XG Firewall startup guide - docs.sophos.com · 5/15/2020 · XG Firewall startup guide Active...

XG Firewall

Startup guide

ContentsControl center...........................................................................................................................................1Interfaces................................................................................................................................................ 10

Configuring interfaces..................................................................................................................10DHCP......................................................................................................................................................14

Configure DHCP servers.............................................................................................................14DNS........................................................................................................................................................ 16

Configure DNS servers............................................................................................................... 16Configuring Active Directory authentication........................................................................................... 18

Add an Active Directory server................................................................................................... 18Import Active Directory groups....................................................................................................19Set primary authentication method............................................................................................. 20

Security management and best practices............................................................................................. 21Creating a remote access SSL VPN..................................................................................................... 26

Specify an IP address range for SSL VPN clients..................................................................... 26Create a user group and add a user..........................................................................................27Define a local subnet and remote SSL VPN range.................................................................... 27Add an SSL VPN remote access policy..................................................................................... 28Check authentication services.....................................................................................................29Check device access settings.....................................................................................................30Add a firewall rule....................................................................................................................... 30Windows user permissions required for SSL VPN client............................................................31Deploy the connection.................................................................................................................32Check connectivity.......................................................................................................................32

(2020/05/15)

XG Firewall startup guide

1 Control centerThe Control center shows the features in use, and the health and security of the network..

The Control center is the first page you see whenever you sign in to XG Firewall. The page isarranged into six areas which provide an overview of the features being used as well as the healthand security of your system.

No configuration is required on this page however if you would like more details on the informationshown here, see below. Otherwise, to continue setting up XG Firewall skip to Interfaces.

Copyright © Sophos Limited 1


System panel

The system panel is broken down into four areas to give you a quick overview of various systemparameters. The first area has four icons representing the following:

1. Performance: Shows the overall performance of XG Firewall in terms of resource usage such asCPU and RAM.

2. Services: Shows if all services are running as expected.

3. Interfaces: Shows if there are any issues with the configured network interfaces.

4. VPN: Shows the status of connected VPN tunnels.

Clicking on an icon will show further information about that specific area of the system in thefollowing way:

1. Performance: Shows a load average graph. Load average is the average number of processeswaiting to run on a CPU. Any number greater than the number of processor cores in the systemindicates that, during the time period being measured (for example, 5 minutes), there was morework to do than the system was capable of doing.

2 Copyright © Sophos Limited


2. Services: Clicking the icon shows the services that are stopped or dead.

3. Interfaces: Shows details of the configured interfaces such as status, bits received and bitstransmitted.

4. VPN: Shows the details of connected VPN tunnels.

The second area of the panel give details of connected RED devices, Wireless APs,Connectedremote users and total Live users.

RED

shows the number of RED tunnels established followed by the total number configured. For example1/4. Clicking on the widget shows a list of RED tunnels.

Wireless APs

Shows the number of active access points (AP) followed by the total number of access pointsconfigured. For example 2/3. Pending access points, if any, will be shown separately in a bracket inred color. Clicking the widget redirects to the Access points page.

Connected remote users

Shows the total number of users connected remotely through SSL VPN. Clicking the widget redirectsto the Remote users page.

Live users

Shows the total number of live users. Clicking the widget redirects to the Live users page.

The third area of the panel gives details of the system resources currently being used by XGFirewall. These are as follows:

CPU

Shows the current CPU load as a percentage.

Memory

Shows current usage of the system RAM as a percentage.

Bandwidth

Shows the current bandwidth of traffic passing through XG Firewall.

Sessions

Shows the current sessions for users connected to XG Firewall.

Decryption capacity

Shows the decrypted SSL/TLS connections as a percentage of your firewall's decryption capacity.



Decrypt sessions

Shows the current number of decrypted SSL/TLS connections.

Decryption details are updated every five minutes.

The final area of the panel shows if the system has been configured for high availability or has beenconnected to Sophos Firewall Manager for central management. You can also see how long thesystem has been running since the last restart.

If high availability has been configured then the status will be shown as follows:

High availability (HA)

A-A

:Active-active mode.

A-P (M)

:Active-passive mode. Acting as primary device.

A-P (S)

:Active-passive mode. Acting as auxiliary device.



Traffic insight panel

The section provides statistics related to network traffic processed by your Sophos XG Firewall in thelast 24 hours. It helps you see who uses most bandwidth, which websites and applications are mostused, and where there are unusual traffic patterns.

