Hi.
How is possible active traceroute in Sophos XG, in the last models exist one part on activate or desactivate this options but in the XG i don't see any check for this purposal.
My hosts are reachable from ping but when i launch traceroute always the last hop is sophos and i not view any hop after firewall.
Hi, thanks for reply.
I create one rule permit Info_Address, Info_Request, Ping and IMCP, but ping works correctly and traceroute no. I try from Linux and MacOs computer but the result is the same.
I have a sensation that is a problem from a bgp process when the networks are published from Sophos, but not are connected directly.
I have to run new tests.
Hi folks,
then answer appears to be traceroute -I sophos.com on MACs.
Ian
Ian,
can you try from Linux box?
Thanks
Hi Luk,
so no linux boxes these days other the Sophos firewall devices,
Try adding the following from internal to external
Tim Grantham
Enterprise Architect & Business owner
Just tried and traceroute does not work.
The only way to allow traceroute is the -I option.
Thanks Ian.
Have you tried creating the firewall rule to allow the UDP ports to egress?
TraceRoute works for me once this has been done.
Yes, I did it.
In my case does not work.
I am comfortable with the -I option