Hello,
I'd like to suggest that to simplify service definitions. I run OS X Server, so many services actually use multiple ports. In Sophos UTM this requires that you find the respective entries (if they even exist) and add them. This complicates configuration.
This can be achieved by specifying multiple ports for a given service, so that there isn't a need for multiple definitions.
For example:
OS X Screen Sharing:
TCP/UDP ports 5900, 3230
OS X Server Administration:
TCP ports 311, 625
OS X Messages Server:
TCP ports 5222, 5223, 5060, 5269, 7777
UDP ports 16384, 16385, 16386, 16387, 16388, 16389, 16390, 16391, 16392, 16393, 16394, 16395, 16396, 16397, 16398, 16399, 16400, 16401, 16402, 16403
OS X Mail Server:
TCP Ports 25, 110, 143, 587, 993, 995
OS X File Sharing:
TCP Ports 139, 548
OS X Contacts Server:
TCP Ports 8800, 8843
Apple Push Notification Service
TCP Ports 5223, 2195, 2196
OS X Calendar Server
TCP Ports 8008, 8443
This would minimise the number of entries required and greatly reduce the complexity exposing those services via NAT or the Firewall.
Thanks,
Werner
Guest User!
You are not Sophos Staff.
