Hi all,
Hoping for some assistance from a leg end or two! I'm a network admin so not a complete novice by any means.
I have been using Sophos XG at home for a while now (months not years), and i recently had an issue downloading updates to the Xbox One, even though i had created a firewall policy to allow all recommended ports through to the Xbox. After messing around with the rule and going through logs I decided to disable IPS and Web Filtering on the default rule. I may have changed some other settings while trying to figure out the cause. After that the Xbox could download updates. Left it like that with a plan to come back and look in to it further.
Unfortunately, something I have changed has broken access to the device from WAN. I re-enabled IPS and Web Filtering but it hasn't helped. I can still access servers internally that I have rules setup for, but I can't access the Sophos admin or user portals, and my SSL VPN connection has stopped working. On top of that the device will not respond to pings from the WAN. So far I've managed to confirm that when I try to connect through SSL VPN my account is authorised, but nothing happens beyond that.
Setup:
PPPoE from Openreach Modem directly connected to Passthrough NIC on ESXi
Sophos XG is the gateway on 10.0.0.1
PiHole DNS is on 10.0.0.10
Device access has been configured to allow HTTP(S), User Portal, PING and SSL VPN from WAN
Valid SSL Cert is installed and has been selected as the cert for the XG. Hostname matches cert.
I've tried each service from mutiple locations, devices, browsers, etc. Initally i thought i had some how gotten my work IP blacklisted on the XG.
Is there anyone that can point me in the right direction. I find trying to work through the log viewer and packet captures cumbersome on the XG, but if thats where i need to focus my attention i will. It would help to know which logs i should focus on and what i should be looking out for.
Any and all suggestions will be greatly appreciated.
TBO
This thread was automatically locked due to age.