The following statistics are available:

• Web activity: The graph shows how much data users transferred over the last 24 hours, whichhelps in understanding the web surfing trend. It also shows the maximum and average amount ofdata transferred, in bytes, over the last 24 hours, which helps you spot unusual traffic patterns, ifany.

• Cloud applications: This graph shows the number of cloud applications that users are connectingto and the traffic in bytes that is being sent to and from these applications by your network.

• Allowed app categories: The graph shows the amount of data transferred, in bytes, for the topfive application categories. This shows the administrator the most-used applications in the last 24hours, which helps you identify which applications consume the most bandwidth. Clicking on thebar of a specific application category in the graph redirects you to the filtered application report ofthat category.

• Network attacks: The graph lists the top five hosts that were denied access to the network due tohealth reasons. Clicking on the bar of a specific attack category in the graph redirects you to thefiltered report of that category.

• Allowed web categories: The graph shows the amount of data transferred, in bytes, for the topfive web categories. This shows an administrator the most-visited websites in the last 24 hours,which helps you identify which websites consume the most bandwidth. Clicking on the bar of aspecific web category in the graph redirects you to the filtered report of that category.



• Blocked app categories: The graph shows the top five denied application categories along withthe number of hits per category. This helps the administrator find out the applications with themost failed access attempts. Clicking the bar of a specific application category in the graphredirects you to the filtered application report of that category.

User & device insight panel

The User & device insight panel shows details of user and device activity on your network and helpsyou identify devices at risk.

1. Security Heartbeat: Shows the total number of connected endpoints with Security Heartbeatenabled and the number of these that are at risk, have a missing Heartbeat or that have produceda warning. Clicking the relevant box will show more details about the endpoints to enable you toquickly find the affected devices.

2. Synchronized Application Control

3. Threat intelligence

4. ATP

5. SSL/TLS connections



Active firewall rules panel

Shows the number of firewall rules by rule type and rule status. It shows the traffic, in bytes, thatmatched the firewall rules in the past 24 hours.

• To see the data volume, hover over the chart.

• To see the rules in the Firewall rule table, select a firewall rule status. The rule table sets a filterbased on your selection.

All administrators, irrespective of their rights, can see the firewall rules.

NoteFor a short time, a rule might be in more than one status list. That's because it stays in a list for acertain time, even if its status changes. See the following example:

Rule name: Test

Rule creation: 10 AM. Test rule is listed under New until 10 AM the next day.

Rule change: 11 AM. Test rule is listed under Changed until 11 AM the next day.

Usage check: If XG Firewall performs a usage check at 12 noon, and test rule remains unused,the rule is listed under Unused until the next usage check.

Turned off: 01 PM. Test rule is listed under Disabled. A disabled rule is listed under Changed andDisabled.



Reports panel

Depending on the modules subscribed, at most five critical reports from the table below are shown:

Report name Number/data shown Subscription module

High risk applications <number of> risky apps seenyesterday

Web Protection

Objectionable websites <number of> objectionablewebsites seen yesterday

Web Protection

Web users <data transfer> (in bytes)used by top 10 usersyesterday

Web Protection

Intrusion attacks <number of> intrusionattacks yesterday

Network Protection

Web server protection <number of> web serverattacks yesterday

Web Server Protection

Email usage <data transfer> (in bytes)used

Email Protection

Email protection <number of> spam mailsyesterday

Email Protection

Traffic dashboard - Either Web Protection orNetwork Protection

Security dashboard - Either Web Protection orNetwork Protection



Messages panel

The panel shows information which allows you to monitor and track system events.

Examples of alerts include:

• The default password for the “admin” user has not been changed. We highly recommend you tochange the password. This alert is shown when the default password for super administrator isnot changed.

• New firmware available for XG Firewall or connected devices such as APs or RED devices.

• The default web admin console password has not been changed.

• HTTPS or SSH based management is allowed from the WAN. This is not a secure configuration.We recommend using a good password.

• HTTP or Telnet-based management is allowed from the WAN. This is not a secure configuration.We recommend using a good password.

• Your XG Firewall is not registered.

• The modules expired.

Icons are used for easier identification of messages.

:Indicates alert messages.

:Indicates warnings.

:Indicates firmware download notifications.



2 InterfacesXG Firewall uses interfaces to connect to your network. If you have a physical device, you have atleast four physical interfaces in the form of network ports. If you have a virtual device, you need atleast two physical network ports.

XG Firewall always has one default interface configured on initial start-up using the IP address172.16.16.16. If you used the initial setup assistant, then you may have changed this already and setup additional interfaces. For example, a WAN interface to access the internet.

Interfaces are assigned a zone. Zones are separated network segments that don't allow traffic toflow between them without a dedicated firewall rule in place.

