Hi All
We have recently taken over IT support for a company that uses a Sophos UTM 9 , We are trying to install our Connectwise Control agent onto the computers. This process can only be triggered from our CW system (no MSI or EXE installer for GP pushout). Anyway the process always fails - I raised the issue with CW support and they said its likely because TCP port 8040 and 8041 was being blocked.
On further testing via canyouseeme.org on the clients server I can indeed see that those ports are not showing as open.
I have attempted to create DNAT and Firewall rules as per the info I found on this forum but still struggling. So far I have completed the below:
1. I created 2 services one called CW and one called CW2 with each having the below settings
Type or definition: TCP
Destination Port: 8040 (the other service has 8041)
Source Port: 1:65535
2. I then created a DNAT rule as a test with the following:
For traffic from: Any
Using Service: CW (CW2 for the 2nd DNAT rule)
Going to: Leased Line (Public IP)
Change the destination to: DC01 (Server)
I also ticked the automatic firewall rule but I also set the below firewall rules as a test
Source: Any
Services: CW and CW2
Destination: Any
Action: Allow
Still blocked!
I am aware that allowing Any is not good practice but when its working I can restrict it down to just the destinations and sources required.
Any ideas?
This thread was automatically locked due to age.
