Guest User!

You are not Sophos Staff.

Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 11 replies
  • Subscribers 27 subscribers
  • Views 893 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

How to enable SNMP via WAN on Sophos XG v19.5

sneader

Running SFOS 19.5.0 GA-Build197

How to enable SNMP via WAN port?

I have enabled:   System > Administration > Device Access > SNMP on WAN and LAN

There is no response to SNMP queries from the WAN.  However, it works fine in LAN.

What else needs to be accomplished for this to work?

- Scott



This thread was automatically locked due to age.
Parents Reply Children
  • 0 in reply to Erick Jan

    Thanks for your help, Erick! I will wait to see what you find out.  

  • 0 in reply to sneader

    Hello Sneader,

    Adding to what Erick has mentioned, would you be able to delete and redo the DNAT rule using the Sophos Assistant "DNAT and Firewall Rules for internal web server." If the issue persists and you are ok enabling Access ID to your device let me know and I can take a look.

    Are you a home user or a Business user? 

    Regards,

     
    Emmanuel (EmmoSophos)
    Technical Team Lead, Global Community Support
    Sophos Support VideosProduct Documentation  |  @SophosSupport  | Sign up for SMS Alerts
    If a post solves your question use the 'Verify Answer' link.
  • 0 in reply to emmosophos

    Hi Emmanuel.  I attempted to use "Server access assistant (DNAT)" but without success.  Right now, here is what I have in the Sophos

    Firewall rule:  
       Source Zone:  WAN
       Source Networks and Devices:  A specific IP on the public Internet
       Destination Zones:  Any
       Destination networks:  #PORT3 (this is my WAN port, with public IP)
       Services:  SNMP UDP 6161

    NAT Rules:
       Original Source:  Any
       Original Destination:  #PORT3 (this is my WAN port, with public IP)
       Original Service:  SNMP UDP 6161
       Translated source (SNAT):  Original
       Translated destination (DNAT): LAN Port IP
       Translated service (PAT):  SNMP UDB 161
       Inbound Interface:  Port3
       Outbound Interface:  Any

    I am attempting to accept UDP 6161 packets from a specific external IP, and translate it to UDP 161, and send the traffic to the Sophos, so that it can receive and respond to SNMP packets.  How can we make this work, like it did in version 17?

    I am a home user. I would be happy to allow your access if you tell me how.  But I would prefer that you let me try to fix it, with your advice. I just need to know how the Sophos could be accessed for SNMP, on an alternate port number.  Thanks!

    - Scott

  • 0 in reply to sneader

    Hi Scott,

    For the access ID you can see below for reference:

    docs.sophos.com/.../SupportAccess.html

    Erick Jan
    Community Support Engineer | Sophos Technical Support
    Sophos Support Videos Product Documentation  |  @SophosSupport  | Sign up for SMS Alerts
    If a post solves your question use the 'Verify Answer' link.

  • 0 in reply to Erick Jan

    Thanks for the clear instructions, Erick. I have enabled the access and sent you a PM with the details.

Unfiltered HTML