Guest User!

You are not Sophos Staff.

Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 4 replies
  • Subscribers 26 subscribers
  • Views 10342 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

How to log all firewall traffic coming from WAN

DrMeskon

Hi,

i want to log all traffic (even if it do not match any rule) coming from WAN. How can I do that? 

Firewall is XG which is running on CR50iNG (SFOS 16.05.3 MR-3) C16213132564-B42RR2



This thread was automatically locked due to age.
Parents
  • 0

    Ok, I found feature: diagnostics -> packet capture.
    I'm looking for ip 1.1.1.1 

    See pic:  

    My wan ip let's say is 2.2.2.2. Why it is showing rule ID as 1? Because my rule 1 is VPN. WTF

    IP 10.10.x.x is local pc for which i want to allow all traffic from 1.1.1.1

  • 0 in reply to DrMeskon

    Ok, i found that rule 1 is not first rule in list, but it's ID is 1.
    So then how to allow all traffic from specific IP (let's say 1.1.1.1) to my internal network pc (10.10.x.x). Should I use DNAT as in picture:

    Because it is not matching anything

  • 0 in reply to DrMeskon

    Almis,

    you need to create a DNAT to forward external packets directed to WAN servers to internal Server using port and address translation.

    If the rule is never hit, you are doing something wrong.

    Pay attention with Source, destination and forward to.

    On Sophos Website you can find how to create a DNAT.

    Regards

Reply
  • 0 in reply to DrMeskon

    Almis,

    you need to create a DNAT to forward external packets directed to WAN servers to internal Server using port and address translation.

    If the rule is never hit, you are doing something wrong.

    Pay attention with Source, destination and forward to.

    On Sophos Website you can find how to create a DNAT.

    Regards

Children