• Classification query

    rfcat_vk
    rfcat_vk
    Hi folks, a question for those who can provide guidance and maybe even answer. The daily report shows various classifications for NTP type traffic. 1/. 2/. 3/. I was reviewing the hairpin NAT configurations and found there were some items…
    • 26 days ago
    • Sophos Firewall
    • Discussions
  • SDWAN and Loopback NAT

    Bart van der Horst
    Bart van der Horst
    Hi, I've got the following case on a customer site: Internal webserver on LAN, needs to be accessed from same or different internal LAN on the external IP, normally I use a loopback NAT rule and this works. Since a few weeks we had to switch to…
    • Answered
    • 1 month ago
    • Sophos Firewall
    • Discussions
  • XGS 3300 wrong Gateway

    Bart van der Horst
    Bart van der Horst
    Hi, I've got the following case: HA XGS3300 Three WAN connectinons P2 ISP 1 P4 ISP 1 P6 ISP 2 P2 and P4 are BGP. P6 is stand alone. All internet connections are working. When configuring SNAT and or SD-WAN all traffic for WAN is over…
    • Answered
    • 1 month ago
    • Sophos Firewall
    • Discussions
  • snat multiple gateways

    midnightSun
    midnightSun
    SNAT with multiple WAN gateways isn't working.. WAN Gateway 1 = Port3 - its public with /27 worth of aliases WAN Gateway 2 = Port5 - its public with /28 worth of aliases (IP Host) SNAT with Port3 aliases work for all of the rules I've created…
    • Answered
    • 2 months ago
    • Sophos Firewall
    • Discussions
  • Loopback for Firewall in LAN (behind Home Router)

    kdoberitz
    kdoberitz
    Hi Sophos Community After a lot of trial and error I'm hoping you can help me finding a solution to my scenario: In my home setup I have my wan-interface of the sophos in a transit network. My ISP router forwards any traffic to the sophos. Now…
    • 2 months ago
    • Sophos Firewall
    • Discussions
  • Multiple WAN aliases for outbound traffic

    Andrej Pirman
    Andrej Pirman
    Hi, what would be the proper way to configure different WAN ALIASES for outbound traffic, for example in this manner: LAN users would use WAN Alias 1 for browsing and accessing web LAN2 users would use WAN Alias 2 FreeWiFi users would use WAN…
    • 3 months ago
    • Sophos Firewall
    • Discussions
  • Moving from UTM to SFOS Want to remove NAT

    Nick Gale
    Nick Gale
    Hi Folks, I'm moving from UTM to SFOS. Getting it setup with the basics was all fine but something I've been wanting to try for a while was to remove the masq rules as sophos is my back firewall in a back to back config. I ran into an issue though…
    • 3 months ago
    • Sophos Firewall
    • Discussions
  • NAT over IPSeC Site-to-Site VPN

    Dimitris Roubos
    Dimitris Roubos
    Greetings fellow members, I have 2 networks with 1 sophos firewall each, network A (Public IP/80.80.80.128, Local Network/192.168.20.1/24) and network B (Local Network 192.168.10.1/24). Sophos B XGS107 ( SFOS 19.5.3 MR-3-Build652) Sophos A XG135…
    • Answered
    • 3 months ago
    • Sophos Firewall
    • Discussions
  • XGS loopback doubt

    Christian Garcia N
    Christian Garcia N
    Good morning. I have a problem in identifying which server makes requests to another when the requests arrive to a loopback to access internal servers when pointing to their public ip's. Example: server with ip 192.168.1.20 resolves DNS that points…
    • 3 months ago
    • Sophos Firewall
    • Discussions
  • Assistance Required: Binding Static IP to Local IP Address

    Nasar Aalam
    Nasar Aalam
    static IP 203.122.47.42 on port 84 is showing as closed. We need to bind this static IP to the local IP address 10.0.1.134 . Please assist with this at your earliest convenience. Thank you.
    • 4 months ago
    • Sophos Firewall
    • Discussions
  • New Setup Issues (Fresh Install)

    Bossmanuk
    Bossmanuk
    Hello Everyone, I am a new user of Sophos Firewall for Home, unfortunately I am encountering a few issues. I have managed to get an internet connection on it but I am unable to register it and getting the following error - Can't connect to the registration…
    • Answered
    • 4 months ago
    • Sophos Firewall
    • Discussions
  • Linked NAT rule for LAN to LAN traffic?

