Guest User!

You are not Sophos Staff.

Thread Info
  • State Suggested Answer
  • Locked Locked
  • Replies 2 replies
  • Answers 2 answers
  • Subscribers 27 subscribers
  • Views 2276 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

External Pings

Sophos User3768

I would like to be able to ping our WAN interface from specific external IPs, but the only thing I am seeing I can do currently is allow Ping/Ping6 via the ACLs (Administration > Device Access > Local Service ACLs).  When doing so, this seems to open it up to every external IP.  I tried creating a simple firewall rule to allow ICMP to the WAN interface, but it didn't seem to do anything. Am I missing something?



This thread was automatically locked due to age.
  • 0

    Just create a local Service ACL and allow a specific IP to ping.

    Ben

  • 0

    Hello there,

    Thank you for contacting the Sophos Community.

    1. Under Local Sevice ACL, you need to leave the Ping/Ping6 Disable for the WAN zone

    2. Under Local Service ACL Exception rule create a rule like this:

    Source Zone = WAN

    Source Network/Host = Public IP from where you are going to be Pinging  the Sophos XG

    Destination Host = ANY

    Services = Ping

    Action = Accept

    That should allow you to Ping the XG only from that specific IP.

    Regards,