Sophos XG: port forwarding rule


In this tutorial, we are going to create an incoming traffic rule by transferring from a specific port (443).

This type of rule is used for:

  • Publish a web server
  • Inbound SMTP
  • Publish POP / IMAP


Before you start creating the rule, you must add the host to the firewall.

In the case of non-standard port, you must also add the service on the firewall.

Create an Inbound Rule

1. From the web interface, go to Firewall 1 then click on Add firewall rule 2 and choose Business application rule 3 .
Add rule

2. Application model choose DNAT / Full NAT / Load Balancing 1 .
Rule model

3. Configure the rule with the following elements:

1 Name the rule
2 Source : WAN
3 Port/IP source
4 Services (ports)
5 Destination servers
6 Server area (LAN/DMZ…)
7 Check the box to record traffic
8 Click on Save.
Rule config

4. The rule is added 1 .
rule added

How useful was this post?

Click on a star to rate it!

Average rating / 5. Vote count:

We are sorry that this post was not useful for you!

Let us improve this post!

Related Posts

Sophos XG configure a DHCP relay
Présentation A DHCP relay is a service that listens for DHCPDISCOVER frames to transfer them to a DHCP server. The DHCP relay avoids installing a DHCP service by network segment (MPLS, VLAN ...). Before configuring the relay firewall, the DHCP servic

SOPHOS XG: clientless access
Clientless access presentation Client-free access to Sophos XG firewalls allows connections to corporate servers without a VPN client by going directly through an internet browser as Citrix does. Clientless access configure Firewall configuration 1.

Sophos XG high traffic on the BITS application
Symptom The Windows and Office 2016 updates use the operating system BITS to download the updates. The passage in the proxy of the firewall and the antivirus scan "prevents" the download and it runs in a loop saturating the tape.. You can see on the

Leave a Comment