This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Watchguard traffic monitor equivalent

Sophos UTM Home v9.703-3

Hi,

I'm trying to find the equivalent log viewer to Watchguard's Traffic Monitor.  For those unfamiliar, the TM simply shows all traffic flowing through the device and can be filtered on any string.  It's really useful for troubleshooting but I can't find an equivalent on the Sophos UTM, does anyone know if there's an equivalent?

Bit of background; I have a 'smart' alarm system and when I configure the UTM to use cloudflare's 1.1.1.1 DNS servers it seems to be unable to connect to wherever it needs to connect to.  If I set a DHCP option 6 for that host and assign Google DNS, it all works as expected.  What I want to do is watch the traffic flowing out of the host to see what URL/IP's it's trying to connect to so I can check if Cloudflare is resolving it.  I've tried setting up a firewall rule Source:Alarm Hub, Dest: ANY, Service: ANY, Action: Allow, Log Traffic: Ticked, and although I can see a DNS request passing through the firewall I don't see any other traffic coming from this host.

In Watchguard world, I'd open the traffic monitor and filter on the IP address of the alarm, and I'd be able to see every request passing through the firewall. I just want raw traffic logs.  Can anyone throw some light on how to achieve this?

Thanks

Dave



This thread was automatically locked due to age.