The assigned zone determines the network permissions that are assigned to network traffic on thatinterface. The following zones are available:

LAN The LAN zone contains your main internalnetwork where most of your client computerswill reside and has the least restrictive defaultpermissions.

WAN The WAN zone connects to the internet. Aninterface in this zone is normally assigneda public IP address. However, if you havedeployed XG Firewall behind another router aprivate IP address may still be used. By defaultonly those permissions required to allow trafficout to the internet are allowed on this zone.

DMZ The DMZ zone is a more restricted internalnetwork zone normally used for hosts suchas web servers. This lets you allow access toweb services from the internet without allowingaccess to your main internal LAN network.

WiFi The Wi-Fi zone is like the LAN zone and isassigned to all wireless networks. It has manyservices enabled by default to allow connectedendpoints access to the internet and otherdomain services. This is the interface to whichyou connect your access points.

Permissions for zone services are controlled by the device access settings in Administration >Device access.

Permissions for specific networks are controlled by Firewall rules, which are set up in Rules andpolicies > Firewall rules.

2.1 Configuring interfaces

1. To configure an interface, go to Network > Interfaces.



2. Click the menu button

and select Edit interface.

3. Select a zone from the drop-down list.

When a zone is chosen, further configuration options are shown. By default, these are IPv4options.

4. Select how the interface IP address will be assigned.

If you choose DHCP, no further configuration options are required, and you can save theconfiguration. See step 7.

PPPoE connection is normally only used in the WAN zone when setting up a DSL connection toyour ISP. This requires you to enter some information provided by your ISP. See step 6.

To set a static IP address for the interface, see the next step.

5. To assign a static IP address to the interface, enter the IP address you want to use and the subnetmask of the network.



If you are setting up a WAN interface, you also need to enter the name of your gateway and itsIP address.

6. If you are configuring a PPPoE interface, you need to enter the following information as provided byyour ISP.



Option Description

Preferred IP Preferred IP address for the PPPoEconnection. Many internet service providersassign a static IP address to PPPoEconnections. The Sophos XG Firewall allowsyou to bind the static IP address to the PPPoEconnection.

NoteAn address other than the preferred IPaddress may be assigned to the PPPoEconnection, depending on the PPPoEserver configuration.

Gateway name The name of the gateway through which yourinternet traffic will be routed.

Username PPPoE account username.

Password PPPoE account password.

Access concentrator/service name Access concentrator and service name. Thefirewall starts only those sessions with theaccess concentrator that can provide thespecified service.

LCP echo interval Time, in seconds, that the system must waitbefore it sends an echo request to checkwhether the link is live. Once an attempt ismade, the firewall waits for the defined timeinterval before the next attempt is made.

LCP failure Number of attempts (echo requests) to bemade. When the specified number of attemptshave been made without receiving a responsefrom the endpoint, the firewall disconnects thePPPoE connection.

Schedule time for reconnect The address assigned to a PPPoEconnection, whether dynamic or static(preferred), can have a predefined validityperiod. When the period expires, the PPPoEconnection is closed and is reconnected. Toprevent reconnection during working hours,enable the PPPoE reconnect schedule.

NoteOn reconnection, an address other thanthe preferred IP address (if specified) maybe assigned to the PPPoE connection.

7. Click Save.



3 DHCPThe Dynamic Host Configuration Protocol (DHCP) is a network management protocol. It's usedon IP networks where a DHCP server dynamically assigns an IP address and other networkconfiguration parameters to each device on a network so they can communicate.

3.1 Configure DHCP servers

To allow XG Firewall to integrate with your existing DHCP servers and allow clients to receive DHCPinformation, add your DHCP servers to XG Firewall.

1. Go to Network > DHCP.

2. Click Add.

3. Specify the general settings. These are described in the table below and an example is shown inthe screenshot.

Option Description

Interface Interface to use for the DHCP server. Thefirewall listens for DHCP queries on theselected interface.

Accept client request via relay Provide DHCP to clients who send requeststhrough a DHCP relay.

Dynamic IP lease Ranges from which the DHCP server allocatesIP addresses to clients.

Static IP MAC mapping Static MAC address-to-IP address mappings.The IP address is always assigned to the MACaddress on the specified host.



Option Description

Subnet mask Subnet mask for the DHCP server.

Domain name Domain name that the DHCP server will assignto clients.

Gateway IP address to be used as default gateway. Youcan specify a gateway or use the interface IP asthe gateway.

Default lease time Time to use for leases, in minutes, for clientsthat do not request a specific lease time.

