Thread Info
  • State Suggested Answer
  • Locked Locked
  • Replies 2 replies
  • Answers 1 answer
  • Subscribers 4 subscribers
  • Views 3594 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Unable connect to webmail via Port Forwarding

Law

Dear Export. 

I'm new in handling Sophos Firewall and i hope i can get some advise.  Below is the scenarios. 

 

Background

  • Web user connect to webmail server via port forwarding. 
  • Port forwarding from example Port:12345 to Port:80

Issue

  • Today, User log a report and informed us that they unable to load the login page to our mail server. 

Workaround

  1. Immediately, I tried to telnet<domain_name.com>12345, I received  Connection Failed. 
  2. I performed the telnet testing again after i restart the mail server and the result are the same

Question

  1. From Sophos, May i know how do i check whether the following port:12345 was not blocked?


This thread was automatically locked due to age.
  • 0

    If you need to connect from outside on port 12345 to your inside server on port 80 you need a DNAT rule

     

    Traffic from: Internet IPv4 (or any)
    Using service: port 12345 (needs to be created)
    Going to: External (Address) (be sure to use the (address) item otherwise it will not work).

    Change service: http
    Change destination: Your internal server

     

    Be aware tough that when you need to access this from inside you will need a full NAT rule when you access port 12345 on your external interface from the inside.

    Managing several Sophos firewalls both at work and at some home locations, dedicated to continuously improve IT-security and feeling well helping others with their IT-security challenges.

  • 0

    Selamat pagi Aaron and welcome to the UTM Community!

    Apijnappel's prescription should do what you need.  For traffic from your LAN, you will need to add the Full NAT he recommended.  See Accessing Internal or DMZ Webserver from Internal Network.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Unfiltered HTML