Configuration the Sophos UTM is easy in 12 steps. This perform basic setup for a computer in LAN go out internet through UTM.
Important Step noted:
- Setup WAN interface and Default Gateway (step 6)
- Setup DNS forwarder (step 7)
- Setup Firewall Rule (step 8)
- Setup NAT Masquerading (step 9)
- Option for setup DHCP server
STEP 1: Go to Webadmin by default IP address:
As the topic says: I'm currently trying to get pfSense up and running on a Sophos UTM 320. Everything works fine so far, but I have one strange problem I'm seeking assistance with: The Appliance has 8 Network Interface Ports (em0-em7) however only 5 of them are working properly. All models are available for cloud-management in Sophos Central. Indoor models can also be managed on-premises via XG Firewall and SG UTM. The Sophos APX Series is a growing portfolio of access points with 802.11ac Wave 2 technology. Indoor models can also be managed on-premises via XG Firewall and SG UTM. The Sophos APX Series is a growing portfolio of access points with 802.11ac Wave 2 technology. They are custom-built for increased throughput at load and better performance and security. APX 320: 2x2:2 access point, dual 5 GHz capable, ideal in high-density school. UTM 320 Sophos UTM 320 Unified protection for mid-sized business networks Sorry, this product is no longer available, and replaced by the Sophos SG line, click here!
Sophos UTM hardware default IP: https://192.168.0.1:4444
Sophos UTM Software default IP: https://192.168.2.100:4444
In this example: https://192.168.88.254:4444
See more in Sophos UTM Software/hardware Appliance Quick Start Guide
STEP 2: Enter Administrator Contact and Password
Click APPLY and waiting for some second
STEP 3: Go to again Webadmin with new certificate
You will be noticed the Certificate error, and Add Exception for this.
STEP 4: Login to Webadmin with new password
STEP 5: Cancel the Wizard
Click “Cancel” button in bottom of Wizard
You will see the dashboard of Sophos UTM
STEP 6: Add WAN Interface
Go to “Interfaces & Routing” -> “Interfaces” -> click “New Interface”
· Name: WAN
· Type: Ethernet
· Hardware: choose the hardware interface connect to Router/Modem of ISP
· IPv4 Default Gateway: Checked
Click “SAVE” and you will see the new interface which is disabled
Click enable button to enable the WAN Interface
STEP 7: Setup DNS
Add Google or Public DNS to DNS forwarders
STEP 8: Setup Firewall Rule
Go to Network Protection -> Firewall
Default No rule and all traffic is blocked.
Click New Rule Button
· Sources: Internal Network
· Services: ANY (or Some Services)
· Destinations: ANY
· Action: Allow
· Advanced: Log Traffic checked
Enable the new firewall Rule
STEP 9: NAT
Go to Network Protection -> NAT -> Masquerading
· Network: Internal (Network)
· Interface: WAN
Sophos Utm 320 Pro
· Use address: Primary address
Enable the new Masquerading Rule
STEP 10: Enable Advanced Threat Protection
Go to Network Protection -> Advanced Threat Protection -> Click Enable button (Grey to Green)
STEP 11: Enable Intrusion Prevention System
Go to Network Protection -> Intrusion Prevention -> Click Enable button (Grey button in the right).
Add the Internal (Network) to Local Network box -> Click Apply.
Sophos Utm 320 Cpu Upgrade
Enable Anti-Portscan
STEP 12: Check the Firewall Live Log
Go to Network Protection -> Firewall
Click “Open Live Log” button
· Green line: traffic allow through firewall
· Red line: traffic deny through firewall
Option STEP: DHCP Server (if needed)
Sophos Utm 3200
Go to Network Services -> DHCP -> Click “New DHCP Server” button.
· Interface: Internal
Done!