    Mark Tarrant
    Mark Tarrant
    Hello all, I have inherited a firewall that has linked NAT rules for LAN to LAN type rules. Is there any need for them (I don't think so as really only required for LAN to WAN), and would it hurt anything if I just left the NAT rules? Thanks.
    • Answered
    • 4 months ago
    • Sophos Firewall
    • Discussions
  • Add subnets to NAT with policy-based IPsec when local and remote subnets are the same

    Mark Tarrant
    Mark Tarrant
    Hello all, I have a situation with a IPsec VPN setup between two sites that have subnets that are the same. I followed these instructions and it worked ok; NAT with route-based IPsec when local and remote subnets are the same - Sophos Firewall However…
    • Answered
    • 5 months ago
    • Sophos Firewall
    • Discussions
  • Replaced firewall with xgs 2300 - video server playback not working

    johnm_19
    johnm_19
    We recently replaced all our xg230 with xgs 2300 firewalls. Geovision Video server is on a dmz with port forward rule and NAT rule. Remote playback and viewlog you can't connect to them. Live view works fine. Other sites no issues. Firewalls are setup…
    • 5 months ago
    • Sophos Firewall
    • Discussions
  • Converting iptables to NAT rule

    woter324
    woter324
    Hi, I have been given an iptables command and I would like to create the same rule on my XG. Could anyone confirm if I have "translated" the rule correctly, please? iptables -t nat -I PREROUTING -s 10.100.20.19 -d www.riscocloud.com -p tcp --dport…
    • 6 months ago
    • Sophos Firewall
    • Discussions
  • Access to the local subnet from the WAN interface (NAT RULE?)

    Matteo Frati
    Matteo Frati
    Hello everyone! I have 2 SOPHOS firewalls in two different buildings, connected by Long Range Aerials (point to point). FIREWALL 1 is configured like this: LAN 192.168.122.X (Aerial 1 is part of this DHCP pool) WAN public IPs (static) then…
    • Answered
    • 6 months ago
    • Sophos Firewall
    • Discussions
  • Device on BO side of IPSec Site-to-site unable to ping HO side

    Werner van Niekerk
    Werner van Niekerk
    I have a scenario and trying to set something up for the interim. In essence, the requirement is to get an APP server at location A to connect to DB server in location B. The main issue with this is that both locations have the same subnet (E.g 172…
    • Answered
    • 7 months ago
    • Sophos Firewall
    • Discussions
  • NAT Rule appears not to be going through VPN

    Sophos User6134
    Sophos User6134
    Hi, Any advice would be appreciated for the following please. We have a number of devices that have been configured to communicate with an internal server by IP address. This server is now being migrated to the cloud on a unique subnet. We are not…
    • Answered
    • 7 months ago
    • Sophos Firewall
    • Discussions
  • How do i link a NAT rule to a firewall rule?

    Tomas Z
    Tomas Z
    I created a new rule which allows traffic originating from VPN subnet to the external IP address. I verified in the logs that the traffic passes by unobstructed. Also verified in SSL VPN settings that the particular VPN profile contains that IP address…
    • Answered
    • 8 months ago
    • Sophos Firewall
    • Discussions
  • Sophos XGS chnage outgoing WAN Address

    admin_idl
    admin_idl
    Hello, We use several networks and several public IP addresses, which are stored as aliases on the WAN interface. How do I configure the NAT rule so that, for example, the public IP address xxx.xxx.xxx.xxx is used for network A and the address yyy.yyy…
    • 9 months ago
    • Sophos Firewall
    • Discussions
  • Rule change not applied unless restart.

    midnightSun
    midnightSun
    I'm having to restart this system to get Firewall / NAT rules enforced when changes are applied. This seems to happen with quite a few people in the community. I've found sometimes disabling the firewall rule that feeds a NAT rule loads the additions…
    • Answered
    • 9 months ago
    • Sophos Firewall
    • Discussions
  • Sophos XGS 3100 LAN to LAN using NAT

    sbay
    sbay
    Today we want to replace our old UTM with an XGS 3100 cluster. In advance, we had created rules manually. But we were only able to test it today. We have a LAN port 1 (192.168.2.0/24) and a 2nd LAN on port 7 (192.168.201.0/24) When I access 192.168…
    • Answered
    • 10 months ago
    • Sophos Firewall
    • Discussions
  • Sophos XG115 F/W v19.5 : Opening a range of ports

    Chandrashekhar Dahale
    Chandrashekhar Dahale
    I have a Sophos Firewall XG115 with Firmware revision 19.5 I am trying to open ports associated with a LAN Host , using DNAT assistant. There is a range of ports to be opened ports 40,000 to 60,000. I have created a service with ports 1:65535 mapped…
    • 10 months ago
    • Sophos Firewall
    • Discussions
  • No internet access in WIFI

    BenjaminGutberlet
    BenjaminGutberlet
    Hello community, we are using a Sophos XG 310 for quite some years now. Since the beginning we had two WIFI's configured. One with Bridge to AP LAN and one as Separate Zone with Hotspot system. I never had to create a special firewall rule to get…
    • 11 months ago
    • Sophos Firewall
    • Discussions
  • separate Company HomeOffice from internal Network

    mm_sophos2022
    mm_sophos2022
    I have to seperate two networks using the same LAN Interface running XG in natest version with 1 phyiscal NIC bound to LAN and 1 physical nic bound to wan. The need is that there is no access form Private Network IPs to Company Network IPs and Vice Versa…
    • 11 months ago
    • Sophos Firewall
    • Discussions
  • View related content throughout Sophos Firewall
  • More
  • Cancel
>