Guest User!

You are not Sophos Staff.

Thread Info
  • State Suggested Answer
  • Locked Locked
  • Replies 12 replies
  • Answers 1 answer
  • Subscribers 29 subscribers
  • Views 1768 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Open Port Inbound 44158 for Helium

wrightcomply

I have my Sophos XG running 18.5.3 MR-3-Build408 bridged to my AT&T fiber gateway BGW210-700 on one of my static IP's (public IP). AT&T claims that all ports are open.  I have four LAN Ports on the SOPHOS and have a bobcat miner hotspot connected on Port4 and the AT&T static IP connected on Port2.  

I have the following rules to open port 44158 (required by the bobcat miner public hotspot to communicate with other public hotspots.

NAT Rule

and firewall rule

yet when I do a Nmap scan, the port shows closed.  

Do I have the rule correct?  I really need port 44158 open both inbound and outboud.

The Helium_HS is the LAN ip to the bobcat miner public hotspot.



This thread was automatically locked due to age.
Parents
  • 0

    Hello!

    wrightcomply said:
    Do I have the rule correct? 

    No, over the Firewall Rule you should use:

    • "Any" on the "Source Network and Devices".
    • Your Firewall WAN IPv4 on the "Destination Networks", you can use a #Port host since those are updated in real-time with the Interface IP.
    • And on "Services" you need to create a new one with the necessary 44158 Port. (With either TCP or UDP, or both if necessary.)

    On the NAT Rule you should:

    • Leave "Original Source" as "Any".
    • "Inbound Interface" should be your WAN Interface.
    • "Original Destination" is the same host that you use on the Firewall Rule, with is the correct #Port host that is linked to the WAN Interface.
    • "Translated Destination" is the client (Miner IPv4) in which the Traffic will be sent. (NAT'ed)
    • "Original Service" is the same service of the Firewall Rule, as stated above.

    Those steps above should cover everything.

    EDIT: Looking at GitHub, the necessary ports are:

    •  44158/TCP
    • 1680/UDP

    You should use those ports above while creating a new "Service".

    If a post solves your question use the 'Verify Answer' button.

    XG 115w Rev.3 8GB RAM v19.5 MR1 @ Home.

  • 0 in reply to wrightcomply

    On the Firewall Rule, change the "Destination Zone" to the correct zone in which the device (miner) is located, such as either LAN or DMZ.

    Also, is HTTPS and SSH really necessary? Isn't those two ports (1680 & 44158) enough?

    If a post solves your question use the 'Verify Answer' button.

    XG 115w Rev.3 8GB RAM v19.5 MR1 @ Home.

  • 0 in reply to Prism

    Changed.  Helium suggests 443 and 22 open for support and updates, but I removed it since my NMAP scan shows it open.

  • 0 in reply to wrightcomply

    I'm perplexed why I get the ports I pasted in, but not 1680 or 44158? I'm still relayed on my bobcatminer and NMAP is still not finding 1680 or 44158 open.  I'm about ready to get rid of Sophos and switch to SonicWall.

  • 0 in reply to wrightcomply

    You will need two rules, one for incoming traffic originating outside of your network and one for outgoing traffic originating inside you network.

    Ian

    XG115W - v19.5.1 mr-1 - Home

    If a post solves your question please use the 'Verify Answer' button.

  • 0 in reply to rfcat_vk

    I have both for incoming and outgoing traffic.  NMAP still shows no open port for 44158 or 1680

Reply Children
No Data
Share Feedback
×

Submitted a Tech Support Case lately from the Support Portal?