20
    Greetings. We have an internal web server running on the lan. End users using click to run technology install the application on the users pc. The programs works alright for people on the lan as well through ssl vpn. Now i have had a request come through…
    • Answered
    • over 7 years ago
    • Sophos Firewall
    • Discussions
  • XG in MTA Mode with multiple WAN IPs

    Gary K
    Gary K
    Here's my issue. I'm running in MTA mode and have 3 ISPs with multiple WAN IPs on each. I'll use one for this example. My WAN Range is x.x.x.210 (interface IP) through x.x.x.214 (Alias) My MX record is pointing to .214 which is an alias. The MTA…
    • Answered
    • over 7 years ago
    • Sophos Firewall
    • Discussions
  • 3CX Port Forwarding Issue

    Shane Cook
    Shane Cook
    Hi Guys, We use a 3CX Phone system with a SIP Trunk. We are experiencing issues where calls make it through to the system maybe 3/5 times successfully then other times the call wont even make it to the 3CX server (No entries in call log) or the call…
    • over 7 years ago
    • Sophos Firewall
    • Discussions
  • Port forward to web server

    peter zaher
    peter zaher
    I have Website published on IIS as http on port 8888. I added it as Web Server and created business role add authentication method. I can access the website on new port 8887 from Lan, when i tried to access the website using Public ip from wan didn…
    • over 7 years ago
    • Sophos Firewall
    • Discussions
  • Allowing RDP to internal server.

    John Henry Vindas Carballo
    John Henry Vindas Carballo
    Hi all, I want to allow RDP to a single server in our LAN zone but I'm not entirely sure if the rule I'm creating it's ok or not. So I hope you guys can give me a hand with this. - Eth1 it's our WAN interface. - When I have to use " Rewrite source…
    • Answered
    • over 7 years ago
    • Sophos Firewall
    • Discussions
  • Business Application Rule - must select an IP Range for Protected Server(s) / dnat ntp

    CyberA
    CyberA
    I'm having trouble setting an IP range for an internal DNAT rule to redirect NTP (UDP/123) traffic destined for the WAN to an internal server in LAN. A single IP entry works but I want the rule to catch <ANY> destination IP heading to the WAN interface…
    • over 7 years ago
    • Sophos Firewall
    • Discussions
  • External DNS Query IssueDNS

    F. JavierLancharro Ramiro
    F. JavierLancharro Ramiro
    Hi, I have a cPanel Server with Bind Name Server behind the firewall with many hosting domains inside, websites, emails, ftp, etc. All services work correctly doing NAT with the required ports. The only problem is the DNS server (BIND). I do NAT of…
    • over 8 years ago
    • Sophos Firewall
    • Discussions
  • RE: Internal DNS issues

    F. JavierLancharro Ramiro
    F. JavierLancharro Ramiro
    We have a very big problem... i need pass the DNS Queries to my internal Nameserver (ns2.ardanet-systems.com) i tryed anything but i can't get this. The queries can't pass WAN... This is because i has behind the XG a Webhosting (cPanel & Nameserver…
    • over 8 years ago
    • Sophos Firewall
    • Discussions
  • Layer 3 MPLS VLan routing

    sanjayyadav
    sanjayyadav
    Hi There, I have two sites which are having Data Port of MPLS Layer 3 Vlan. Site A: VLAN : 192.168.10.0 /24 site B Vlan : 192.168.11.0 /24 so the Goal is to connnect from Site B to Site A Network for FTP Services. IN SITE A: I have Created…
    • over 8 years ago
    • Sophos Firewall
    • Discussions
  • Problem on nat before ipsec.

    SupportoTomware
    SupportoTomware
    I got an overlapping subnet between to company, I should able to do a NAT 1-1 pre IPSEC, I just need to be pointed on right direction
    • over 8 years ago
    • Sophos Firewall
    • Discussions
  • WAF changing public IP to local interface IP

    PravashPanda
    PravashPanda
    Hello, We have setup WAF for our internal webserver hosting a site. We see that any public user IP accessing our site is being changed to the local interface ip going through the WAF. This changed local ip is seen in our webserver access logs. There…
    • Answered
    • over 8 years ago
    • Sophos Firewall
    • Discussions
  • Port Forwarding, why do some rules work and others not??

    MattClinton
    MattClinton
    Hi, I currently have a Watchguard XTM 22 series with no security bundles, just running in standard Firewall mode. Rules on that are dead easy to setup and just tend to just work. Now the reason for me trying out other software is because I could do…
    • over 8 years ago
    • Sophos Firewall
    • Discussions
  • Port Forwarding Xbox Live Services to Xbox One Results 'Strict NAT'.

    ChrisLynch
    ChrisLynch
    Happy New Year everyone. I have 2 Business Rules setup on my brand new Sophos XG firewall (Firmware 15.01.0): However, when I do various tests on my Xbox One, it always shows as "NAT Type: Strict". The UDP Ports are 88, 500, 3074, 3544…
    • over 8 years ago
    • Sophos Firewall
    • Discussions
  • How do you create a loopback/hairpin NAT to an Interface IP?

    JasonKnott
    JasonKnott
    I am trying to publish multiple services to the Internet. It is working fine using business rules. But, I want to be able to add a loopback/hairpin NAT so that if someone inside the network uses the public IP to access the service they are redirected…
    • Answered
    • over 9 years ago
    • Sophos Firewall
    • Discussions
  • DNAT (destination) in XG LAN>WAN

    JoacimBrandell
    JoacimBrandell
    Within Sophos UTM 9 i previously had a DNAT rule that rewrote the destination adress. Basically it changed the original destination adress to a different destination adress for all outbound traffic coming from a specific internal network adapter. In UTM…
    • over 9 years ago
    • Sophos Firewall
    • Discussions
  • View related content throughout Sophos Firewall
  • More
  • Cancel
<