Jump to content
RESET Forums (homeservershow.com)
itGeeks

Sophos UTM is getting a new version and guess what? No more 50 IP Limit.

Recommended Posts

itGeeks

I did set Plex for the manual port and 32400 is locked in.

 

Where I am stuck is really understanding the effects of the NAT/DNAT and the firewall rule.

Thre implementation is different in many firewall situations.  Port Forwarding from a device is usually easy.

In this case, I know I need to have a definition for the outside to inside traffic and then a rule.

Where I am tripped up is conceptualizing the correct DNAT/Rule combo.

 

So, my inside rule already allows all traffic from Inside to Outside.

My network uses the standard Masquarade.

 

So if you can tell me the correct NAT (DNAT right?) and the correct configuration External Network --> Plex Server 32400 --> Internal Server?

 

I know where I am messing up but not the how.  Irony is mean sometimes...

Did you have a look at this guide https://web.archive.org/web/20150317070959/https://drashna.net/blog/2014/03/port-forwarding-with-sophos/

Share this post


Link to post
Share on other sites
coxhaus

I have a question about this new Sophos UTM firewall.  Do you happen to know whether it would work very well without using DHCP?  Or can you setup multiple scopes like Microsoft DHCP server.  I run a layer 3 switch and I run DHCP in the switch because I want to keep the switch routing all local traffic.  The switch does support DHCP RELAY but I am still running Home Server 2011 without DHCP.  I do not want to extend the VLANs to Sophos because I want the switch handling routing and the firewall only handling internet traffic.  I don't know if anybody is using a layer 3 switch here so I am just fishing for answers.

Share this post


Link to post
Share on other sites
itGeeks

I have a question about this new Sophos UTM firewall.  Do you happen to know whether it would work very well without using DHCP?  Or can you setup multiple scopes like Microsoft DHCP server.  I run a layer 3 switch and I run DHCP in the switch because I want to keep the switch routing all local traffic.  The switch does support DHCP RELAY but I am still running Home Server 2011 without DHCP.  I do not want to extend the VLANs to Sophos because I want the switch handling routing and the firewall only handling internet traffic.  I don't know if anybody is using a layer 3 switch here so I am just fishing for answers.

You don't have to use the DHCP server in Sophos infact its off by default, As for setting up "multiple scopes like Microsoft DHCP server you can do that also in Sophos :)

 

Hope this helps...

Share this post


Link to post
Share on other sites
coxhaus

I think I need a project this winter to play with so I may try the new Sophos when it goes golden.  I am running Untangle in transparent bridge mode right now for many years but the free version is missing good antivirus protection. 

 

Can you create multiple scopes even though you do not have the VLANs setup on Sophos like Microsoft DHCP?  With Microsoft DHCP I can just create a scope for any network not just the network the Microsoft DHCP server is in.

Share this post


Link to post
Share on other sites
nrf

 

The setup is a bit more ... problematic. You have to manually set up a DHCP Server, in additional to the adapter configuration.

 

this is a bit of frustration because it initially has dhcp for your first connection activity, then it disappears. That is about as far as i have gotten. there are no routing table entries, what else do I have to do to get internet access to work? I have set up the two interfaces, dhcp server, and dns settings. seems we could use that document you skipped...

Share this post


Link to post
Share on other sites
nrf

FWIW I tossed my XG setup and put my UTM 9 on my 64-bit N40L. It uses less CPU and I am sure power than the old Pentium 4/3ghz box.

I await glowing reports from XG users before I will put my toe back into those waters.

  • Like 1

Share this post


Link to post
Share on other sites
xbliss

FWIW I tossed my XG setup and put my UTM 9 on my 64-bit N40L. It uses less CPU and I am sure power than the old Pentium 4/3ghz box.

I await glowing reports from XG users before I will put my toe back into those waters.

 

Interesting. I am new to both and wanted to try them out.

The problem I faced was trying to find and download both - I did download one ISO but not sure which one it is.

Could you please help/ point me in the direction of each? 

Share this post


Link to post
Share on other sites
Jason

I'm coming up on my 50 IP limit of Sophos UTM and Sophos has no way of issuing a license that supports more without a paid subscription. May need to migrate to XG Home after all.

 

 

Sent from my iPhone using Tapatalk

Share this post


Link to post
Share on other sites
pcdoc

I'm coming up on my 50 IP limit of Sophos UTM and Sophos has no way of issuing a license that supports more without a paid subscription. May need to migrate to XG Home after all.

 

 

Sent from my iPhone using Tapatalk

 

No longer takes much effort to go above 50 anymore.  Keep us posted if you migrate.  I really love V16, it has done everything I need and then some. Good luck.

Share this post


Link to post
Share on other sites
Jason

pcdoc how did you prepare to move from your previous UTM to XG V16? Take screen shots? I'm dreading the thought of having to rebuild my Sophos UTM from the ground up and have avoided it.

 

Have been holding out hope for their promises online config migration tool.

 

 

Sent from my iPhone using Tapatalk

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now



×
×
  • Create New...