SolvedPrivate

Sophos UTM Beginner's Help

Posted on 2014-12-05
2
74 Views
Last Modified: 2016-02-25
A client just bought a Sophos SG-125 UTM appliance.  I'm trying to set up access to some web and mail servers on the LAN through the web interface.  The configuration seems simple enough except that it isn't working.  I'm coming from a SonicWALL background and I'm not sure if NAT policies need to be configured the same way as in a SonicWALL.

What I'm looking for is a basic beginners guide for configuring the Sophos and I'm having a difficult time finding one.  I just want a step-by-step approach to setting up my first port forward rule that works and then I should be able to figure out the rest from there.  I think I'm just overlooking a simple step somewhere in the process.

Is there a built-in rule wizard?  Is there a packet monitor similar to SonicWALL's? I'd like to know if the packets are hitting the firewall and what is possibly them to drop.
0
Comment
Question by:jekautz
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 63

Accepted Solution

by:
btan earned 500 total points
ID: 40484513
Some reference to help in port forwarding (or NAT).
Do leverage on the kb to aid troubleshooting too. Their tech support
http://www.sophos.com/en-us/support/contact-support.aspx
For feature request consideration - http://feature.astaro.com/forums/17359-utm-formerly-asg-feature-requests/suggestions/396298-logging-live-log-for-packet-filter-with-rule-filt

Below are two common use case:

For servers or systems behind the ASG to be accessible to internet connections
http://www.sophos.com/en-us/support/knowledgebase/115145.aspx
OR another blog https://drashna.net/blog/2014/03/port-forwarding-with-sophos/ stating on  having “Automatic Firewall rule” checked. This will create a rule for the firewall, so that the traffic is allowed

UTM: Accessing Internal or DMZ servers from Internal Networks using DNAT (this alters the destination)
http://www.sophos.com/en-us/support/knowledgebase/115191.aspx

Not seen a wizard per se but you can catch the admin guide (though old) and refer to the section 18 Support. The 3 Dashboard also stated it display total of dropped and rejected data packets for which logging is enabled, it has a flow monitor displays the traffic of the last ten minutes and refreshes automatically at short intervals. However, these may not be as effective for drilling in troubleshooting. There is another "Live Log: Firewal" which can help in filtering searching e.g. via IP else it is tcpdump and tail as commonly use or pipe it to external syslog server..The log can be found in Logging & Reporting | View Log Files
http://www.sophos.com/en-us/medialibrary/PDFs/documentation/utm9_manual_eng.pdf

in fact there is shell console access but it is not recommended as whole - it stated "Direct configuration of Astaro from the shell is unsupported, unless directed to by Astaro Support staff or official documentation. For paid licenses, modifications done from the shell without direction or sanction may nullify your support agreement."
https://www.astaro.org/gateway-products/general-discussion/39237-astaro-useful-shell-commands.html

There is useful command such as atop to aid troubleshooting
https://www.sophos.com/en-us/support/knowledgebase/120835.aspx
0
 
LVL 4

Author Closing Comment

by:jekautz
ID: 40494686
Btan,

The article you posted, http://www.sophos.com/en-us/support/knowledgebase/115145.aspx, helped me with my question.  The rest of the links provided good bonus material.  Thank you.
0

Featured Post

Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Transferring data across the virtual world became simpler but protecting it is becoming a real security challenge.  How to approach cyber security  in today's business world!
Envision that you are chipping away at another e-business site with a team of pundit developers and designers. Everything seems, by all accounts, to be going easily.
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …
Finding and deleting duplicate (picture) files can be a time consuming task. My wife and I, our three kids and their families all share one dilemma: Managing our pictures. Between desktops, laptops, phones, tablets, and cameras; over the last decade…

739 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question