Sophos XG: port forwarding rule


In this tutorial, we are going to create an incoming traffic rule by transferring from a specific port (443).

This type of rule is used for:

  • Publish a web server
  • Inbound SMTP
  • Publish POP / IMAP


Before you start creating the rule, you must add the host to the firewall.

In the case of non-standard port, you must also add the service on the firewall.

Create an Inbound Rule

1. From the web interface, go to Firewall 1 then click on Add firewall rule 2 and choose Business application rule 3 .
Add rule

2. Application model choose DNAT / Full NAT / Load Balancing 1 .
Rule model

3. Configure the rule with the following elements:

1 Name the rule
2 Source : WAN
3 Port/IP source
4 Services (ports)
5 Destination servers
6 Server area (LAN/DMZ…)
7 Check the box to record traffic
8 Click on Save.
Rule config

4. The rule is added 1 .
rule added

Related Posts

Sophos XG: Configure the SNMP Agent

If you want to supervise the firewall using the SNMP service with software (PRTG, Centreon ...), you must activate and configure the agent on the firewall. 1. From the administration interface, go to

SOPHOS XG: clientless access

Clientless access presentation Client-free access to Sophos XG firewalls allows connections to corporate servers without a VPN client by going directly through an internet browser as Citrix does. Clie

Sophos XG: secure emails

Introduction In this tutorial, we will see how to secure emails with a Sophos XG firewall. The firewall offers two modes of operation for filtering emails: MTA : the firewall will act as an SMTP relay

Scroll to Top