Guest User!

You are not Sophos Staff.

Thread Info
  • State Suggested Answer
  • Locked Locked
  • Replies 4 replies
  • Answers 1 answer
  • Subscribers 29 subscribers
  • Views 530 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

WAN service ACLs

JJM

I have my service ACLs ticked as follows, but I seem to be having issues with the WAN ones.

Even though I have ping/ping6 and SSL VPN ticked for the WAN zone, I am unable to ping the public IP of my WAN interface, or connect using the Sophos VPN client so I'm missing something.

Firewall rules are currently pretty minimal, mostly stock + VPN policy.

Anywhere else I should be looking?



This thread was automatically locked due to age.
Parents Reply Children
  • 0 in reply to JJM

    Hi : Is your WAN ISP static IP directly configured on XG Interface? If Yes, are you able to receive the PING packets to XG over the ISP network for the Public IP from which you are generating PING? (You may validate the same with the help of the TCPDUMP command). 

    If No, then is the required port forwarding done on the next device or router to forward the request on XG for ICMP and SSL VPN service ports/protocols?

  • 0 in reply to Vishal_R

    Yes, the WAN static IP is configured on the port 1 interface. I am unable to get a ping response from a completely separate internet connection. Browsing on the LAN side works fine.