• After changing the interface, the rule setting must be turned off and then turned on for normal operation

    hyun jin
    hyun jin
    The equipment that connects to the top or bottom of the firewall has changed. At this time, the snat or dnat policy set on the device is not applied. You have to turn off the policy and then turn it on for it to work properly. XG430 (SFOS 17.0…
    • over 2 years ago
    • Sophos Firewall
    • Discussions
  • TWO gateway internet

    Fadi_Hamamdeh
    Fadi_Hamamdeh
    Dears, I Have firewall SOPOHS XG230. I have two gateway to internet. when do rule LAN to WAN and select nat rule MASQ to access intenet. I want change internet gateway for some LAN's IP, how i can do it? some LAN access intenet from GW1 …
    • over 2 years ago
    • Sophos Firewall
    • Discussions
  • Sometimes NAT matters and sometimes it doesn't; I can't quite understand why I need it sometimes

    Anthony Bevelacqua
    Anthony Bevelacqua
    I am not sure if I always need NAT. Sometimes I do and sometimes I don't. My latest issue was two VLAN networks hanging off the LAN interface of the Sophos XG. I had the correct firewall rules in place but I couldn't get traffic to flow until I created…
    • over 2 years ago
    • Sophos Firewall
    • Discussions
  • PPPOE with Framed route

    Marco Camacho2
    Marco Camacho2
    Hi PPPOE is done on the XG and from ISP provides 10.222.250.5/32. We have a 213.150.X.X/29 from the ISP routed via 10.222.250.5. LAN has internet and DNAT works PAT works that's all good. How to register the sophos and add licenses because the…
    • over 2 years ago
    • Sophos Firewall
    • Discussions
  • IPSEC TUNNELS AND SNAT RULES

    neildonaldson
    neildonaldson
    hi with UTM we had site to site tunnels and SNAT rules on the sophos side i was able to create an snat rule with severanl networks and hosts from our side and say sned them all down the tunnel behind 1 ip address in the range defined in the tunnel…
    • over 2 years ago
    • Sophos Firewall
    • Discussions
  • AWS HA (Active-Passive) deployment NAT

    neild1
    neild1
    I have deployed an Active-Passive XG Firewall setup in AWS following the proper guide and have full routing and sorted out the health check on the load balancer for incoming services. One issue I am having is the incoming traffic is being NAT'd to the…
    • over 2 years ago
    • Sophos Firewall
    • Discussions
  • IPSEC to IPSEC Tunnel - Subnetting NAT Problem/Question

    Patrick Merkel
    Patrick Merkel
    Hello Guys, i have a brain lag with following situation, I have a IPSEC to IPSEC (Site to Site) connection. The other side need to connect or need access to our local ip adress 192.168.100.253. But they cant use this local subnet, because…
    • over 2 years ago
    • Sophos Firewall
    • Discussions
  • Sophos XG: S2S IPSec (policy based) - NAT between tunnels

    Alie2n
    Alie2n
    Hi, I'm pretty sure that this question was already answered by someone, but I cannot find the answer in the forum or the knowledgbase. Please bear with me... To my question... I configured two policy based ipsec tunnels: Site C <10.3.0.0/24 = 192…
    • Answered
    • over 2 years ago
    • Sophos Firewall
    • Discussions
  • IPSEC-S2S VPN-LAN requires MASQ in NAT

    Manish Chawda
    Manish Chawda
    Hi, I have a question as to why IPSEC - Site to Site VPN Rule (VPN-LAN) in NAT requires MASQ in Translated Source(SNAT) Kindly advise Manish
    • Answered
    • over 2 years ago
    • Sophos Firewall
    • Discussions
  • NAT and SD WAN

    RyanHosiassohn
    RyanHosiassohn
    Hey All, I was kinda wondering, I Sophos V17 you could select the NAT on the FW rule itself and that that's the route it would take But now in V18 its separated, If you have one link can you add NAT rules on its own with no SD WAN routing would…
    • over 2 years ago
    • Sophos Firewall
    • Discussions
  • NAT or SD WAN Policy Routing

    nidz
    nidz
    HI, We have 3 ISP(ISP1, ISP2 and ISP3) connected to our firewall in our HQ. In our HQ we have at least 5 subnets. My question is can i let some subnet to utilize only ISP2 for internet, not just internet but fully utilize the link. The other link i…
    • Answered
    • over 2 years ago
    • Sophos Firewall
    • Discussions
  • Translated Local Network over site to site vpn

    Grant McNicol
    Grant McNicol
    Hi, We have a head office site that connects to a 3rd party over a site to site vpn for a service that they offer. Their requirements are quite specific on the set up of the site to site vpn for subnets and translation. Details are: Office LAN…
    • over 2 years ago
    • Sophos Firewall
    • Discussions
  • Traffic getting Source Natted for directly connected interfaces

