/, Networking, Routers, Security/Sophos XG v17 Configuration and Rules

Sophos XG v17 Configuration and Rules

Now that we have the software installed and the initial configuration is complete, it is time to configure our firewall to handle traffic as well as filter threats.  In addition, we will want lock things down and prohibit the use of unwanted applications types such as P2P.  I created this video to help you configure Sophos XG v17 for the first time and to help get you started creating your first rule.  Remember like any other firewall, there will be a learning curve at first and it may seem a bit overwhelming.  But if you stick with it you will find that once you grasp the concept, it is fairly straightforward and is extremely powerful in protecting your home or small business network.

 

Typical outline

  1. Configure your Interface cards
  2. If using more than two NIC cards, configure the network range of the other cards
  3. If using more than two NIC cards, configure DHCP for the additional networks
  4. Set your static IP addresses for each network
  5. Name any devices that you will want to control separately
  6. Create your Web Filters
  7. Create your Application filters
  8. Make your first rule.  At a minimum, you need a default rule that is applied to the entire network, then you can build from there

 

 

Traffic Rule

For reference, I have added the pictures below to use a reference when creating your first rules.

Top Section

SNAG-0260

Lower Section

SNAG-0261

 

Port Forwarding

Top Section

SNAG-0258

Lower Section

SNAG-0260

By | 2018-01-21T17:35:26+00:00 November 19th, 2017|Firewall, Networking, Routers, Security|2 Comments

About the Author:

I am an enthusiast with more than 25 years of experience and passion in computer technology. For the past 10 years I have been drawn to home theater, media distribution, portable devices, and home storage solutions. I strive to stay current in consumer technology and I am constantly experimenting with different products and philosophies to achieve the best results. I spend most of my free time trying, testing, and experimenting with various hardware and software products and endeavor to pass on whatever I learn to others.

2 Comments

  1. miles267 12/31/2017 at 6:37 PM

    Hi Mike, thank you very much for the guides. I’ve since moved from Sophos UTM 9 to XG and have found it quite tedious though I really want to stick with it for future updates.

    If you wouldn’t mind, could you please also do video overviews of:

    1.) LDAP setup – am using WSE12R2 and simply can’t get it to work no matter what I try. It was so much simpler in UTM. Am able to get Active Directory authentication to work, but that’s not what I want.

    2.) Source NAT (SNAT) – I have multiple static IPs from my ISP. Have successfully created aliases for each (ISP Static 1, ISP Static 2, etc). However I cannot figure out how to get, for example, any traffic leaving my WSE12R2 box on my LAN to reflect the WAN IP of ISP Static 1 as I could with UTM. All whatismyip.org traffic reflects the IP of the Firewall itself.

    Happy new year!

  2. pcdoc 01/07/2018 at 11:15 PM

    Thanks for your comment. I will try and review these items but as I do not use AD at home, I will have to do it on our next work install so I can’t say exactly when that will be.

Leave A Comment