I have a Sophos XG 115W and recently upgraded from SFOS 15.01.0 MR-3 to SFOS 17.1.2 MR-2 but are having an issue with traffic/requests from a single Synology server on the LAN-Network not being passed through to one of my DMZ-Network servers. I have no problems making the request from my own PC on the LAN-network. In fact this also happend last time I tried to upgrade from SFOS 15.* to 16.* and decided to roll back the firmware. But now I need a solution for this.
The Synology is requesting an URL (with a cURL-method in a CRON-job) on one of the DMZ servers every 5 minutes, but the requests is never received on the webserver for some reason.
And that is not 100% true because a single request has passed through during the night both yesterday and today. And that is so frustrating to know for a firewall like this... either the traffic should be allowed or rejected/dropped. Not just sometimes allowed.. or sometimes rejected. It's a firewall and the appliance box is not cheap at all. It's pretty basic and should just work.
I have read about Clientless Users and added the Synology Server as one, but that makes no difference.
A have also added the domain name for the URL being requested to the DNS Host Entry, so the IP address being resolved always match the IP address in the DMZ-network and not the public domain/address from the public DNS servers.
The configuration and result of the package capture is shown at the following screendumps, but I really need some more advices.
Thanks a lot.
This thread was automatically locked due to age.