Thread Info
  • State Suggested Answer
  • Locked Locked
  • Replies 6 replies
  • Answers 1 answer
  • Subscribers 28 subscribers
  • Views 1939 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

masquerading rules only working after reboot

ek17

Hello,

 

i have a problem with firewall rules that have masquerading configured. It's not working until i reboot the device. If i then disable masquerading, it keeps working until i reboot the device again and so on. That applies even for the WAN masquerading. I've tested this with two devices, a XG106 (SFOS 17.5.5 MR-5) and a XG125 (SFOS 17.5.4 MR-4-1).

 

I verified this with wireshark too.



This thread was automatically locked due to age.
Parents
  • 0

    Are those appliances managed by a Sophos Firewall manager?

    Or did you import those Firewall Rules via API? 

  • 0 in reply to LuCar Toni

    No, they are manged standalone. I've created the rules just with the web interface, no import.

  • 0 in reply to ek17

    Can you show us the Firewall Rule? 

    But never heard of such a issue in a standalone setup.

    You can reproduce this with another appliance? 

  • 0 in reply to LuCar Toni

    I have never tested this out a bunch, but I know when I was first setting up an XG firewall I made some business application rules for dnat to allow specific ips through on sftp and an open rule to allow anyone in to ftp.  Once the rules were done I began testing and it was weird, I could connect but it would take more than a minute to go through then other times it would not connect.  After about an hour of troubleshooting I just thought restart.  I do not know what did it but suddenly everything worked like a charm.  Did multiple restarts after that, tried turning the rules off and on but never seen the same results.

Reply
  • 0 in reply to LuCar Toni

    I have never tested this out a bunch, but I know when I was first setting up an XG firewall I made some business application rules for dnat to allow specific ips through on sftp and an open rule to allow anyone in to ftp.  Once the rules were done I began testing and it was weird, I could connect but it would take more than a minute to go through then other times it would not connect.  After about an hour of troubleshooting I just thought restart.  I do not know what did it but suddenly everything worked like a charm.  Did multiple restarts after that, tried turning the rules off and on but never seen the same results.

Children
No Data