Sophos XG Firewall - License activation unavailable (error XG-00151). See KB-000043485 for the latest updates.
I want to know if it is possible to publish 3 ports (8000,3000,3001) of a server connected to a RED50 in standard/split mode.Currently it is working configuring the RED50 in standard/unified mode, but as all the traffic goes through the UTM Firewall and one of the ports is http, I would like to know if it is possible in standard/split mode?
That is a DNAT and it's what is used when the server is behind the UTM and traffic arrives at the UTM on it's external address.
If the topology is 'Internet <--> UTM <--> RED <--> Server', you…
¡Hola! Ruben and welcome to the UTM Community!
Yes, but will the remote site be secure enough without the protection of the UTM in Standard/Unified?
You could just use a Full NAT or Webserver Protection in Standard/Unified.
Cheers - Bob
I suppose that in standar/unified mode the remote site is more secure. Currently it is configured in Full NAT standar/unified, but in case I may need Full NAT in standar/split mode how could it be done?
Please insert a picture of the Edit of your current Full NAT, Ruben.
this is the DNAT Rule:
If the topology is 'Internet <--> UTM <--> RED <--> Server', you must use a Full NAT like:
Full NAT : Internet IPv4 -> Services Geopalma -> Movistar (Address) : From Internal (Address) to Servidor Geopalma
is this the configuration you suggest for the full NAT?
Thank you very much for your help, that's correct, I just needed this Full NAT rule to make it work.