• if my theory is correct...

    B.R.O.
    B.R.O.
    I feel like laughing like Tom Hanks in the movie The Money Pit when his bathtub feel through the floor. Tom Hanks - Laughing Because of Asymmetric routing, I had to enter a bypass-stateful rule for My LAN to My Datacenter's LAN, then My Datacenter's…
    • over 7 years ago
    • Sophos Firewall
    • Discussions
  • Asymmetric Routing Question

    B.R.O.
    B.R.O.
    So say you have Asymmetric Routing between Network-A and Network-B so you are testing the XG in bridge mode between each network which are in LAN zone. you configure the XG to bypass-state-firewall-config add source Network-A dest_ Network-B then…
    • Answered
    • over 7 years ago
    • Sophos Firewall
    • Discussions
  • External and Internal BGP is on my old firewall, does XG need to know about them?

    B.R.O.
    B.R.O.
    After more studying the configuration on my sonicwall that I am switching out with a XG 310, I have a question about BGP routing. Based on the information below do I need to do any configuration to BGP routing on the XG? 2 cisco routers are connected…
    • over 7 years ago
    • Sophos Firewall
    • Discussions
  • xg firewall home and nas or any devices on my network

    Daniel C
    Daniel C
    hi everyone ! So i'm testing xg firewall on a virtual machine on my nas. So i configured it this way : * my dsl modem (router, freebox for the one who knows it) in 192.168.1.254 (no dhcp). DMZ : ip of the sophos wan port, 192.168.1.18 *…
    • over 7 years ago
    • Sophos Firewall
    • Discussions
  • NAT through IPSec VPN

    FRANCOIS PONT
    FRANCOIS PONT
    Hello, I'm looking to port forward between two sites through a IPSec VPN We have two sites connected through a IPSEC vpn. WANa WANb ___|____ ___|____ | GW A | =======VPN ===== | GW B | ----------- ------------ | DMZ I've made the…
    • Answered
    • over 7 years ago
    • Sophos Firewall
    • Discussions
  • Install a sophos XG behind XG firewall

    Iffi
    Iffi
    Hi, We have XG230 with 32 public IP address for multiple clients, now we want to install another XG230 for a client and want to user few public IP address from same 32 IP pool. I now we can install XG firewall behind XG firewall with a single public…
    • Answered
    • over 7 years ago
    • Sophos Firewall
    • Discussions
  • NAT based on source port

    FrankBarmentlo
    FrankBarmentlo
    Hello, On my old UTM 9 I had a NAT rule: Source IP: Any source port: 17478 protocol: udp Destination Port: 1024-65535 Destination IP: Sophos WAN Forward to: Internal Server on IP 192.168.x.9 It's a certain application which works.…
    • Answered
    • over 7 years ago
    • Sophos Firewall
    • Discussions
  • current activities for NAT rules

    Geniux
    Geniux
    I have setup multiple NAT rules under the XG Firewall with logging enabled. Is there a way to see current activities from those rules? let's say i want to see which remote IP address is using a lot of bandwidth on an FTP transfer etc.. currently…
    • Answered
    • over 8 years ago
    • Sophos Firewall
    • Discussions
  • Need to do NAT Reflection in the new UI

    Clint Smith
    Clint Smith
    I have found this: https://community.sophos.com/products/xg-firewall/f/network-and-routing/73239/nat-reflection and this: https://community.sophos.com/products/xg-firewall/f/network-and-routing/73615/how-do-you-create-a-loopback-hairpin-nat-to-an…
    • Answered
    • over 8 years ago
    • Sophos Firewall
    • Discussions
  • DNAT - FIREWALL - BUSINESS APPLICATION RULE - ISSUE

    Andrea cHESSA
    Andrea cHESSA
    Hi, I'm new in XG but I've installed Hundreds of Astaro (since V6) and Sophos UTM. In this days I've started to work with XG and this is my question, is this normal? as you can see with the same source IP, destination IP and port, sometimes the…
    • over 8 years ago
    • Sophos Firewall
    • Discussions
  • VPN zwischen XG Firewall und FritzBox hinter NAT bricht regelmäßig ab

    JelkoSeiboth
    JelkoSeiboth
    Hallo zusammen, nachdem ich nach langem herrumprobieren die Verbindung zwischen unserer XG Firewall und einer FritzBox LTE an unserer Außenstelle hergestellt habe, bricht die Verbindung leider in regelmäßigen Abständen (ca. 2 1/2 Minuten) ab. …
    • over 8 years ago
    • Sophos Firewall
    • Discussions
  • Hair pinning rule in v16 issue

    SimoneMontagnani
    SimoneMontagnani
    Hello all, thank you in advance for your advices, I have some NAT web,ftp,mail Servers everyone with it's own public IP: Server 1 public IP1 -> NAT -> DMZ-Server-IPaddress1 Server 2 public IP2 -> NAT -> DMZ-Server-IPaddress2 Server 3 public…
    • over 8 years ago
    • Sophos Firewall
    • Discussions
  • External DNS Query IssueDNS

