Guest User!

You are not Sophos Staff.

Thread Info
  • State Suggested Answer
  • +1 person also asked this people also asked this
  • Locked Locked
  • Replies 3 replies
  • Answers 1 answer
  • Subscribers 4 subscribers
  • Views 3545 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Cant access webservers behind sophos bridge from outside

Dale Mathis

Hi,

 

We have recently implemented sophos UTM 9 as a bridge between our internal LAN and our ISPs router. Our ISP has a hosted firewall and our static IPs are natted from public to private IP address in the hosted firewall.

 

Sophos is up and running and all traffic flows with the exception of anything going to our webservers from outside the LAN.

 

I am having trouble discovering why sophos is blocking this traffic after having turned off intrusion protection and web filtering, and applying an ANY > ANY > ANY rule at the top of the firewall rules list. Additionally, when trying to reach the webserver from outside the LAN, I see nothing in the live log in the firewall.

Hope this is enough info to get a high level understanding of what we have.

 

Thanks,

 

-dale

 



This thread was automatically locked due to age.
  • 0

    Hi, Dale, and welcome to the UTM Community!

    I'm surprised your reseller didn't have a quick answer for you.  Without looking at your configuration, I'll guess that you have Web Filtering enabled in Transparent mode.  If that's the case, add your web servers to the Destination Skip List on the 'Misc' tab in 'Filtering Options'.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • 0 in reply to BAlfson

    Hi Bob,

     

    Thanks for the reply. I worked with Sophos phone support on this and we ran a packet capture. We didn't find any traffic being dropped, and the web filter was off.

     

    I am waiting for a call from my ISP who hosts a firewall in front of this one. When we implemented sophos UTM, we also changed from a class A to class B subnet, and I think that is what is holding us up.

     

    Since Sophos is not dropping traffic, my guess is that the ISP has some changes to make to their FW and NAT rules.

     

    I will report back here either way.

     

    Thanks again,

     

    -dale

  • +1 in reply to Dale Mathis

    So I finally sorted all of this out. 

    It turns out that our ISP's managed firewall that sits in front of my Sophos UTM was not configured correctly. I have recently learned that when I call and ask them to setup NAT rules, they have a management device they configure. They then push the configs to our hosted firewall.

     

    When I call in to verify the configs, they only look at the mgmt device. In this case they configured the mgmt device, but did not push the configs to our hosted firewall, therefore the traffic was not natting, and was not being delivered to Sophos UTM.

     

    After this config was pushed, a simple firewall policy was all the was needed in the UTM to allow the traffic.

     

    Hope this info helps someone to think outside the box.

    Thanks Bob, for your reply.

     

    Regards,

     

    -dale

Share Feedback
×

Submitted a Tech Support Case lately from the Support Portal?

Unfiltered HTML