Guest User!

You are not Sophos Staff.

Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 3 replies
  • Subscribers 27 subscribers
  • Views 12658 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Using host groups in firewall rules

Developer Chris

Hi

Disclaimer: I am new to Sophos XG and may have missed the section that discusses this, I have searched exhaustively.

We provide hosting services for a large number of websites. We do not do any LAN to WAN firewalling.

To protect administration backends we use paths with HOST IP restrictions. Which we then group under various categories by creating named IP Host Groups.

I am unable to see how we can add an IP Host Group to Allowed Clients and Blocked Clients when creating a path based rule. Instead it appears we have to select individual IP's and ip ranges. This is very frustrating as we have lots of groups of IP's with different needs.

Is there a method to enable the use of IP Host Groups, or should we achieve this in another way??



This thread was automatically locked due to age.
  • 0

    Hi,

    you create ip hosts in 'host and services' then add them to your ip host group in the 'host and services' tab.

    You then select this group in your firewall rule.

    Ian

  • 0 in reply to rfcat_vk

    "You then select this group in your firewall rule."

     

    This is the part that's missing when I use the interface to try and add a group it does not display any of the created groups.

    I have attached an image of where I am trying to add the group.

    It is the same irrespective of whether I try to add the group at the path rule level or at the access permission level.

     

     

    This is an example of a group I cant see any other settings I need to change to make it available to use in a business rule

     

  • 0 in reply to Developer Chris

    Hi,

    I can see away of doing what you want. You appear to have identified a bug or missing feature in XG, log a fault with support.

    You will need to create a new group while editing your rule and then add each of those ranges. Not a logical way to manage rules.

    I hope this will be fixed in the shortly to be release v17b.

    Ian