This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

XG reporting problems yet again ... Firewall accepting forbidden traffic.

Hello Everyone. I posted few month ago that a "clean up rule" so common on competitive firewalls cannot be on Sophos XG, without causing reporting issues.

Here: https://community.sophos.com/products/xg-firewall/f/firewall-and-policies/98440/clean-up-rule-from-any-to-any-drop-that-s-allowed-on-the-internet-anyway-wtf

We are told the firewall behaves properly no matter what, but users have no easy or practical means of knowing. Well here's another one. The following is a rule we have in our firewall. Rule no 6 that allows SMTP and SMTPS traffic into our Anti-Spam.

"SMTP, WAN towards our Anti-Spam" server, from WAN to LAN, allow "SMTP (port 25) and SMTP(s) (Port 587)". Simple, right ? "ext-ip xxx.xxx.xxx.xxx" is the Internet (i.e. valid and NATed) address. int_ip is the internal address for the same Anti-Spam server.

This thread was automatically locked due to age.

Parents

0 sachingurung over 7 years ago

Hi Big_Buck,

Please enable support remote access ID and PM me the code. I will log in to the XG and check the configurations. No changes shall be made without your confirmation through PM.

Thanks
Cancel
Vote Up 0 Vote Down

Cancel

Reply

0 sachingurung over 7 years ago

Hi Big_Buck,

Please enable support remote access ID and PM me the code. I will log in to the XG and check the configurations. No changes shall be made without your confirmation through PM.

Thanks
Cancel
Vote Up 0 Vote Down

Cancel

Children

No Data