Windows Firewall rules for Sophos console server

Question

Hi There,

Our organisation has just completed a migration from a Server 2008 domain platform to a Server 2012 platform.

All our host and guest servers are now running Server 2012.

I have used the relevant knowledgebase articles in order to configure a group policy for all Sophos client servers' Windows firewall rules. These are working perfectly and are allowing me to install, configure and auto-udate all of my clients.

However, when the same GP is applied to the server which is hosting the Sophos Enterprise console, all of a sudden the clients are appearing as disconnected in the console and i'm receiving installation errors for any new installtions from the console. Nevertheless, the installations do complete successfully, it's just that they cannot report back to the console in order to tell it.

I've removed th GP and turned off the Windows firewall again on the Sophos console server.

Can you please tell me what Rules I will need to configure in order to get this server working properly with the firewall enabled?

Many Thanks,

Scott

This thread was automatically locked due to age.

QC · Accepted Answer

Hello Scott,

in order to talk to the server clients connect to port 8194 on the server (on which RouterNT is listening). Normally the server attempts to connect back to a client's 8194 to enable "push" messages. Do you permit 8194 incoming (for RouterNT.exe) in your GPO? If so, it shouldn't cut off the connection immediately. In addition port 8192 incoming is used for the initial connection.

I don't speak :smileywink: Server 2012 - with a default of block (in) and allow (out) these two ports should be all you need.

Christian