Max lease time Maximum lease time, in minutes. The clientmust send a new request to the DHCP serverafter the time specified has expired.

Conflict detection Enable IP conflict detection to check the IPaddress before leasing. If the address is alreadyleased, it will not be leased again.

4. Optional: Add DNS server IP addresses.

5. Option: Add WINS server IP addresses.

6. Click Save.



4 DNSThe Domain Name System (DNS) translates human-friendly computer hostnames into numericalIP addresses (like a phone book for the internet). For example, www.example.com might translateto the IP addresses 93.184.216.34 (IPv4) and 2606:2800:220:1:248:1893:25c8:1946 (IPv6). DNSrecords can be quickly updated, which allows a service's location on the network to change withoutaffecting the users, who continue to use the same hostname.

4.1 Configure DNS servers

DNS settings are in: Network > DNS.

There are three ways to assign DNS servers to XG Firewall;

• From your DHCP server.

• From PPOE interface settings sent by your internet provider.

• Manually, by assigning static server entries.

The first two settings just require you to select the appropriate radio button.

To assign DNS servers manually, do as follows:

1. Go to Network > DNS.

2. Select Static DNS.

3. In DNS 1, enter the IP address of the server you wish to use as your primary DNS server.



4. Optionally, in DNS 2, enter the IP address of a secondary DNS server.

5. Optionally, in DNS 3, enter the IP address of a tertiary DNS server.

DNS servers are queried in the listed order until a matching host record is found.

6. Click Apply.



5 Configuring Active DirectoryauthenticationYou can add existing Active Directory users to XG Firewall. Add an AD server, import groups, and setthe primary authentication method.

Objectives

When you complete this unit, you’ll know how to do the following:

• Add and configure an Active Directory server on the firewall.

• Import AD groups using the Import group wizard.

• Set the primary authentication method so that the firewall queries the AD server first.

Related conceptsActive Directory server

Add an Active Directory serverFirst, you add an Active Directory server that includes a search query.

You’ll need the following information to complete this task:

• Domain name

• NetBIOS domain

• Active Directory server password

Check the properties of the Active Directory server. For example, on Microsoft Windows, go toWindows Administrative Tools.

Search queries are based on the domain name (DN). In this example, the domain name issophos.com, so the search query is: dc=sophos,dc=com.

1. Go to Authentication > Servers and click Add.

2. Specify the settings.

NoteFor settings not listed here, use the default value.

Use the password configured on the Active Directory server.

Option Description

Server type Active directory

Server name My_AD_Server

Server IP/domain 192.168.1.100



Option Description

NetBIOS domain sophos

ADS username administrator

Password <AD server password>

Domain name sophos.com

Search queries dc=sophos,dc=com

3. Click Test connection to validate the user credentials and check the connection to the server.

NoteWhen both synchronized user ID and STAS are configured, the authentication server uses themechanism from which it receives the sign-in request first.

4. Select Save.

Import Active Directory groupsImport Active Directory groups into the firewall and specify policies for them.

1. Go to Authentication > Servers and click Import

.

2. In the Import group wizard, click Start.

3. Select the base DN for groups.

4. Select the AD groups to import.



5. Select common policies for groups.

6. Review selection.

7. View results.

8. Go to Authentication > Groups and verify the recently imported groups.

Set primary authentication methodTo query the Active Directory server first, set it as the primary authentication method. When userssign in to the firewall for the first time, they are automatically added as a member of the default groupspecified.

1. Go to Authentication > Services.

2. In the authentication server list under Firewall authentication methods, select My_AD_Server.

3. Move the server to the first position in the list of selected servers.

4. Click Apply.

Go to Authentication > Groups and verify the imported groups.



6 Security management and best practicesXG Firewall makes it incredibly easy to configure and manage everything needed for modernprotection and do it all from a single screen.

You can easily view and set security and control policies for the DPI engine AV scanning,sandboxing and threat intelligence file analysis, IPS, traffic shaping, web and application control, andSecurity Heartbeat all in one place. All this can be done on a rule by rule, user by user, or group bygroup basis.

Web protection and control is a staple of any firewall. We’ve implemented a top-down inheritancepolicy model, which makes building sophisticated policies easy and intuitive.



Pre-defined policy templates, available right out of the box, are included for most commondeployments, such as typical workplace environments, CIPA compliance for education, and muchmore. It means you can be up and compliant immediately with easy fine-tuning and customizationoptions at your fingertips. You can create new policies and edit existing ones directly from the firewallrule.

When it comes to configuring firewall rules, there are countless ways these could be configuredand most of this will depend on your own network configuration. However, there are still certain bestpractices that can be followed when deciding how you will configure XG Firewall to protect yournetwork.



