This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

[Sophos Notification] NAT rules might stop working after rebooting the firewall under specific circumstances

Hi everyone,

The issue is possibly observed when there are multiple uplink interfaces which belong to the group "Uplink Primary Addresses" and this group is used as the original destination in a NAT rule. Once UTM has been rebooted/upgraded, the affected NAT rules might stop working.

For more information, please refer to the below article:

This thread was automatically locked due to age.
  • Hi Jasmin,

    I'm glad to see that explicitly acknowledged by Sophos - thanks!

    Please have the author of that KB article edit it to make the firewall log line more meaningful.  The srcip and dstip should be obfuscated like 85.x.y.21, 192.168.x.41, 172.2x.y.11 and 10.x.y.31.  I would expect this to be a default drop out of the INPUT chain, so we should see fwrule="60001" instead of "123" which indicates a manually-created firewall rule.

    Also, the article says that this information also appears related to XG - I doubt that.

    Cheers - Bob

    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA