Guest User!

You are not Sophos Staff.

Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 11 replies
  • Subscribers 27 subscribers
  • Views 893 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

How to enable SNMP via WAN on Sophos XG v19.5

sneader

Running SFOS 19.5.0 GA-Build197

How to enable SNMP via WAN port?

I have enabled:   System > Administration > Device Access > SNMP on WAN and LAN

There is no response to SNMP queries from the WAN.  However, it works fine in LAN.

What else needs to be accomplished for this to work?

- Scott



This thread was automatically locked due to age.
Parents
  • 0

    Hi sneader,

    Thank you for reaching out to Sophos Community.

    I've found an old post from you with the same queries and a solution. 

    community.sophos.com/.../snmp-on-wan-not-working

    Erick Jan
    Community Support Engineer | Sophos Technical Support
    Sophos Support Videos Product Documentation  |  @SophosSupport  | Sign up for SMS Alerts
    If a post solves your question use the 'Verify Answer' link.

  • 0 in reply to Erick Jan

    I did a packet capture, first looking for incoming packets from the remote server trying to query the Sophos on the alternate port (6161), and the packets are received OK and accepted.  So, the firewall rule seems OK.  Next, I need to see what is happening with the NAT rule, which is supposed to translate the alternate port UDP 6161, to the real SNMP UDP port of 161, and translate the destination IP from the WAN port, to the LAN port IP.  I did a packet capture looking for the translated port (161) and it appears that the Sophos is blocking the packets. Port1 is LAN, Port3 is WAN.

    Time
    In interface
    Out interface
    Ethernet type
    Source IP
    Destination IP
    Packet type
    Ports [src,dst]
    NAT ID
    Rule ID
    Status
    Reason
    2023-02-15 13:33:45
    Port3
    IPv4
    1.2.3.4
    10.1.1.250
    UDP
    33367,161
    11
    0
    Violation
    Local_ACL
Reply
  • 0 in reply to Erick Jan

    I did a packet capture, first looking for incoming packets from the remote server trying to query the Sophos on the alternate port (6161), and the packets are received OK and accepted.  So, the firewall rule seems OK.  Next, I need to see what is happening with the NAT rule, which is supposed to translate the alternate port UDP 6161, to the real SNMP UDP port of 161, and translate the destination IP from the WAN port, to the LAN port IP.  I did a packet capture looking for the translated port (161) and it appears that the Sophos is blocking the packets. Port1 is LAN, Port3 is WAN.

    Time
    In interface
    Out interface
    Ethernet type
    Source IP
    Destination IP
    Packet type
    Ports [src,dst]
    NAT ID
    Rule ID
    Status
    Reason
    2023-02-15 13:33:45
    Port3
    IPv4
    1.2.3.4
    10.1.1.250
    UDP
    33367,161
    11
    0
    Violation
    Local_ACL
Children
No Data
Unfiltered HTML