SG UTM

Suggest, discuss, and vote on new ideas for SG UTM. The ultimate network security package.

Suggest an Idea...

Allow multiple networks for Masquerade Rules

We have dozens of RED devices. Adding individual NAT Masquerade Rules is very tedious when you can only select a SINGLE source object per rule. Would be nice to have a single Masquerade rule with multiple sources so I could just add either a new Network definition to the existing rule.

2 votes
Sign in
Check!
(thinking…)
Reset
or sign in with
  • facebook
  • google
    Password icon
    Signed in as (Sign out)

    We’ll send you updates on this idea

    Josh BarronJosh Barron shared this idea  ·   ·  Flag idea as inappropriate…  ·  Admin →

    1 comment

    Sign in
    Check!
    (thinking…)
    Reset
    or sign in with
    • facebook
    • google
      Password icon
      Signed in as (Sign out)
      Submitting...
      • Alan ToewsAdminAlan Toews (Sr. Product Manager, Sophos Features & Ideas Laboratory) commented  ·   ·  Flag as inappropriate

        This is already possible by either using a group definition in the NAT rule, or using "Any" as the source network. In this case, Any is quite safe to use, so long as you are restricting any traffic you don't want to allow outbound with firewall rules. Using Any as the source network just means that any packet that is allowed to pass through the interface will be masqueraded.

        There are some cases where adding just specific hosts or networks to the masq rule wold be useful, though, so this is still a useful idea. while not necessary, it would simplify rule management a little in these cases.

      Feedback and Knowledge Base

      icon-data-protection icon-endpoint-protection icon-phish-threat icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-mobile icon-sophos-utm icon-sophos-utm icon-sophos-utm icon-web-appliance icon-xg-firewall icon-xg-firewall icon-lightbulbCreated with Sketch.