Hello all, I have inherited a firewall that has linked NAT rules for LAN to LAN type rules. Is there any need for them (I don't think so as really only required for LAN to WAN), and would it hurt anything if I just left the NAT rules? Thanks.

Hi, Is it possible that an XG125 Firewall can block programs and TCP/UDP ports for network traffic between a Windows Server and client computers within the same LAN? I know the firewall can block traffic between the LAN and the internet but my question…

Sophos XGS 2300 running 20.0.1 Internal exchange server DNAT rule allowing passthru of SMTP traffic to the exchange server. ports 25,465,587. From time to time we stop receiving email. to fix, we reboot the sophos firewall. When it stops working…

Hello, we have implemented the Sophos firewall and we are facing a serious problem, no matter how much we configure the internal network IPs, it does not access the external IP, Could you help us? Grateful

##### Aktualna konfiguracja **Router:** - Adres IP: 192.168.1.1 - Maska podsieci: 255.255.255.0 **Sophos:** - Interfejs LAN: 192.168.1.79 - Interfejs WAN: 192.168.2.1 **Reguła wyjątku listy ACL usługi lokalnej:** - Strefa źródłowa: WAN - Sieć źródłowa…

We recently replaced all our xg230 with xgs 2300 firewalls. Geovision Video server is on a dmz with port forward rule and NAT rule. Remote playback and viewlog you can't connect to them. Live view works fine. Other sites no issues. Firewalls are setup…

Hello everybody, I would have a question to the firewall rules and DSCP marking under "Other security features"... My Sophos instance is running in bridge mode in front of my router's WAN interface (with only one public IP). I apply the function " Scan…

Added a new firewall rule. It does not show in the Rules and Policies. I thought maybe I didn't click 'Save'. So I went back in to add a new rule. This time when I try to add the rule, it says 'Rule already exists.' Ummm, okay. Where is it?

I would like to block access to and from certain countries with the MTA enabled. This was really simple on the UTM, but seems much more complicated in Sophos Firewall. I have created a black hole NAT rule as suggested in the documentation, but can’t work…

Hello, I'm new to Sophos, and am deploying my first firewall to a very basic client, and just want to check what I have configured is a reasonable balance between security and functionality? I am just looking for opinions and whether I have missed anything…

Hii Community, I configured a firewall rule for VPN to LAN connection and another for LAN to WAN connection, attaching a NAT rule with MASQ for internet access. Despite this, I could establish a VPN connection with the Sophos Connect client but couldn…

Good morning, I currently have a server in an on-premise datacenter that responds to TCP port 12233. So there is a very normal DNAT on the XGS firewall of the public ip 80.80.80.80:12233 towards the private server ip 192.168.1.10:12233 This service is…

hello , i'll try a simple port forwarding when i setup this like below , it works when i change the source port to 7887 then it dont forward. why o why ?

Hello everyone! I have 2 SOPHOS firewalls in two different buildings, connected by Long Range Aerials (point to point). FIREWALL 1 is configured like this: LAN 192.168.122.X (Aerial 1 is part of this DHCP pool) WAN public IPs (static) then…

Hi! I am a proud owner of XGS 107 and pretty happy with it. I am running a homelab with a few vlans, really nothing special. But there is something, that is bothering me: I am also using Barracuda Firewalls where i work, and there i really like the…

After installing Sophos XGS2300, our client stopped viewing his Dahua CCTV remotely on his smartphone, the NVR is online in the AP but CCTV footage is not I dstreaming. I did all the necessary port foward and ports are open RTSP: 554 TCP: 37777 HTTP…

Hi guys, We have been deploying a firewall policy for a few months now and have noticed that there are a few customer firewalls that are unable to deploy the configuration. They all appear to be getting a similar error to the one pictured below. Can…

Hi community, I'm trying to connect two different Subnets. This is the environment: Subnet A 192.168.1.0 /24 Gateway: 192.168.1.1 Port 4: Company with DHCP address 192.168.1.55 Device: FritzBox Subnet B 10.0.100.0 /24 Gateway 10.0.100.1 Port…

Hi everyone, Firstly let me explain the setup i have for my home network Have WAN plugged into a mini PC which runs Sophos XG. On Interface 4 of Mini PC i have plugged in ubiquiti AP from which other devices get wifi connection ( mobile phone , laptop…

Hi, I read this forum discussion (10 months ago) and it was said that this will be a new feature request. Has it available right now ? xg / xgs - allow ip from specific asn number only Thanks.

Can anyone please tell me (A) How to block all QUIC traffic in and out ,and (B) will that then give me better log reports of url's visited ?. Thanks

I am completely stumped by this. I am sure its something obvious that I am overlooking. Lan Port 1 - 192.168.1.254/24 MGMT port 5 - 172.16.0.254/24 I already had a rule saying mgmt subnet source 172.16.0.0 could access lan subnet destination 192…

What did I do wrong?

Hi I have a linux server in the DMZ, and I want to manually patch it from time to time. so I want to open access only during patches then close access to WAN. what are all the rules to put in place. well I'm going to choose the scheduled time tab.

Port forwarding rule I have an external ip address (PortB:8) currently used for a production website on port 443. I would like to be able to access a test web server via the same public IP via port 65443 and translate to port 443 at the server.…