Policy to allow Sophos Central - New firewall setup

Hello,

I am new to the Sophos world and have a new SX135W that I am working to get setup. We migrated policies from and older SG230 and now seem to have broken the connection to Sophos Central. I added a rule to permit any traffic to Sophos LiveCentral and it is back to "Connected" but am still unable to select and modify the new firewall. I am not even sure that is the proper way to write the rule and wanted to see about what should be there to allow traffic between the SX and Sophos Central. Also are there any other basic policies I should make sure are added as part of the new config to make sure other services like this work properly?

Thanks in advance ....

Brent

Parents
  • Hi Brent,

    you do not need a firewall rule to allow connection to CM, access is managed from within the GUI Central Synchronization.

    What error do you see in CM when you try to modify the XG?

    Ian

     
    V18.0.x - e3-1225v5 6gb ram on 4 port MB with 2 x APX120 - 20w. 
    If a post solves your question use the 'This helped me' link.
  • Until I added a rule to allow any traffic to Sophos LiveCentral it was not even showing as connected in the UI of Sophos Central. Now it at least shows connected but with I try to select the firewall it tries 6/6 times to connect and times out. This morning it is back to not having checked in with Sophos Central in over 4 hours.

Reply
  • Until I added a rule to allow any traffic to Sophos LiveCentral it was not even showing as connected in the UI of Sophos Central. Now it at least shows connected but with I try to select the firewall it tries 6/6 times to connect and times out. This morning it is back to not having checked in with Sophos Central in over 4 hours.

Children
  • Hi,

    there is something odd with your configuration  because the rules affect traffic from internal to external not external to remote sites unless you have a drop rule affecting specific sites seeing traffic to a dead end?

    Mine works fine without a specific firewall rule.

    Tere is a line above the last screenshot that I have not included because it contained specific registration details.

    Ian

     
    V18.0.x - e3-1225v5 6gb ram on 4 port MB with 2 x APX120 - 20w. 
    If a post solves your question use the 'This helped me' link.