Sophos XG Firewall Home Edition: UTM for home use

The adventure with UTM devices began many years ago, when the name FortiGate appeared in the specification during one of the implementations. After a short analysis, it turned out that it is a new generation of firewall with an extensive security system and many other network functions. After several years of working with these devices, I wanted to set something like this at home and found a free Sophos home solution.

Maybe I will not describe how to configure Sophos XG Firewall, because many tutorials can be found on the Internet and it is also quite intuitive. I will only show you how to redirect your public IP address to the address of the server located in the LAN, as I have done in my case and thanks to that you can read my blog 🙂

Firstly, we will create a host that will be used in the firewall rule that handles redirection. To do this, go to Hosts and Services and then to the IP host tab and click the Add button.

Sophos XG Firewall adding host IP

Nextly, we create a firewall rule from the Firewall menu, select Add firewall rule and Business application rule, and then:

  • Application template from DNAT/Full NAT/Load Balancing
  • enter the name of rule
  • Rule group can be left on Automatic or select as below
  • Source zones and Allowed client network on Any unless you want to allow only certain networks
  • Destination host/network set to the physical port with the set IP address to which the ISP redirects our external IP address and in Services we select the service that we allow
  • in Forward section in Protected server(s), select the previously created IP host and Mapped port should be set to service port
  • I leave the rest unchanged

In the example above, the addressing of the server’s subnet is different than the IP address of the physical port, so don’t forget to set the appropriate routing. We set up port 80 of our public IP address to forward to port 80 of our server on the local network. Similarly, we can set rules for other services and ports.

0 0 votes
Article Rating
Subscribe
Notify of
guest

0 comments
Oldest
Newest Most Voted
Inline Feedbacks
View all comments