Thread Info
  • State Verified Answer
  • Locked Locked
  • Replies 5 replies
  • Subscribers 28 subscribers
  • Views 3033 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

New to Sophos XG (migrated from UTM9) and need to allow some devices outbound

EddieRock

I've migrated from UTM9 to the XG and need to allow a few devices to not get scanned http/s. My son's PS4 can't download updates to the games now that we've switched to XG. I need to basically bypass filters (or what ever is happening here).

I guess I need step by step instructions on how to add an exception so he can continue to play Fortnite. I've found another post but it wasn't step by step and I didn't know where some of the settings were.

The error they are getting on the PS4 (which may help others searching for this):

"HTTP status code : 416 ) (CE-40862-0)"

Error 416 seems to be due to the following issue: HTTP Error 416 Requested Range not satisfiable

thanks for your help!

Ed

 

 



This thread was automatically locked due to age.
Parents
  • 0

    HI,

    you can setup a firewall rule that only applies to the IP address of your son's PS4 that does not use the http proxy.

    Source LAN -> son's PS4 IP address -> WAN -> any -> allow -> log -> MASQ.

    Ian

  • +1 in reply to rfcat_vk

    Thanks for the super quick reply. that's exactly what I did but the rule has zero traffic and didn't seem to apply. It's at the top.

    To verify the issue, I went into my default rule and deselected "Scan HTTP" and he can now download. This is temporary.

     

    The rule at the top is like so:

    Action: Accept

    Source > Lan > Son's PS4 IP > Wan > Any > Allow 

    Scan HTTP is off

    Intrusion Prevention is None

    Web Policy is "Allow All"

    Rewrite Source address is checked

    Use Outbound Address is MASQ

    Log Traffic is set

    Here are some pics:

Reply
  • +1 in reply to rfcat_vk

    Thanks for the super quick reply. that's exactly what I did but the rule has zero traffic and didn't seem to apply. It's at the top.

    To verify the issue, I went into my default rule and deselected "Scan HTTP" and he can now download. This is temporary.

     

    The rule at the top is like so:

    Action: Accept

    Source > Lan > Son's PS4 IP > Wan > Any > Allow 

    Scan HTTP is off

    Intrusion Prevention is None

    Web Policy is "Allow All"

    Rewrite Source address is checked

    Use Outbound Address is MASQ

    Log Traffic is set

    Here are some pics:

Children