This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Block Traffic for Userportal, Webadmin, SMTP to specific Sophos additional address

Hello,

Sophos Services (Webadmin, Userportal, SMTP and so on) are on every Sophos IP address.

But i need to disable or block every of thiis Services to spacific additional address.

I try to create a Firewallrule and a NAT Sinkhole, but booth doesn't work.

How can i reach this goal?

E.g. my external address is 1.2.3.4 and an additional address is 1.2.3.5, i want to reach Webadmin, Userportal and SMTP Protection on 1.2.3.4, but not on 1.2.3.5

Sophos UTM virtual Appliance with 9.711-5 Firmware.

Thanks for your help.



This thread was automatically locked due to age.
Parents
  • Hallo and welcome to the UTM Community!

    See #2 in Rulz (last updated 2021-02-16) to understand why the solution is a DNAT like the following:

         DNAT : Internet IPv4 -> {WebAdmin, SMTP, Userportal port} -> {1.2.3.5} : to {240.0.0.1}

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • Hi,

    i tried DNAT : Internet IPv4 -> {SMTP} -> {additional IP address on interface} : to {240.0.0.1} and guess what, it is not working. Still an open SMTP and still handling mail traffic.

  • Hmm.  Please insert a picture of the Edit of your DNAT.  Also show us something that indicates that SMTP traffic came in on the additional address instead of the primary IP.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Reply
  • Hmm.  Please insert a picture of the Edit of your DNAT.  Also show us something that indicates that SMTP traffic came in on the additional address instead of the primary IP.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Children