I am a newbie, still learning to figure out the firewall. I am using Sophos UTM 9 for Home (Personal use).
Earlier I had a lot of issues with someone accessing my Netgear routers (unknown person) and there were lot of DOS attacks in the logs and constant reboots, it does not allow me to connect to the internet. After a lot of looking here and there for info a friend said you can Install a firewall with Intrusion protection and prevention and DOS attack protection.
Since I am new to firewall and networking, by googling and the Sophos community’s help I have figured out to setup the fire wall on my home network.
A Xeon server (not sure on the model) with dual core 4gb ram and an old hdd of 160GB.
Connection is like: ISP 1 + ISP 2 > Sophos UTM 9 > Orbi Router all my devices like comps and mobile devices
I have installed Sophos UTM 9 for Home. With 2 ISPS (due to WFH for a backup), Load balancing is setup. And DNS forwarding enabled to cloud flare and Google DNS. With web filtering, Intrusion Prevention, Antivirus and Antispyware as enabled and the default firewall rules which was added by the setup itself during initial setup of the firewall.
Post the initial setup, I am not able to download torrents and my CCTV (Hikvision) works only internal, the external access is blocked.
I have setup firewall rules and NAT, and still there is no incoming connections for torrent, the port works but no incoming to download.
My Network is like:
Firewall on 192.168.19.1
Orbi router on: 192.168.20.1 with DHCP enabled and static routes for all my comps and mobile devices on dynamic ip
Orbi is setup with static IP for the internet to work : IP as 192.168.19.2 and gateway as 192.168.19.1
I have added the below:
1. Created the Definition for the Orbi router running as the comp is connected to the Orbi by going to Definition and from: Users -> Network Definitions -> New Network Definition ->
IPv4 Address: 192.168.19.1
From: Definition and Users -> Service Definitions -> New Service Definition ->
Type of Definition: TCP/UDP
Destination port: 55555
Source port 1:65535
NAT Rule Type: DNAT
For Traffic From: Any
Using Service: Torrent
Going to: Uplink primary (WAN with load balance)
Rule type: DNAT
Change Destination: Torrent Host
And the Service to: Torrent
Automatic Firewall rule: On
From: Network Protection Firewall -> New Rule >
Source: Torrent Host
Destination: Torrent Host
And in the Torrent application I have changes the port to 55555 with UPNP and NAT-port mapping enabled, I have tried different ports toggling the firewall rules, NAT and web filtering and still no luck.
Can someone please guide on how to enable the incoming link for the torrent, is there anything I missed in above?
Thanks and regards