XG Firewall

Suggest, discuss, and vote on new ideas for Sophos XG Firewall. The next thing in next-gen.

Suggest an Idea...

Hairpining

Can automatic NAT hairpining be built into SFOS automatically like it is in UTM? Very frustrating to have to create hairpin rules in order to access published servers from behind the same XG firewall. The best solution I've found to date is to set the source zone as "any" on the business rule governing the DNAT for the published service, however, that masks the true source IP address for any device on the outside accessing that published service because the firewall translates the source to it's own IP address. That makes it impossible to filter and restrict access to some published services let alone view access in reports.

2 votes
Sign in
(thinking…)
Sign in with: Facebook Google Sophos Features & Ideas Laboratory
Signed in as (Sign out)

We’ll send you updates on this idea

Erroll Marchais shared this idea  ·   ·  Flag idea as inappropriate…  ·  Admin →

0 comments

Sign in
(thinking…)
Sign in with: Facebook Google Sophos Features & Ideas Laboratory
Signed in as (Sign out)
Submitting...

Feedback and Knowledge Base

icon-data-protection icon-endpoint-protection icon-phish-threat icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-mobile icon-sophos-utm icon-sophos-utm icon-sophos-utm icon-web-appliance icon-xg-firewall icon-xg-firewall icon-avid-secure icon-lightbulbCreated with Sketch.