Sophos XG Unified firewall Business application should accept a host/services object
Adding a Business application non-HTTP rule you should have the option to use "Objects > Hosts and Services > Services" objects as the Port Forwarding target.
This reduces the rules required and keeps it more unified..
At the moment you need to add multiple rules I.E. A hosted service uses a mixture of single ports, port ranges and both tcp/udp will require multiple rules to achieve something very simple.
This is currently being developed for inclusion in v17
Mohammed Elglaind commented
I have a business request to allow only specific Mac addresses to access the published web server (business rule>waf)
Is it included in v17?
I need to forward single port from wan to port range in lan
Nathan Nakao commented
Agree completely with all the comments. This needs fixing ASAP.
Not being able to add an additional line to the Services for "Business Application Rule" like you can in "Hosts & Services" is incomprehensible. This has been an issue since 2015? When is this getting updated?
Andrew 491 commented
Sophos XG is trying to be very object oriented but this is one area where it is not. I totally agree that port forwarding should be handled by Service or Service Group objects.
Aland Coons commented
I added one Samsung phone server and had to and 7 rules. If all the relevant TCP/UDP ports could have been added into a group (yes, I tried that first) but now instead of one rule I get seven. Still works!
AFter migrating my Cyberoam platform to Sophos XG, I have now been imposed this limitation... Makes rules impossible for what I used to have 20 rules, I now need 30? Also can't allow non port-based traffic to my servers such as ICMP and ISATAP... Severely limiting!
Vince Morris commented
My single VOIP rule turned into 3 rules moving to XG.
I'm sure I will encounter more.