Hoping more videos on SFOS V18 waiting for that. Thank You
@MikeFaucher4 жыл бұрын
Thank you for the feedback.
@danpowell74213 жыл бұрын
Hey Mike, This video is awesome - Very clear and makes perfect sense. Thanks for sharing
@MikeFaucher3 жыл бұрын
Great to hear and thanks for the feedback.
@canadianwildlifeservice8883 Жыл бұрын
Original Destination being the WAN port actually makes sense since everything going to your firewall will be "destined" to your WAN port since private IP addresses (the LAN) are not routable over the internet. Therefore NAT translation always occurs with IPv4.
@MikeFaucher Жыл бұрын
Thanks for your input.
@michaelschmidt613 жыл бұрын
Hello, Mike, I would like to learn something about creating users and linking clients to the Sophos firewall.
@MikeFaucher3 жыл бұрын
Thanks. I will add it to my list of features to cover. Thanks.
@robbetto97762 жыл бұрын
Thanks for the video, can you please tell me if it is mandatory to link a nat rule to a firewall policy? Is there a best practice? Thanks
@MikeFaucher2 жыл бұрын
If you only have one internet provider, it is best and easiest to use one default NAT rule and not create a linked rule. The only exception are things like port forwarding. In my situation, I have only one NAT rule that handles all outgoing traffic from my LANS and VLANs.
@reinaldoremedios57713 жыл бұрын
Hey Mike, great video. However, there is something that I have not been able to find in any video for Sophos which is how to configure Port Forwarding for a TCP or UDP port range. I am not referring to one port or a list of single ports, but to a port range, ex. 10000-20000. Is it that possible with Sophos XG v.18?
@MikeFaucher3 жыл бұрын
Thanks for the feedback. Yes it is possible. You can just create a new service (under host and services) with a UDP protocol, Source port would be the same 1:65535, and the destination port would be 10000:20000 and save it. Then just call out the service like I did in the example but since the service is a range, it will use the ranges. Hope that helps.
@stephend39612 жыл бұрын
Unless the Firewall rule and NAT rule are linked together, I still don't see or understand how to determine which rules are working together. How does the Firewall rule know which NAT rule to use, or which NAT rule and which Firewall rule goes together. Very confusing.
@MikeFaucher2 жыл бұрын
If you look at video I created one default NAT rule. If no linked rule is created then it uses the default rule
@michaelschmidt613 жыл бұрын
Hallo Mike, thank you vermy much fore this excellent tutorial. Hoping to see more of your videos. Michael Schmidt
@MikeFaucher3 жыл бұрын
Thanks for the feedback. Let me know which topics you would like to see.
@michaelschmidt613 жыл бұрын
@@MikeFaucher Hallo Mike, i started first time by working with an firewall on my network. So the number of my questions is very divers, for example an introduktion to thecreation of users, the connecting to my devices. I don´t have any neywork ads on my admin workspace. A link to an existing video would help too. Best wishes Michael
@MikeFaucher3 жыл бұрын
@@michaelschmidt61 Thanks for the feedback and I will post if I come up with anything.
@BrownsvilleNotification Жыл бұрын
On your port forward rule, isn't #Port2 your WAN port, I don't understand how LAN and Port2 would be associated as the destination.
@MikeFaucher Жыл бұрын
This is for the return. When something comes in to the internet, the destination is port #2 WAN, which in turn gets forward to the a lan port.
@BrownsvilleNotification Жыл бұрын
@@MikeFaucher Ohh I see, thanks. I would have put Port 1 thinking the source would be from Port 2 but that makes sense.
@mthurtell3 жыл бұрын
Hi Mike, Excellent video. Very helpful indeed - the port forwarding is not very intuitive but makes perfect sense. Got a question regarding redirecting ports. Say I want to redirect Port 8000 to 8000, and port 8001 -> 80. TCP (8000) / (8000), TCP (8001) / (80) However if I change the source port to 1:65535 - it sends it straight on through - but obviously without the redirect.
@MikeFaucher3 жыл бұрын
Thank you. In addtion to the firewall rule, you need a custom NAT rule. The process is basically the same as shown in the video except the NAT rule's original service would be defined as port 80, and the translated services would be 8000/8001. My video show the same port (service) on the original and translated but it does not have to be that way. Hope that helps. BTW, not sure what the application is but it appears it may be cameras and if so I would suggest not putting them on port 80. Good luck.
@johnoyando90873 жыл бұрын
How is you mike, my firewall just upgraded to v18, was trying to create a new rule to to allow Alcohol and tobacco websites on my firewall but am not. could you kindly take me through this
@MikeFaucher3 жыл бұрын
The blocks are coming from your web filtering. Goto the web filter you have assigned to your default rule and edit the categories to remove the block (if it exists) or to add the categories allow. If you refer to my older video (kzbin.info/www/bejne/jpm9fXR-f9-kotk) if covers web filtering. It is for version 17 but the process is basically the same. Hope that helps.