This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Bypass Sophos UTM web filtering for a particular internal host

The subject pretty much says it all, but I have an internal proxy server for testing purposes that needs to be able to bypass the Sophos' built-in filtering. I've got the Sophos running in Transparent mode and I've tried adding the server's IP to the Skip Transparent Mode Source Hosts/Nets (and destination, just to be sure). I've tried adding an Exception list skipping everything it lets me skip for that host, but it doesn't do anything. I'm assuming that because the filter is skipping checks on traffic from that host, not to it.


Based on the Rulz, I thought about adding a NAT Rule for that server so it wouldn't get to the proxy, but I don't know how I'd do that since I don't really want to NAT anything.I tried a "No NAT" rule that didn't work, but I'm not really sure what a "No NAT" rule actually does in the first place.

Is there a way to bypass the transparent filter on the Sophos for traffic coming from/to a particular host?

Forgot to say, I've got an SG430 running firmware 9.403-4.

Thanks,

Bryan



This thread was automatically locked due to age.
Parents Reply
  • I don't have any problems getting to the internal host because we're both behind the Sophos. The problem is web traffic from that host is being filtered and I need to bypass the filtering. It's a proxy server that does its own filtering that I'm trying to test out.

    Thanks.

Children
  • I'm tempted to recommend #1 in Rulz, but I bet it's #4 #3!

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • But I'm not DNAT'ing anything to this host -- though I'm thinking I should add a DNAT to make it bypass the proxy. The problem is I don't know what to DNAT since the host gets to the internet just fine, I just need to bypass the filtering.


    I may just turn off web filtering for a while to do the testing. Kids aren't in school at the moment, so it shouldn't be a problem.

  • Oops, I hit the "4" instead of the "3" when I typed that.  If that doesn't work, let us know what #1 tells you.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA