This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Noob on utm

Hello.

I am new on Sophos utm and I need a bit of help from you guys.

I managed to make it run with a few rules.

I have a lan for my pc, server and a few small nas, IP …,...,23,...

I have another lan for my wifi IP …,...,0,... for some  gadgets (xiaomi vaccum,xiaomi sensors,xiaomi gateway,HUE,mobile phones,smart tv )

My mobile talk with the hue bridge but with xiaomi don't.

My Sophos is on a pc and I use an separate ethernet port to give ip to  hp 8 port switch(4 for locals and 4 for wifi) with 2 vlans for the 2 ip ranges.

The wifi is spread by a tp link AP.

Hope my message is not to messed up and you guys can help me a bit.

 

Thx in advance

Raz



This thread was automatically locked due to age.
Parents
  • Hello Raz,

    welcome! What you can do is simply try things out and watch the Firewall "Live Log" under "Network protection". You can learn from there, which traffic is caused by your internal devices und what you should do to allow some of the traffic it blocks. The next important thing is DNS and DNS-forwarding, follwed by NAT-rules ("Masquerading") for your internal clients to be abel to reach the internet.

    I highly recommend the "Rulz" BAlfson has put together over the years, see this link: https://community.sophos.com/products/unified-threat-management/f/general-discussion/22065/rulz

    Even if you don't understand all that is described there, you can just pick them one after the other to get things going.

    Good luck!

    Mit freundlichem Gruß, best regards from Germany,

    Philipp Rusch

    New Vision GmbH, Germany
    Sophos Silver-Partner

    If a post solves your question please use the 'Verify Answer' button.

  • Thank you.

    I will try to understand the rules :)

    And BTW Sophos rules even for a newb it look like is having huge potentials as soon as u get to understand it

  • Geiasou Raz and welcome to the UTM Community!

    You will also want to consider the general approach of DNS best practice.

    Cheers - Bob
    PS Thanks, Philipp, for the vote of confidence!

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • Iv read the rules but still not able to do what I want :(

    From web filtering logs I get 

    url="https://de.api.io.mi.com/" referer="" error="" authtime="0" dnstime="8" aptptime="207" cattime="0" avscantime="0" fullreqtime="172408" 

    and I'm totally lost :(

  • I have a bunch of Xiaomi IoT in my network environment.  Its a bit tricky to get it to work.  The way I do it to initially assigned an IP address based on the MAC address and setup a FW rule for outbound traffic and open FW live log to see what port needs to open.  After your IoT is connected, then locked it down to that specific port.  Takes some time to get use to. 

    I have all my Xiaomi IoT in a separate network from my Internal LAN

    BTW, I have Xiaomi (gateway, door/window sensor, smart light, universal remote, air filter, etc..)

    Good Luck

Reply
  • I have a bunch of Xiaomi IoT in my network environment.  Its a bit tricky to get it to work.  The way I do it to initially assigned an IP address based on the MAC address and setup a FW rule for outbound traffic and open FW live log to see what port needs to open.  After your IoT is connected, then locked it down to that specific port.  Takes some time to get use to. 

    I have all my Xiaomi IoT in a separate network from my Internal LAN

    BTW, I have Xiaomi (gateway, door/window sensor, smart light, universal remote, air filter, etc..)

    Good Luck

Children