Sign up to the Sophos Support Notification Service to get the latest product release information and critical issues. Create a firewall at the top of your rule list. Check the firewall logs ( Status > System Logs, Firewall tab) to see if the. Then try to access it again from the outside. Edit the firewall rule that passes traffic for the NAT entry and enable logging.
10:58:17Firewallmessageid="01001" log_type="Firewall" log_component="Invalid Traffic" log_subtype="Denied" status="Deny" con_duration="0" fw_rule_id="1" nat_rule_id="1" policy_type="1" user="" user_group="" web_policy_id="0" ips_policy_id="0" appfilter_policy_id="0" app_name="SSL Traffic over Non-SSL Ports" app_risk="1" app_technology="Network Protocol" app_category="Infrastructure" vlan_id="" ether_type="IPv4 (0x0800)" bridge_name="" bridge_display_name="" in_interface="" in_display_interface="" out_interface="" out_display_interface="" src_mac="" dst_mac="" src_ip="13.95.15.251" src_country="NLD" dst_ip="62.226.175.96" dst_country="DEU" protocol="TCP" src_port="8883" dst_port="49928" packets_sent="0" packets_received="0" bytes_sent="0" bytes_received="0" src_trans_ip="" src_trans_port="0" dst_trans_ip="" dst_trans_port="0" src_zone_type="" src_zone="" dst_zone_type="" dst_zone="" con_direction="" con_id="" virt_con_id="" hb_status="No Heartbeat" message="Invalid TCP state. Sophos XG Firewall: How to configure firewall as a DHCP Relay Sophos XG Firewall: How to configure the firewall as a DHCP Server. Always test port forwards from outside the network, such as from a system in another location, or from a 3G/4G device.
This is the detail of the first blocked package when my devie tries to connect: