Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
SolvedPrivate

Sophos UTM Beginner's Help

Posted on 2014-12-05
2
Medium Priority
?
93 Views
Last Modified: 2016-02-25
A client just bought a Sophos SG-125 UTM appliance.  I'm trying to set up access to some web and mail servers on the LAN through the web interface.  The configuration seems simple enough except that it isn't working.  I'm coming from a SonicWALL background and I'm not sure if NAT policies need to be configured the same way as in a SonicWALL.

What I'm looking for is a basic beginners guide for configuring the Sophos and I'm having a difficult time finding one.  I just want a step-by-step approach to setting up my first port forward rule that works and then I should be able to figure out the rest from there.  I think I'm just overlooking a simple step somewhere in the process.

Is there a built-in rule wizard?  Is there a packet monitor similar to SonicWALL's? I'd like to know if the packets are hitting the firewall and what is possibly them to drop.
0
Comment
Question by:jekautz
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 65

Accepted Solution

by:
btan earned 2000 total points
ID: 40484513
Some reference to help in port forwarding (or NAT).
Do leverage on the kb to aid troubleshooting too. Their tech support
http://www.sophos.com/en-us/support/contact-support.aspx
For feature request consideration - http://feature.astaro.com/forums/17359-utm-formerly-asg-feature-requests/suggestions/396298-logging-live-log-for-packet-filter-with-rule-filt

Below are two common use case:

For servers or systems behind the ASG to be accessible to internet connections
http://www.sophos.com/en-us/support/knowledgebase/115145.aspx
OR another blog https://drashna.net/blog/2014/03/port-forwarding-with-sophos/ stating on  having “Automatic Firewall rule” checked. This will create a rule for the firewall, so that the traffic is allowed

UTM: Accessing Internal or DMZ servers from Internal Networks using DNAT (this alters the destination)
http://www.sophos.com/en-us/support/knowledgebase/115191.aspx

Not seen a wizard per se but you can catch the admin guide (though old) and refer to the section 18 Support. The 3 Dashboard also stated it display total of dropped and rejected data packets for which logging is enabled, it has a flow monitor displays the traffic of the last ten minutes and refreshes automatically at short intervals. However, these may not be as effective for drilling in troubleshooting. There is another "Live Log: Firewal" which can help in filtering searching e.g. via IP else it is tcpdump and tail as commonly use or pipe it to external syslog server..The log can be found in Logging & Reporting | View Log Files
http://www.sophos.com/en-us/medialibrary/PDFs/documentation/utm9_manual_eng.pdf

in fact there is shell console access but it is not recommended as whole - it stated "Direct configuration of Astaro from the shell is unsupported, unless directed to by Astaro Support staff or official documentation. For paid licenses, modifications done from the shell without direction or sanction may nullify your support agreement."
https://www.astaro.org/gateway-products/general-discussion/39237-astaro-useful-shell-commands.html

There is useful command such as atop to aid troubleshooting
https://www.sophos.com/en-us/support/knowledgebase/120835.aspx
0
 
LVL 4

Author Closing Comment

by:jekautz
ID: 40494686
Btan,

The article you posted, http://www.sophos.com/en-us/support/knowledgebase/115145.aspx, helped me with my question.  The rest of the links provided good bonus material.  Thank you.
0

Featured Post

Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article offers some helpful and general tips for safe browsing and online shopping. It offers simple and manageable procedures that help to ensure the safety of one's personal information and the security of any devices.
Envision that you are chipping away at another e-business site with a team of pundit developers and designers. Everything seems, by all accounts, to be going easily.
If you're a developer or IT admin, you’re probably tasked with managing multiple websites, servers, applications, and levels of security on a daily basis. While this can be extremely time consuming, it can also be frustrating when systems aren't wor…
We’ve all felt that sense of false security before—locking down external access to a database or component and feeling like we’ve done all we need to do to secure company data. But that feeling is fleeting. Attacks these days can happen in many w…

604 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question