We currently have all user behind the Firewall on the LAN.
We have proxy setup on the UTM, and All traffic from the LAN is through the proxy, we usually only allow firewall rules to specific locations when opening rules.
The question is, when installing the cloud endpoint it complains there is not connection, do I need to allow any specific rules on the firewall (for example and ALLOW rule like, LAN->HTTP/S->>?????? )
We have proxy in standard mode with AD, and user pick up proxy settings automatically, nothing special.
In Web protection we have a list of exceptions (all things are bypassed like HTTPS scanning etc... etc...) for:
^https?://[A-Za-z0-9.-]*\.sophosupd\.com/
^https?://[A-Za-z0-9.-]*\.sophosupd\.net/
^https?://[A-Za-z0-9.-]*\.sophosxl\.net/
^https?://[A-Za-z0-9.-]*\.sophos\.com/
^https?://[A-Za-z0-9.-]*\.globalsign\.com/
I had also tried a firewall rule, LAN->HTTP/S->[DNS Group with the above URLs]
This thread was automatically locked due to age.
