In this tutorial, we are going to create an incoming traffic rule by transferring from a specific port (443).
This type of rule is used for:
- Publish a web server
- Inbound SMTP
- Publish POP / IMAP
The tutorial applies to versions <= 17 of Sophos XG firewall
Before you start creating the rule, you must add the host to the firewall.
In the case of non-standard port, you must also add the service on the firewall.
In the case of website publication, it is possible to use a WAF (reverse proxy) rule. Also, if you want to publish an SMTP, it is recommended to use Email Servers (SMTP) to take advantage of the protection
Create an Inbound Rule
1. From the web interface, go to Firewall 1 then click on Add firewall rule 2 and choose Business application rule 3 .
2. Application model choose DNAT / Full NAT / Load Balancing 1 .
3. Configure the rule with the following elements:
|1 Name the rule|
2 Source : WAN
3 Port/IP source
4 Services (ports)
5 Destination servers
6 Server area (LAN/DMZ…)
7 Check the box to record traffic
8 Click on Save.
4. The rule is added 1 .