SNAT with multiple WAN gateways isn't working.. WAN Gateway 1 = Port3 - its public with /27 worth of aliases WAN Gateway 2 = Port5 - its public with /28 worth of aliases (IP Host) SNAT with Port3 aliases work for all of the rules I've created…

Hi, what would be the proper way to configure different WAN ALIASES for outbound traffic, for example in this manner: LAN users would use WAN Alias 1 for browsing and accessing web LAN2 users would use WAN Alias 2 FreeWiFi users would use WAN…

Hi Folks, I'm moving from UTM to SFOS. Getting it setup with the basics was all fine but something I've been wanting to try for a while was to remove the masq rules as sophos is my back firewall in a back to back config. I ran into an issue though…

Good morning. I have a problem in identifying which server makes requests to another when the requests arrive to a loopback to access internal servers when pointing to their public ip's. Example: server with ip 192.168.1.20 resolves DNS that points…

static IP 203.122.47.42 on port 84 is showing as closed. We need to bind this static IP to the local IP address 10.0.1.134 . Please assist with this at your earliest convenience. Thank you.

Hello all, I have inherited a firewall that has linked NAT rules for LAN to LAN type rules. Is there any need for them (I don't think so as really only required for LAN to WAN), and would it hurt anything if I just left the NAT rules? Thanks.

We recently replaced all our xg230 with xgs 2300 firewalls. Geovision Video server is on a dmz with port forward rule and NAT rule. Remote playback and viewlog you can't connect to them. Live view works fine. Other sites no issues. Firewalls are setup…

Hello everyone! I have 2 SOPHOS firewalls in two different buildings, connected by Long Range Aerials (point to point). FIREWALL 1 is configured like this: LAN 192.168.122.X (Aerial 1 is part of this DHCP pool) WAN public IPs (static) then…

Hi, Any advice would be appreciated for the following please. We have a number of devices that have been configured to communicate with an internal server by IP address. This server is now being migrated to the cloud on a unique subnet. We are not…

I created a new rule which allows traffic originating from VPN subnet to the external IP address. I verified in the logs that the traffic passes by unobstructed. Also verified in SSL VPN settings that the particular VPN profile contains that IP address…

Hello, We use several networks and several public IP addresses, which are stored as aliases on the WAN interface. How do I configure the NAT rule so that, for example, the public IP address xxx.xxx.xxx.xxx is used for network A and the address yyy.yyy…

I'm having to restart this system to get Firewall / NAT rules enforced when changes are applied. This seems to happen with quite a few people in the community. I've found sometimes disabling the firewall rule that feeds a NAT rule loads the additions…

Today we want to replace our old UTM with an XGS 3100 cluster. In advance, we had created rules manually. But we were only able to test it today. We have a LAN port 1 (192.168.2.0/24) and a 2nd LAN on port 7 (192.168.201.0/24) When I access 192.168…

I have a Sophos Firewall XG115 with Firmware revision 19.5 I am trying to open ports associated with a LAN Host , using DNAT assistant. There is a range of ports to be opened ports 40,000 to 60,000. I have created a service with ports 1:65535 mapped…

Hello community, we are using a Sophos XG 310 for quite some years now. Since the beginning we had two WIFI's configured. One with Bridge to AP LAN and one as Separate Zone with Hotspot system. I never had to create a special firewall rule to get…

I have to seperate two networks using the same LAN Interface running XG in natest version with 1 phyiscal NIC bound to LAN and 1 physical nic bound to wan. The need is that there is no access form Private Network IPs to Company Network IPs and Vice Versa…

Hello Community, Hoping for some sort of advice as I'm pulling my hair out with this one. All I want to do is forward UDP 1194 to the NAS 192.168.15.9 to get OpenVPN to work. Here is the NAT rule. Port3 is the external interface with a public IP from…

I want internal traffic to an internal domain to go out through an external link and then come back in. How can I do that?

I have a problem with communication between two local machines that host two different web applications. When I try to connect from VM_3 to VM_2 using the command curl -I https://site.pl , I do not receive a response from the VM_2 . When I try to…

I Want create Rule for Server Load Balancer use for internal LAN in Sophos XGS for Http Traffic .

I am creating a new firewall rule and want to add a linked NAT rule to it, but the fields for adding source, destination and other parameters are greyed out: That warning which is visible in the printscreen does not make sense to me - can someone…

hi, if i have a firewall with one isp. if i configured port1 as lan and port2 as wAN and configure public ip over it. i configured a Firewall from LAN to WAN, and NAT MASQ rule. then all my users will start going to internet by using port2 IP. my questions…

Dear community I would like to ask a question regarding the system generated traffic. We have founf this article in order to SNAT the system generated traffic: https://support.sophos.com/support/s/article/KB-000035607?language=en_US We have…

Hello, our customer has an XGS 2100 HA installation with currently two REDs. So far it's going very well. Now our customer has taken over three additional locations and would now like to connect these to the internal network with the XGS RED environment…

Good Day, Am trying to NAT our Remote Access VPN IPs to internal network IP's without making any changes to the Remote Access VPN. I can change the IP assigned by Remote Access to the users when connecting to the Sophos VPN but don't want to change…