itGeeks Posted December 14, 2015 Share Posted December 14, 2015 As the title goes for anyone still using Sophos UTM 9.3 there is an update, There is nothing exciting but its an update never the less. read about it below- https://blogs.sophos.com/2015/12/14/utm-up2dates-9-352-and-9-318-released/#more-30325 1 Link to comment Share on other sites More sharing options...
nrf Posted December 14, 2015 Share Posted December 14, 2015 security update to openSSL is always exciting to me! 2 Link to comment Share on other sites More sharing options...
itGeeks Posted December 14, 2015 Author Share Posted December 14, 2015 security update to openSSL is always exciting to me! Well someone has to get excited about an update to openSSL it may as well be you Glad I was able to make your day. Link to comment Share on other sites More sharing options...
Jason Posted December 19, 2015 Share Posted December 19, 2015 Am still on UTM 9.3 for the foreseeable future. Am trying to put a PS4 console on the "DMZ" from a consumer router standpoint. In other words, give the PS4 a static IP and open all ports to it to/from the Internet. I recognize in Sophos UTM this would warrant the creation of a new interface (called DMZ) on an unused NIC. But I have one Ethernet connection coming out of my Sophos LAN interface (NIC) going into a single Gigabit switch that my PS4 connects to across the house. Is there a way to essentially give the PS4 open access to the Internet/WAN without setting up a new DMZ interface in Sophos? I've read this might be accomplished using a VLAN but I've never set one up. Wasn't sure whether I could have 2 Ethernet cables forming out of Sophos UTM into the same switch - 1 for LAN and 1 for DMZ? To get the PS4 working off of the DMZ. Not sure of best way to do this? Sent from my iPhone using Tapatalk Link to comment Share on other sites More sharing options...
itGeeks Posted December 19, 2015 Author Share Posted December 19, 2015 (edited) Am still on UTM 9.3 for the foreseeable future. Am trying to put a PS4 console on the "DMZ" from a consumer router standpoint. In other words, give the PS4 a static IP and open all ports to it to/from the Internet. I recognize in Sophos UTM this would warrant the creation of a new interface (called DMZ) on an unused NIC. But I have one Ethernet connection coming out of my Sophos LAN interface (NIC) going into a single Gigabit switch that my PS4 connects to across the house. Is there a way to essentially give the PS4 open access to the Internet/WAN without setting up a new DMZ interface in Sophos? I've read this might be accomplished using a VLAN but I've never set one up. Wasn't sure whether I could have 2 Ethernet cables forming out of Sophos UTM into the same switch - 1 for LAN and 1 for DMZ? To get the PS4 working off of the DMZ. Not sure of best way to do this? Sent from my iPhone using Tapatalk Jason there is no need to setup a DMZ or VLANS for gaming consoles. I had several gaming consoles behind UTM9.x with no problem at all. I don't use UTM9 anymore in favor of Sophos XG so give me a bit of time to see if I can dig up my old rules in how I did this. I would never setup any gaming consoles in a DMZ, VLANS maybe but not necessary. OK I found my old UTM rules, Here is what I did. You need to give your gaming consoles a static IP either threw static-dhcp of UTM9 or threw the NIC properties of the gaming console, I prefer static-DHCP. Then in UTM9 open up web protection->filter options->misc and add the gaming consoles to the "skip transparent mode"-> source Hosts/Nets. That's it. Edited December 19, 2015 by itGeeks 2 Link to comment Share on other sites More sharing options...
Jason Posted December 19, 2015 Share Posted December 19, 2015 Thank you very much. I've googled up and down and found so many variations of port forwarding rules...even on Sony's forums. PS4 worked great until I tried to play PlayStation Now game streaming and it reported my connectivity was too slow on a 50/10 Mbit business class cable connection. Clearly it's something else. This prompted me to put this console on the "DMZ" in concept. Sent from my iPhone using Tapatalk Link to comment Share on other sites More sharing options...
itGeeks Posted December 19, 2015 Author Share Posted December 19, 2015 (edited) Thank you very much. I've googled up and down and found so many variations of port forwarding rules...even on Sony's forums. PS4 worked great until I tried to play PlayStation Now game streaming and it reported my connectivity was too slow on a 50/10 Mbit business class cable connection. Clearly it's something else. This prompted me to put this console on the "DMZ" in concept. Sent from my iPhone using Tapatalk Yes I know exactly what your going threw. There are a million ans for gaming consoles behind Sophos and none of them fully solve the problem. Follow my directions below- OK I found my old UTM rules, Here is what I did. You need to give your gaming consoles a static IP either threw static-dhcp of UTM9 or threw the NIC properties of the gaming console, I prefer static-DHCP. Then in UTM9 open up web protection->filter options->misc and add the gaming consoles to the "skip transparent mode"-> source Hosts/Nets. That's it, I had several gaming consoles working with this configuration and never had a problem. Please post back your results. I don't think I missed anything with my instructions but if it does not work for you I will dig deeper for what else I mite of done but either way this step need to be done. There is no port forwarding, DMZ or VLAN needed. Good luck Edited December 19, 2015 by itGeeks Link to comment Share on other sites More sharing options...
Jason Posted December 19, 2015 Share Posted December 19, 2015 Doesn't this just address the outbound connectivity from the PS4 device TO the internet? How do you put the PS4 out on the internet in front of the firewall with no inbound port blocking? Link to comment Share on other sites More sharing options...
itGeeks Posted December 20, 2015 Author Share Posted December 20, 2015 (edited) Doesn't this just address the outbound connectivity from the PS4 device TO the internet? How do you put the PS4 out on the internet in front of the firewall with no inbound port blocking? Y would you want to put the PS4 out on the internet in front of your firewall wide open? Y do you need no inbound port blocking?? You don't need to do this for gaming to work, The way it works is the gaming console or any device on your lan establishes an outbound connection on what ever port so the communication is allowed threw as long as you allow the outbound communication all is fine. What your describing is the reverse think of a web server sitting on your local lan, In this case the web server does not make the outbound request but rather the client on the internet make the request hens you need port forwarding to allow the communication threw the firewall. What causes all the trouble with gaming consoles is the "web proxy" and that's what my directions above help you solve. Sorry if this is not clear to you, Maybe someone else could cleanup my wording and explain better. Edited December 20, 2015 by itGeeks Link to comment Share on other sites More sharing options...
itGeeks Posted December 20, 2015 Author Share Posted December 20, 2015 (edited) Doesn't this just address the outbound connectivity from the PS4 device TO the internet? How do you put the PS4 out on the internet in front of the firewall with no inbound port blocking? Sorry I tried to edit my post above but could not. You may also be able to solve the proxy problem from the PS4 instead of from UTM following my direction above but I have not tried to this way. Take a look at the link for directions on setting up PS4 behind a "web proxy" https://help.my-private-network.co.uk/support/solutions/articles/8451-configuring-ps4-to-use-proxy-server As I said I have never tried to fix the proxy at the gaming console I have always dealt with it @ the UTM but you can try it and see what happens. Please post back with an update. Edited December 20, 2015 by itGeeks Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now