    Manu_Mathew
    Manu_Mathew
    Hello, I guess its basics, however cannot understand why traffic for directly connected interfaces are getting source natted by wan public ip. Set up is Sophos XG firewalls connected directly via HA DMZ interface and have assigned 10.238.238.0/30…
    • over 2 years ago
    • Sophos Firewall
    • Discussions
  • Change Migrated NAT Rule

    DAENG
    DAENG
    Hello, I would like to change the Load Balling in my Firwall rule which has a migrated NAT rule. In the NAT rule I cant ch age anything. How can I chnage this? Thank you!
    • over 2 years ago
    • Sophos Firewall
    • Discussions
  • Problem with NAT loopback

    ChriZathens
    ChriZathens
    Hello guys! I would appreciate your help. I installed XG (long time Home user of the UTM), latest version as of today (SFOS 18.5.2 MR-2-Build380) My problem is that I want to access my cameras and I am creating a rule for the camera specific port…
    • over 2 years ago
    • Sophos Firewall
    • Discussions
  • what's the big difference betwen MASQ and PAT(nat)?

    XG_suupport
    XG_suupport
    Hello, I read what MASQ is doing and it sounds like PAT to me. Is there any difference between MASQ and PAT? Because hiding inside network or device? PAT does the same thing. Thank you.
    • over 2 years ago
    • Sophos Firewall
    • Discussions
  • Public IP to Hostname

    Jonathan Nali
    Jonathan Nali
    Hi Team, How do I NAT or PAT to a hostname instead of an ip address? #Nali
    • over 2 years ago
    • Sophos Firewall
    • Discussions
  • MASQ and NAT sophos xg 18.1

    Magy
    Magy
    Nat issue
    • over 2 years ago
    • Sophos Firewall
    • Discussions
  • DMZ Without Masquerade?

    Kelvin Klein
    Kelvin Klein
    Hello. We have Wi-fi -> Access Point -> Router -> Sophos FW. I just want to know is it possible to use DMZ without Masquerading? Because we need to actually control what kind of content each of the users access using the Sophos. As you guys…
    • over 3 years ago
    • Sophos Firewall
    • Discussions
  • How to create a Migrated IPv4 SD-WAN policy route

    Remon@MS
    Remon@MS
    SOPHOS XG 125 How to create a Migrated IPv4 SD-WAN policy route and show it in the SD-WAN policy routing, and please answer with pictures .. Thank you
    • over 3 years ago
    • Sophos Firewall
    • Discussions
  • Help with a Nat between 2 external vpn.

    GianM
    GianM
    Hello, I have this situation: Our network: ip 10.10.10.0/24 External parter A: ip 10.20.20.0/24 (managed on another firewall different from Sophos) External Partnet B: ip 10.20.20.0/24 (same ip of partner A). I have a vpn working with B and I…
    • over 3 years ago
    • Sophos Firewall
    • Discussions
  • 2 networks

    James Ridings1
    James Ridings1
    I need 2 networks to talk with each other using 1 ip address. The 2 sites are physically connected with a Metro E (Dark fiber), this connection is a dedicated fiber between the 2 sites. Each site has its own network. Site A has the IP’s that Site B needs…
    • over 3 years ago
    • Sophos Firewall
    • Discussions
  • Sophos XG NAT Policy

    bigneo7
    bigneo7
    Hello, How to create this UTM NAT rule in XG firewall? Rule type: SNAT For traffic from: LAN1 Using Service: Any Going to: LAN2 (Network) Change the source to : LAN2 (Address) Change the service to: <blank> Thanks in advanced
    • over 3 years ago
    • Sophos Firewall
    • Discussions
  • NATed IPSec Connection question

    OlvrKl
    OlvrKl
    Hi Community, I have the following question. I created a Policy Based Site2Site VPN Tunnel between two Sites on an Sophos XG Firewall Appliance (Site A). I do not have control over the remote location (Site B). I have three local subnets on Site A…
    • Answered
    • over 3 years ago
    • Sophos Firewall
    • Discussions
  • FIREWALL RULE WITHOUT NAT

    EDP AFRO
    EDP AFRO
    Sir, I have configured PortF1 for WAN Acees, which works perfectly fine with NATTING with our LAN and DMZ network. However I want to ctlreaye SSH acces from a WAN server to Two Serverd placed in DMZ. If my WAN client is 155.48.96.59 and I want to…
    • over 3 years ago
    • Sophos Firewall
    • Discussions
  • View related content throughout Sophos Firewall
  • More
  • Cancel
<>