    F. JavierLancharro Ramiro
    F. JavierLancharro Ramiro
    Hi, I have a cPanel Server with Bind Name Server behind the firewall with many hosting domains inside, websites, emails, ftp, etc. All services work correctly doing NAT with the required ports. The only problem is the DNS server (BIND). I do NAT of…
    • over 8 years ago
    • Sophos Firewall
    • Discussions
  • RE: Internal DNS issues

    F. JavierLancharro Ramiro
    F. JavierLancharro Ramiro
    We have a very big problem... i need pass the DNS Queries to my internal Nameserver (ns2.ardanet-systems.com) i tryed anything but i can't get this. The queries can't pass WAN... This is because i has behind the XG a Webhosting (cPanel & Nameserver…
    • over 8 years ago
    • Sophos Firewall
    • Discussions
  • VLAN N/A not connected Help

    lenyick
    lenyick
    Cisco small business L3 switch Sophos XG fresh new install with default setup rules Do anyone have vlan working on XG that can show me how they have it setup and what settings i might have to change on the xg to get it working. I am unable to get vlan…
    • Answered
    • over 8 years ago
    • Sophos Firewall
    • Discussions
  • SIP server on DMZ - how to set up working rules

    MichalBorkowski
    MichalBorkowski
    Hi. I think I need assistance to understand fully the way how firewall and routing/forwarding is working in XG. I have a question related to SIP server in DMZ. So - to describe: I have 3 ports: 1: WAN(bridge - public IP), 2: LAN (192.168.2.x)…
    • over 8 years ago
    • Sophos Firewall
    • Discussions
  • Port Forwarding with multiple WAN links

    TomEng
    TomEng
    Hi there, I have a network that uses multiple WAN links to connect to the internet. Link speeds (and data costs) vary meaning certain subnets are allocated individual WAN Links. All links are active but there is no load balancing between them: traffic…
    • Answered
    • over 8 years ago
    • Sophos Firewall
    • Discussions
  • Unable to connect Cisco IPSec. Sophos is behind another router.

    Justind'Entremont
    Justind'Entremont
    So I'm trying to connect to Sophos VPN using Cisco IPSec from an iPhone. The Sophos box is behind another router, and thus the public IP of the WAN interface of the Sophos box is actually a private IP. This causes me 2 problems: a.) When I download…
    • over 8 years ago
    • Sophos Firewall
    • Discussions
  • VPN Loopback on WAN IP

    SimonBuckmaster
    SimonBuckmaster
    I have set up a DMZ zone for our wifi access points to allow visitors access to the web. I would like our wireless users to be in this DMZ zone by default and then to VPN in to the XG for LAN zone access. I would like to have a single VPN connection…
    • over 8 years ago
    • Sophos Firewall
    • Discussions
  • 1-to-1 NAT with a custom zone and device directly attached to Sophos appliance

    ZaneDonaldson
    ZaneDonaldson
    All, here is my setup and what I am trying to accomplish. I have a server plugged directly into port 5 on my Sophos. the Sophos port address is 192.168.220.1. the server address is 192.168.220.2 I have created a zone for this server and placed the…
    • Answered
    • over 8 years ago
    • Sophos Firewall
    • Discussions
  • Barracuda behind Sophos XG

    DaveLe
    DaveLe
    We deployed our Barracuda spam filter behind the XG firewall. It appears that all mail traffic is being fwd to the barracuda device. We are trying to get the Barracuda device Internet facing. We must be missing something? Mail is flowing to and from the…
    • Answered
    • over 8 years ago
    • Sophos Firewall
    • Discussions
  • WAN -> LAN Keeping Firewall IP

    ArnaudCouturier
    ArnaudCouturier
    Hello, I'm a new user so maybe I doing something wrong but actually all my rules work, the only thing is after nat packet to the application the sourceIP the application see is wrong because it show the local ip for the firewall. USER(91.10.10.10…
    • over 8 years ago
    • Sophos Firewall
    • Discussions
  • What is Proxied, Via: HTTP/1.1 sophos.http.proxy:3128

    MikeSampson
    MikeSampson
    I am troubleshooting the streaming issue with HTTP malware scanning enabled and noticed this which I do not see in UTM 9. Still need to keep HTTP malware checks off when using XG. Testing before I switch from UTM 9 to XG. On UTM 9 I do not see the proxy…
    • over 8 years ago
    • Sophos Firewall
    • Discussions
  • Problem on nat before ipsec.

    SupportoTomware
    SupportoTomware
    I got an overlapping subnet between to company, I should able to do a NAT 1-1 pre IPSEC, I just need to be pointed on right direction
    • over 8 years ago
    • Sophos Firewall
    • Discussions
  • RE: WAF changing public IP to local interface IP

    PravashPanda
    PravashPanda
    Thanks a lot ewadie!! We implemented the X-Forwarded-For header in our application and it was able to get the clientip. But somehow the X-Forwarded-For is not working in the apache webserver. Below are the options we tried and it didn't work in apache…
    • over 8 years ago
    • Sophos Firewall
    • Discussions
  • View related content throughout Sophos Firewall
  • More
  • Cancel
<>