Advisory: Support Portal Maintenance. Login is currently unavailable, more info available here.
I have an XG135 running (SFOS 18.0.1 MR-1-Build396) and I am currently failing Security Metrics PCI scan for the following:
I am trying to follow the KB Sophos has provided but in v18 DNAT and Firewalls are separated, and I can't seem to get everything set properly to pass this scan.
My Firewall rules:
NO NAT/ DNAT Rules:
Blackhole Route:
I cannot figure out how to pass this scan without getting traffic to follow these rules. So far nothing has "hit them".
Hi Brandon McGouldrick,
Thank you for the screenshots.
The source port needs to be the port range from 1:65535.
Please change the source port from 3400 to port range 1:65535 and let us know if that helps…