I have several external POP accounts with many email service providers. I use the Outlook desktop app to check email on all of those accounts. I use port 995 to check email on all accounts. The Outlook client is behind the Sophos UTM which has a firewall…

Hello, I'm trying to create a simple allow list (whitelist) in in the SOPHOS UTM Firewall for a particular site, leaving all other sites unaffected. See the following configuration screen; Rules 9 and 10 are the ones of interest. Rule 9 is attempting…

Hi all, Just a small question, what's better? Doing 1 rule including ALL the needed services for ingress egress destination OR doing multiple rules (one per targeted services)? Thanks, Regards, M-

Hi all, I'm trying to replace my old TMG with my SG210, the problem is when I create a new rule, it doesn't work. I noticed that my LAN can't access internet even with the firewall rule "Any-Any-Any" so I had to create a NAT rule to make this happen…

I recently have setup Sophos Home UTM 9 and I currently having trouble port forwarding my CCTV System, so I can remotely access. however when I create a rule it doesn't seem to work. I have checked the firewalls live log, and the CCTV System doesn't…

I am running a streaming server on a node, on the LAN. I want to allow access to it from the Internet. I added a DNAT to forward the specific port it uses to the local IP of the node that the streaming server is running on. I unticked the box for it to…

What rule or NAT should be used to prevent computers on the network from being remotely accessed via Chrome Remote Desktop? It is suggested ( https://support.google.com/chrome/a/answer/2799701?hl=en ) to "black hole" chromoting-host.talkgadget.google…

We have been getting a LOT of IPS attacks lately. Getting Snort 38330 MALWARE-CNC TRUFFLEHUNTER SFVRT-1020 attack attempt from several internal IPs. Snort doesnt give much information.... is there a good chance these hosts are infected? Sophos Cloud AV…

I am new to this and just finding my way around setting up utm/firewalls i have a 2 firewall setup an internal sophos utm 9 ffirewall and an external firewall The internal firewall sophos utm 9 is setup where all computers and mobile devices are behind…

I tried setting up sophos today in a test environment to see how much throughput I could get, but I couldn't get far. My core network is on a 10. subnet and I setup a computer and assigned it with 192.168.2.20 subnet IP. Sophos was the router between…

Hello, I would like to write a firewall rule to drop all SSLv2 traffic attempting to travel through our UTM because of the DROWN vulnerability . We have a couple of servers susceptible to the attack and it would be nice to first block the attack at…

I am trying to play a game that requires access to port 10001 and I have set up a rule that allow any computer on my internal network to access this port to any IPv4 address, however it is continually blocked. Firewall log is: 2016:03:01-11:38:32 oscar…

Hi everyone, Similar to in TMG and Palo Alto, is it possible to match both source user group and source network together when building a rule? i.e. VPN Access users coming in on the VPN subnet can access services x,y,z. Thanks in advance. KJ

We have about 90 servers behind the affected UTM9, all have an external interface and a dedicated dnat and snat entry to their internal IP. Actually everything is fine, a HA slave is attached. But sometimes traffic gets dropped even though it's allowed…

Hi, I had 2 attacks blocked, it is a bummer that I can't drill down on the actual text, but I found more detail in the "Network Protection" menu under "IPS: Top Blocked Attacks" I can figure out the host inside that tried to send the packet out…