Guest User!

You are not Sophos Staff.

Thread Info
  • State Verified Answer
  • Locked Locked
  • Replies 5 replies
  • Subscribers 26 subscribers
  • Views 15096 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Struggling to get Plex connected

RichardHill

I'm trying to get internet traffic to arrive to my Plex media server which is attached to my XGF. I've Had it working without issue when connected to my outer firewall; but I'm struggling with getting it working via XGF.

My network is as below:

 

I've already covered why I'm using the SkyQ firewall in my first bullet point of this post

My forwarding rule on the Q Firewall is like this:

Any->MediaServerIP:32400 Allow.

This has been changed to: Any->10.0.0.3:32400 Allow, as a result of me moving it internally.

I have then configured port forwarding on Sophos to this:

WAN Zone (10.0.0.0/28) -> MediaServer:32400 Allow.

I have also set up a forwarding rule in the other type of firewall rule.

I can provide screen shots if required.



This thread was automatically locked due to age.
  • 0

    Richard,

    please provide the DNAT screenshot and tcpdump port 32400 output while you try to access the media server Application.

    Regards

  • 0 in reply to lferrara

    The above are the Firewall rules.

    The below is a blocked firewall packet.

    IPv4 Header
    Source IP Address:10.0.0.18
    Destination IP Address:192.168.1.103
    Protocol: TCP
    Header:20 Bytes
    Type of Service: 0
    Total Length: 40 Bytes
    Identification:36226
    Fragment Offset:16384
    Time to Live: 63
    Checksum: 57900
     
    TCP Header:
    Source Port: 32400
    Destination Port: 37663
    Flags: FIN
    Sequence Number: 4130926547
    Acknowledgement Number: 3808333561
    Window: 251
    Checksum: 30978
  • 0 in reply to RichardHill

    Richard,

    thanks for the screenshot.

    Please make sure to post screenshot of the complete DNAT configuration. So open the rule and take snapshots. Also, execute tcpdump and drop-packet-capture "port 32400" from console.

    It is more verbose!

  • 0 in reply to lferrara

    Hi Luk,

    I can't seem to complete the tcpdump command. Is this a bespoke implementation of it? It's not working how it has for me in the past. Every time I type what you've stated in (tcpdump drop-packet-capture "port 32400") it states "Error Unknown Parameter 'port 32400'". So I tried entering port numbers how I remember and that is this: (tcpdump port 32400 dst || src 10.0.0.18), but then it states "Error: Unknown Parameter '32400'". So I tried just doing this: (tcpdump drop-packet-capture) and it returns "tcpdump: syntax error".

    Obviously all commands I've entered haven't had the brackets either side of them.

    Anyway, below is the firewall rule expanded:

  • +1

    Hi All,

    I deleted my firewall rules specific to this issue and rebuilt them using this post as a guide.

    The rules were similar to mine, but I'd put a "standard" firewall entry in as well as a "business" (non-http) entry that included the port forwarding etc. (Can't remember the official names). I think they were, perhaps, interfering with each other for some reason. Either way, it's working now.

    Also, one thing that is really confusing is the whole "Destination & Service" part. After reading I came to the understanding was that "destination" relates to the packet before it hits the firewall. Basically ask yourself this question before completing this section "What would be the destination of the packet if I viewed it leaving the last hop". That'll give you your answer!