Jump to content
RESET Forums (homeservershow.com)
itGeeks

Sophos UTM is getting a new version and guess what? No more 50 IP Limit.

Recommended Posts

itGeeks

Wear-leveling is dependent on controller chip algorithms and such on the SSD, not the interface of the SSD.

 

And for reference, I've had the same mSATA SSD in my laptop for several years now.  Nothing fancy, regular MLC flash with a Phison controller chip, and it has been just fine.

 

Also note --once you set up an SSD on a firewall, you probably won't be doing a ton of writes to it.  They will mainly be to do updates (unless the OS has a swap file, and even that probably won't be a lot of writing).  Reads aren't going to be a big deal, so it should last a long time.

 

Finally, SATA2 vs. SATA3 isn't likely to matter much in this particular use case.  Having an SSD vs. having a platter-based drive --now that matters.  Go with an SSD that's inexpensive, but go with a brand that has a reasonable reliability rate.

Thanks for the info...

Share this post


Link to post
Share on other sites
azcoyote

I did make it a point to disable much of my logging so it wasn't constantly writing to disk then tailing it off.

 

The NAT for my 32400 port on Plex has me totally flumoxed.  I clearly am not getting it. 

 

I am surely gonna feel stupid when I do.... I am open to that if anyone can throw me a bone.  :)

 

Just trying to direct outside traffic to the Plex so it is available everywhere....

Share this post


Link to post
Share on other sites
mattb75

Ref access to Plex, have you tried creating a VPN and then connecting to Plex via that?

 

It would reduce the number of holes you need to punch through the firewall as well.

 

 

Sent from my iPhone using Tapatalk

Share this post


Link to post
Share on other sites
Jason

Am also running Sophos UTM 9.3 Home. Wasn't aware there was a new beta. When is new version expected for GA release?

 

 

Sent from my iPhone using Tapatalk

Share this post


Link to post
Share on other sites
itGeeks

I did make it a point to disable much of my logging so it wasn't constantly writing to disk then tailing it off.

 

The NAT for my 32400 port on Plex has me totally flumoxed.  I clearly am not getting it. 

 

I am surely gonna feel stupid when I do.... I am open to that if anyone can throw me a bone.  :)

 

Just trying to direct outside traffic to the Plex so it is available everywhere....

Did you every get this sorted out with Plex? I don't want to offer you help for something that has already been solved ;)

Edited by itGeeks

Share this post


Link to post
Share on other sites
itGeeks

Am also running Sophos UTM 9.3 Home. Wasn't aware there was a new beta. When is new version expected for GA release?

 

 

Sent from my iPhone using Tapatalk

Sometime 1st QTR 2016, Right now it looks like it could be Jan but that could change as the GA date has already change once. Its open beta so you could download it and learn the entirely new design of how things get setup now, Ya its a totally different product from what your use to with UTM 9 and this is not going to be v10 this is very much a v1 product but I like it so far, It seems to run about 20% faster then UTM 9.

You can signup and download the beta here: https://www.sophos.com/en-us/lp/copernicus-beta.aspx

Share this post


Link to post
Share on other sites
itGeeks

I did make it a point to disable much of my logging so it wasn't constantly writing to disk then tailing it off.

 

The NAT for my 32400 port on Plex has me totally flumoxed.  I clearly am not getting it. 

 

I am surely gonna feel stupid when I do.... I am open to that if anyone can throw me a bone.  :)

 

Just trying to direct outside traffic to the Plex so it is available everywhere....

Sorry for the double post I tried to edit my other post but could not. The one thing I will say is you need to go into the Plex server setting and put a check mark for "manually specify port" but leave the port as 32400, You need to do this because otherwise Plex will try to setup the port forwarding for you using UPnP and therefor will fail, Sophos does not support UPnP and that's a good thing.

Share this post


Link to post
Share on other sites
nrf

Sorry for the double post I tried to edit my other post but could not. The one thing I will say is you need to go into the Plex server setting and put a check mark for "manually specify port" but leave the port as 32400, You need to do this because otherwise Plex will try to setup the port forwarding for you using UPnP and therefor will fail, Sophos does not support UPnP and that's a good thing.

Folks, this seemingly simple technique is worth putting into some faq somewhere. I used the same method to get my security recorder accessible from behind sophos. Whatever port it chose ended up in my NAT rule. I suspect all that matters is the box and sophos are in agreement but it is typically easier to 'go with the flow' and let the appliance pick a port and match it in the router.

Share this post


Link to post
Share on other sites
Jason

Sometime 1st QTR 2016, Right now it looks like it could be Jan but that could change as the GA date has already change once. Its open beta so you could download it and learn the entirely new design of how things get setup now, Ya its a totally different product from what your use to with UTM 9 and this is not going to be v10 this is very much a v1 product but I like it so far, It seems to run about 20% faster then UTM 9.

You can signup and download the beta here: https://www.sophos.com/en-us/lp/copernicus-beta.aspx

Thanks for the info. I was hoping more for a v10 update/upgrade path than a new v1 product. Considering how far Sophos UTM has come between 9.0 to 9.3, not sure I have the stomach for a 1.0 production release unless it starts off where 9.3 left off as their base code.

 

 

Sent from my iPhone using Tapatalk

Share this post


Link to post
Share on other sites
azcoyote

Sorry for the double post I tried to edit my other post but could not. The one thing I will say is you need to go into the Plex server setting and put a check mark for "manually specify port" but leave the port as 32400, You need to do this because otherwise Plex will try to setup the port forwarding for you using UPnP and therefor will fail, Sophos does not support UPnP and that's a good thing.

 

I did set Plex for the manual port and 32400 is locked in.

 

Where I am stuck is really understanding the effects of the NAT/DNAT and the firewall rule.

Thre implementation is different in many firewall situations.  Port Forwarding from a device is usually easy.

In this case, I know I need to have a definition for the outside to inside traffic and then a rule.

Where I am tripped up is conceptualizing the correct DNAT/Rule combo.

 

So, my inside rule already allows all traffic from Inside to Outside.

My network uses the standard Masquarade.

 

So if you can tell me the correct NAT (DNAT right?) and the correct configuration External Network --> Plex Server 32400 --> Internal Server?

 

I know where I am messing up but not the how.  Irony is mean sometimes...

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now



×
×
  • Create New...