• Server Load Balancing in Sophos XGS SFOS 19.5.3 MR-3-Build652

    Ahmed Naveed
    Ahmed Naveed
    I Want create Rule for Server Load Balancer use for internal LAN in Sophos XGS for Http Traffic .
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • Why it is not possible to add a linked NAT rule to a FW rule?

    Tomas Z
    Tomas Z
    I am creating a new firewall rule and want to add a linked NAT rule to it, but the fields for adding source, destination and other parameters are greyed out: That warning which is visible in the printscreen does not make sense to me - can someone…
    • Answered
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • NAT session limitations on SOPHOS

    Ahmad
    Ahmad
    hi, if i have a firewall with one isp. if i configured port1 as lan and port2 as wAN and configure public ip over it. i configured a Firewall from LAN to WAN, and NAT MASQ rule. then all my users will start going to internet by using port2 IP. my questions…
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • System Traffic NAT

    akonst
    akonst
    Dear community I would like to ask a question regarding the system generated traffic. We have founf this article in order to SNAT the system generated traffic: https://support.sophos.com/support/s/article/KB-000035607?language=en_US We have…
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • XGS2100 RED Full NAT

    Rolf Dobrig
    Rolf Dobrig
    Hello, our customer has an XGS 2100 HA installation with currently two REDs. So far it's going very well. Now our customer has taken over three additional locations and would now like to connect these to the internal network with the XGS RED environment…
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • Unabel to NAT Remote access VPN IP to internal network IP

    Werner Smit
    Werner Smit
    Good Day, Am trying to NAT our Remote Access VPN IPs to internal network IP's without making any changes to the Remote Access VPN. I can change the IP assigned by Remote Access to the users when connecting to the Sophos VPN but don't want to change…
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • NAT Remote Access VPN IP to internal IP

    Werner Smit
    Werner Smit
    Good Day, Our Remote Access SSL VPN IP's are on a different subnet. Is there a way I can NAT it to our Internal IP's? Currently they get 10.81.234.x/24 Would like to NAT the IP to 10.0.0.x/16
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • domain based natting in sophos xg firewall

    Thilipan Thanabalan
    Thilipan Thanabalan
    Hello, I only have one public IP address, but I have several domains, such as ui.mw.com, uat.mw.com, and demo.mw.com Similarly, I currently use port forwarding to visit various domains, such as uat.mw.com:7443 and demo.mw.com:6443. It's doing well, however…
    • Answered
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • Security concerns using NAT

    Valerio
    Valerio
    Hi all, We're looking forward to implement a monitoring solution with CheckMK for our customers productions machines. The monitoring server will be on a cloud machine and it will need to access the customers machines through CheckMK TCP port and SNMP…
    • Answered
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • SFOS Import NATRule

    seroal
    seroal
    Hi there, I want to create a NAT Rule using Import/Export Feature. Actually it is not working, when Adapting existing rules. What needs to be done for the import to work? Didn´t find any related threads here... <NATRule transactionid=""> <Name…
    • Answered
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • Use conntrack to clear connections for certain vlan upon wan timeout. Possible?

    Jeff Hoins
    Jeff Hoins
    I've been experiencing intermittent issues with our ISP going down the past month. They've all occurred after hours/overnight, so I believe they were actually making repairs due to damage sustained from a partial building collapse a block away. The connection…
    • Answered
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • configuration of a public ip to second sophos firewall

    Narendra BK
    Narendra BK
    We just got a sophos xgs 87 firewall for my company's branch office. My ISP gave me /30 WAN pool and /29 LAN pool, I configured one of the IPs in /30 pool to WAN port of sophos and ALIAS the IPs of /29 pool which I used for 1:1 NAT is configured. My branch…
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • How could i do a port forward form LAN to LAN?

