I just got off the phone with support and was advised that I can not create a service group for TCP and UDP rules within one firewall rule. Instead, I was instructed to create 2 Business Application rules (one TCP and one UDP) an manually write in a port list. Obviously, having one rule with one service group that contains multiple TCP/UDP rules within it is preferable. Also - in SG (v9) OS it is much easier to create multiple policies inbound. However, it appears that it may not be the case in v16 yet. I tried creating a user/network rule and adding a service group, but couldn't get it to work and Sophos support advised me to leverage a Business Application rule. Does anyone have any updates that may help reduce complexity in this use case? If not, I would propose this as a feature request in the future in order to leverage service groups and be able to collapse more complex NAT/Firewall rules into one rule.
This thread was automatically locked due to age.
