Sophos XG Port Forwarding

Coming from the Sophos UTM the XG looks alot more modern and uses a more modern terminology when it comes to firewall rules, natting and port forwarding.

To Create a port forward firewall rule with a linked NAT is very simple.

Create a Port/Service Group first

Hosts & Services > Services

1. Add
2. Enter a Name eg Sonos Ports
3. Type = TCP/UDP
4. Protocol = either udp or tcp.
5. Source Port = Generally i leave it on 1:65535 or you could specify a strict port i.e. 443 for HTTPS
6. Destination Port = The port for the Internal Server i.e. 443

Rules & Policies > Firewall Rules

1. Add Firewall Rule > Server access assistant (DNAT)
2. Internal Server IP = Select your Server IP or Hostname
3. Public IP = Select your WAN Port
4. Services = The Ports you wish to forward to the Internal Server that we created earlier
5. This will automatically generate 3 NAT rules and a Firewall Rule