    Karlos Hernández
    Karlos Hernández
    Hi I already do a DNA for the WAN to LAN, but when i try to do it at LAN to LAN the servers inside the LAN sends the port its blocked, i try a lot of rules of nat, i want to map the port 3306 to the 3310 at one internal server thank you for…
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • NAT Question

    Steve Klassen
    Steve Klassen
    Just a question here. I have a red device in a small office(lets call it 192.168.10.0). That red device is connected to an xgs firewall(firewall 1, 192.168.20.0), and this firewall has a vpn connection to firewall 2(192.168.30.0). The vpn only passes…
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • How to convert my server private ip to public ip while connecting via ssl vpn

    Razif Bahsir
    Razif Bahsir
    Hi, Iam currently setting up a ssl vpn to my server. Connection to server is success. I can ping and RDP. The problem is that for a certain software to run, i need to change my server private ip to the public ip.
    • Answered
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • XG19.5.1 Consistent NAT

    Gareth Hill
    Gareth Hill
    Good afternoon All, I've been asking by our VOIP hosting service to enabled Consistent NAT on our Firewall XG. However I can't find out if that's possible nor how to do it. I have searched, and people mention it being available in V18, but nobody has…
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • nat rule replace destination and masquerade

    Sophos22
    Sophos22
    hello community, i try to reach a device in a subnet A from another subnet B. problem1: the device in subnet A has no route to firewall (only local subnet with firewall). so i have to use masquerade to get reply packets. problem2: i have to use…
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • NAT Traffic (UDP 500/4500) - connection is disturbed and breaks frequently

    JuergenB
    JuergenB
    Hello, we use Microsoft Always On for all Home Office Users. The clients connect to a public IP of our XGS2100. The Firewall uses a symetric Fibre connection (100MBit) from German Telekom. XGS has NAT and forwarding rule to the internal RAS/VPN…
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • [Newbie] How is PAT many-to-many working?

    Manfred Hofer
    Manfred Hofer
    Hi all, sorry for the newbie question. I'm using UTM since decades and now with UTM EOL in 2026, I gave it a shot and tried to migrate to SFOS. Unfortunately it's not as intuative as UTM but I try to move everything over. One problem I encountered…
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • SOPHOS CENTRAL FIREWALL MANAGEMENT

    Irvin Rosario1
    Irvin Rosario1
    Is it possible to create a NAT policy so that it uses the IP address of port #1 (LAN Zone) of the remote device as the MASQ address? We have a client with around 28 remote offices. They are all connected by IPSEC site-to-site but only office LANs are…
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • NAT Rule - mask IP from another subnet

    ITkbr
    ITkbr
    Hi, I ("Rule-Noob") need help with the definition of a NAT rule. We want to communicate with a power storage via Modbus TCP (E3DC storage). On the internal network it all works fine - however the storage drops any communication from another subnet.…
    • Answered
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • Routing Problem on XG19.0.0

    Leonardo Avesani
    Leonardo Avesani
    I have a problem where I am unable to ping google and it somehow seems as the firewall is missing a route back to my client. My client is inside a VLAN (172.16.87.99) and from the traffic below I can see that it correctly routes to the gateway address…
    • Answered
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • Can't get IPsec Site-to-Site Tunnel with NAT to work

    Rene Böhres
    Rene Böhres
    Hello everyone, I can't get an IPsec NAT Site-to_site tunnel to work. I get "IKE message (9C0134C0) retransmission to VPN.GATEWAY.ADRESSE.HERE timed out. Check if the remote gateway is reachable." (i can ping it) we have the following: I try to establish…
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • Strange Firewall rules or something not understood

    Thierry MICHELS
    Thierry MICHELS
    My goal is to install a telephony server in the LAN. This server must be accessible from the internet with a number of protocols here (PRO_Starface). To prepare this I created a NAT rule and a firewall rule to access this server from internet. Just…
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • XG115 Firewall and 1to1 NAT

    Thierry MICHELS
    Thierry MICHELS
    Hi There, I’m new in the Sophos world and I have some trouble configuring 1to1 NAT. My case: XG115 Firewall (XG115 (SFOS 19.0.1 MR-1-Build365), 1 Server in the LAN (no DMZ), 1 public address for this Server. I want to access my Server from Internet…
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • View related content throughout Sophos Firewall
  • More
  • Cancel
<>