SolvedPrivate

Sophos UTM Beginner's Help

Posted on 2014-12-05
2
70 Views
Last Modified: 2016-02-25
A client just bought a Sophos SG-125 UTM appliance.  I'm trying to set up access to some web and mail servers on the LAN through the web interface.  The configuration seems simple enough except that it isn't working.  I'm coming from a SonicWALL background and I'm not sure if NAT policies need to be configured the same way as in a SonicWALL.

What I'm looking for is a basic beginners guide for configuring the Sophos and I'm having a difficult time finding one.  I just want a step-by-step approach to setting up my first port forward rule that works and then I should be able to figure out the rest from there.  I think I'm just overlooking a simple step somewhere in the process.

Is there a built-in rule wizard?  Is there a packet monitor similar to SonicWALL's? I'd like to know if the packets are hitting the firewall and what is possibly them to drop.
0
Comment
Question by:jekautz
2 Comments
 
LVL 62

Accepted Solution

by:
btan earned 500 total points
ID: 40484513
Some reference to help in port forwarding (or NAT).
Do leverage on the kb to aid troubleshooting too. Their tech support
http://www.sophos.com/en-us/support/contact-support.aspx
For feature request consideration - http://feature.astaro.com/forums/17359-utm-formerly-asg-feature-requests/suggestions/396298-logging-live-log-for-packet-filter-with-rule-filt

Below are two common use case:

For servers or systems behind the ASG to be accessible to internet connections
http://www.sophos.com/en-us/support/knowledgebase/115145.aspx
OR another blog https://drashna.net/blog/2014/03/port-forwarding-with-sophos/ stating on  having “Automatic Firewall rule” checked. This will create a rule for the firewall, so that the traffic is allowed

UTM: Accessing Internal or DMZ servers from Internal Networks using DNAT (this alters the destination)
http://www.sophos.com/en-us/support/knowledgebase/115191.aspx

Not seen a wizard per se but you can catch the admin guide (though old) and refer to the section 18 Support. The 3 Dashboard also stated it display total of dropped and rejected data packets for which logging is enabled, it has a flow monitor displays the traffic of the last ten minutes and refreshes automatically at short intervals. However, these may not be as effective for drilling in troubleshooting. There is another "Live Log: Firewal" which can help in filtering searching e.g. via IP else it is tcpdump and tail as commonly use or pipe it to external syslog server..The log can be found in Logging & Reporting | View Log Files
http://www.sophos.com/en-us/medialibrary/PDFs/documentation/utm9_manual_eng.pdf

in fact there is shell console access but it is not recommended as whole - it stated "Direct configuration of Astaro from the shell is unsupported, unless directed to by Astaro Support staff or official documentation. For paid licenses, modifications done from the shell without direction or sanction may nullify your support agreement."
https://www.astaro.org/gateway-products/general-discussion/39237-astaro-useful-shell-commands.html

There is useful command such as atop to aid troubleshooting
https://www.sophos.com/en-us/support/knowledgebase/120835.aspx
0
 
LVL 4

Author Closing Comment

by:jekautz
ID: 40494686
Btan,

The article you posted, http://www.sophos.com/en-us/support/knowledgebase/115145.aspx, helped me with my question.  The rest of the links provided good bonus material.  Thank you.
0

Featured Post

U.S. Department of Agriculture and Acronis Access

With the new era of mobile computing, smartphones and tablets, wireless communications and cloud services, the USDA sought to take advantage of a mobilized workforce and the blurring lines between personal and corporate computing resources.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Transferring data across the virtual world became simpler but protecting it is becoming a real security challenge.  How to approach cyber security  in today's business world!
This paper addresses the security of Sennheiser DECT Contact Center and Office (CC&O) headsets. It describes the DECT security chain comprised of “Pairing”, “Per Call Authentication” and “Encryption”, which are all part of the standard DECT protocol.
Although Jacob Bernoulli (1654-1705) has been credited as the creator of "Binomial Distribution Table", Gottfried Leibniz (1646-1716) did his dissertation on the subject in 1666; Leibniz you may recall is the co-inventor of "Calculus" and beat Isaac…
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …

777 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question