Torrent Guide


I am a newbie, still learning to figure out the firewall. I am using Sophos UTM 9 for Home (Personal use).

Earlier I had a lot of issues with someone accessing my Netgear routers (unknown person) and there were lot of DOS attacks in the logs and constant reboots, it does not allow me to connect to the internet.  After a lot of looking here and there for info a friend said you can Install a firewall with Intrusion protection and prevention and DOS attack protection.

Since I am new to firewall and networking, by googling and the Sophos community’s help I have figured out to setup the fire wall on my home network.

A Xeon server (not sure on the model) with dual core 4gb ram and an old hdd of 160GB.

Connection is like: ISP 1 + ISP 2 > Sophos UTM 9 > Orbi Router  all my devices like comps and mobile devices 

I have installed Sophos UTM 9 for Home. With 2 ISPS (due to WFH for a backup), Load balancing is setup. And DNS forwarding enabled to cloud flare and Google DNS. With web filtering, Intrusion Prevention, Antivirus and Antispyware as enabled and the default firewall rules which was added by the setup itself during initial setup of the firewall.

Post the initial setup, I am not able to download torrents and my CCTV (Hikvision) works only internal, the external access is blocked.

I have setup firewall rules and NAT, and still there is no incoming connections for torrent, the port works but no incoming to download. 

My Network is like:

Firewall on

Orbi router on: with DHCP enabled and static routes for all my comps and mobile devices on dynamic ip

Orbi is setup with static IP for the internet to work : IP as and gateway as

I have added the below:

1. Created the Definition for the Orbi router running as the comp is connected to the Orbi by going to Definition and from: Users -> Network Definitions -> New Network Definition ->

Name: Torrent_host

Type: Host

Interface: Any

IPv4 Address:

  1. Created the Service Definition

From: Definition and Users -> Service Definitions -> New Service Definition ->

Name: Torrent

Type of Definition: TCP/UDP

Destination port: 55555

Source port 1:65535

  1. Created NAT Rule From: Network Protection -> NAT New NAT rule

NAT Rule Type: DNAT

Matching Condition:

For Traffic From: Any

Using Service: Torrent

Going to: Uplink primary (WAN with load balance)

Rule type: DNAT


Change Destination: Torrent Host

And the Service to: Torrent

Automatic Firewall rule: On


  1. Created the outbound and Inbound firewall rule

From: Network Protection Firewall -> New Rule >

  1. Torrent Outbound:

Source: Torrent Host

Service: Any

Destination: Any

  1. Torrent Inbound:

Source: Any

Service: Torrent

Destination: Torrent Host


And in the Torrent application I have changes the port to 55555 with UPNP and NAT-port mapping enabled, I have tried different ports toggling the firewall rules, NAT and web filtering and still no luck.

Can someone please guide on how to enable the incoming link for the torrent, is there anything I missed in above?


Thanks and regards