Guest User!

You are not Sophos Staff.

Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 1 reply
  • Subscribers 4 subscribers
  • Views 2603 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Firewall rule

DrMeskon

Hi,

I have Sophos UTM9. Firewall rule 141 states, to allow traffic from one internal network to two internal servers from other subnet.

However if I check logs in Sophos i see many of these:

2018:03:08-15:15:35 fw-sophos-1 ulogd[4262]: id="2002" severity="info" sys="SecureNet" sub="packetfilter" name="Packet accepted" action="accept" fwrule="141" initf="eth5" srcmac="08:5b:0e:x" dstmac="x" srcip="74.192.189.x" dstip="My Wan IP" proto="17" length="64" tos="0x08" prec="0x40" ttl="243" srcport="34692" dstport="53"

 

So the question is how the packet is accepted as it is destined to WAN and not a private server IP. How that firewall rule comes in action?



This thread was automatically locked due to age.
  • 0

    What exact version, Almis - 9.506?  Please show pictures of the Edits of firewall rule 141, the "internal network" and the server Host definitions.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Share Feedback
×

Submitted a Tech Support Case lately from the Support Portal?

Unfiltered HTML