Thread Info
  • State Not Answered
  • +1 person also asked this people also asked this
  • Locked Locked
  • Replies 3 replies
  • Subscribers 27 subscribers
  • Views 7860 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Port forwarding not working with Sophos XG 16

R0bse

Hi all,

I moved from a PFsense firewall to Sophos XG but I do not get the port fowarding to work. I would like to have access to my Synology DiskStation from the internet. I have the following setup:

DSL modem: 192.168.1.1

Sophos XG WAN IP: 192.168.1.2

Sophos XG LAN IP: 192.168.2.1

Synology DiskStation IP: 192.168.2.5 - Application running on Port 5001

I have read a lot of threads in this community but I do not get access from the internet. Here is my firewall configuration:

Protected Server config:

 

Does anybody have an idea, what I am doing wrong?

Cheers

 

Robin



This thread was automatically locked due to age.
Parents
  • 0

    Robin,

    while you try to access the Synology, go to XG console and use the drop-packet capture command

    Regards

  • 0 in reply to lferrara

    Does this log entry help?

     

    2017-09-29 10:02:43 0103021 IP 192.168.1.1.61495 > 192.168.1.2.5001 : proto TCP:
     S 1034788460:1034788460(0) win 64240 checksum : 4337                           
    0x0000:  4500 0034 308a 4000 7e06 48e6 c0a8 0101  E..40.@.~.H.....              
    0x0010:  c0a8 0102 f037 1389 3dad 9e6c 0000 0000  .....7..=..l....              
    0x0020:  8002 faf0 10f1 0000 0204 05b4 0103 0308  ................              
    0x0030:  0101 0402                                ....                          
    Date=2017-09-29 Time=10:02:43 log_id=0103021 log_type=Firewall log_component=Loc
    al_ACLs log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev
    =Port2 out_dev= inzone_id=2 outzone_id=4 source_mac=68:a0:f6:32:f3:e8 dest_mac=0
    0:0d:b9:40:37:3d l3_protocol=IP source_ip=192.168.1.1 dest_ip=192.168.1.2 l4_pro
    tocol=TCP source_port=61495 dest_port=5001 fw_rule_id=3 policytype=3 live_userid
    =0 userid=0 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=0 hotspot_id=0 hotspotu
    ser_id=0 hb_src=0 hb_dst=0 dnat_done=0 proxy_flags=0 icap_id=0 app_filter_id=0 a
    pp_category_id=0 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0
     source_nat_id=0 cluster_node=0 inmark=0x8001 nfqueue=0 scanflags=0 gateway_offs
    et=0 max_session_bytes=0 drop_fix=0 ctflags=0 connid=3292843680 masterid=0 statu
    s=256 state=1 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src
    _ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A  
Reply
  • 0 in reply to lferrara

    Does this log entry help?

     

    2017-09-29 10:02:43 0103021 IP 192.168.1.1.61495 > 192.168.1.2.5001 : proto TCP:
     S 1034788460:1034788460(0) win 64240 checksum : 4337                           
    0x0000:  4500 0034 308a 4000 7e06 48e6 c0a8 0101  E..40.@.~.H.....              
    0x0010:  c0a8 0102 f037 1389 3dad 9e6c 0000 0000  .....7..=..l....              
    0x0020:  8002 faf0 10f1 0000 0204 05b4 0103 0308  ................              
    0x0030:  0101 0402                                ....                          
    Date=2017-09-29 Time=10:02:43 log_id=0103021 log_type=Firewall log_component=Loc
    al_ACLs log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev
    =Port2 out_dev= inzone_id=2 outzone_id=4 source_mac=68:a0:f6:32:f3:e8 dest_mac=0
    0:0d:b9:40:37:3d l3_protocol=IP source_ip=192.168.1.1 dest_ip=192.168.1.2 l4_pro
    tocol=TCP source_port=61495 dest_port=5001 fw_rule_id=3 policytype=3 live_userid
    =0 userid=0 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=0 hotspot_id=0 hotspotu
    ser_id=0 hb_src=0 hb_dst=0 dnat_done=0 proxy_flags=0 icap_id=0 app_filter_id=0 a
    pp_category_id=0 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0
     source_nat_id=0 cluster_node=0 inmark=0x8001 nfqueue=0 scanflags=0 gateway_offs
    et=0 max_session_bytes=0 drop_fix=0 ctflags=0 connid=3292843680 masterid=0 statu
    s=256 state=1 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src
    _ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A  
Children