Segregate your networks and apply IPS policies

You should separate your networks so that at a minimum any internet-facing services, such as webservers or remote access servers are on a different network segment and zone to your main LANnetwork. Internet-facing services such as these should be placed in a DMZ zone and firewall rulesconfigured to block connections from the DMZ to the LAN.

You should also segment other LAN zones down as required by using smaller subnets andassigning these to separate LAN zones and configure firewall rules to manage traffic flowingbetween these networks.

In the diagram below, the network has not been segmented and this allows the infection to spreadeasily between endpoints.

By separating the network into segments, for example the DMZ and LAN networks, an infection inone area is prevented by XG Firewall from spreading to other areas.

Doing this and applying an IPS policy to rules that govern traffic between these networks reducesthe risk of malware or hackers being able to move laterally through your networks if they do manageto perform a successful initial attack. It also provides more time for the threat to be detected andmitigated.



Lock down remote access

Where possible, only allow access to internal resources over a VPN connection and do not use portforwarding. If you must use port forwarding, make sure you apply an IPS policy to the rule-handlingtraffic.

Configure SSL/TLS inspection rules

You should have an SSL/TLS inspection rule configured to scan most network traffic, withexceptions configured only for services that SSL scanning will cause problems for.

For further details about SSL/TLS inspection rules and how to configure them, see SSL/TLSinspection rules.

Only allow authenticated users to connect to the internet from your LAN

When configuring firewall rules to handle user traffic, make sure that you select the option "Matchknown users". This will ensure that only authenticated users can access external resources fromwithin your LAN network.


https://docs.sophos.com/nsg/sophos-firewall/18.0/Help/en-us/webhelp/onlinehelp/nsg/sfos/concepts/FirewallSSLTLSRules.html

https://docs.sophos.com/nsg/sophos-firewall/18.0/Help/en-us/webhelp/onlinehelp/nsg/sfos/concepts/FirewallSSLTLSRules.html


Only use NAT for those services that are explicitly needed

Network Address Translation (NAT) allows you to pass traffic easily between different networks.However, you should only configure NAT rules for services that require it and not for ANY service.Doing this cuts down the surface area malware or hackers can target if one part of your network isbreached.

For further information about NAT rules and how to configure them, see NAT rules.

Isolate infected system automatically

Use Security Heartbeat to monitor systems and automatically isolate those that show signs ofinfection or compromise. You can configure this to stop the compromised systems connectingto others on your network and to stop clean systems connecting to those that may have beencompromised.


https://docs.sophos.com/nsg/sophos-firewall/18.0/Help/en-us/webhelp/onlinehelp/nsg/sfos/concepts/FirewallNATRules.html


7 Creating a remote access SSL VPNYou want to configure and deploy a connection to enable remote users to access a local network. TheVPN establishes an encrypted tunnel to provide secure access to company resources through TCP onport 443.

Objectives

When you complete this unit, you’ll know how to do the following:

• Specify an address range for SSL VPN clients.

• Create a user group for SSL VPN clients and add a user.

• Define a local subnet and remote SSL VPN range.

• Add an SSL VPN remote access policy.

• Add a firewall rule.

• Set up Windows permissions for users to use the SSL VPN client.

• Download the SSL VPN client software from the client and connect to the internal network.

• Check connectivity.

Related conceptsSSL VPN (remote access)Related informationConfiguring two-factor authentication

Specify an IP address range for SSL VPN clientsWhen SSL clients sign in, they are assigned an address from the range specified here. You must use aprivate address range.

1. Go to VPN and click Show VPN settings.

2. Specify a lease range. If required, you can also update the subnet mask.



3. Click Apply.

Create a user group and add a userYou create a user group for the remote SSL VPN and add a user. The group specifies a surfing quotaand access time. Users in the group are allowed unlimited access.

1. Go to Authentication > Groups and click Add.


Option Description

Name Remote SSL VPN group

Surfing quota Unlimited internet access

Access time Allowed all the time

3. Select Save.

4. Go to Authentication > Users and click Add.


Option Description

Username john.smith

Name John Smith

Group Remote SSL VPN group

6. Select Save.

Define a local subnet and remote SSL VPN rangeYou create hosts for the local subnet and the remote SSL VPN range. The local subnet defines thenetwork resources that remote clients will be able to access.

1. Go to Hosts and services > IP host and click Add.

2. Type a name and IP address for the local subnet.



3. Select Save.

4. Click Add.

5. Type a name and IP address for the remote subnet.

6. Select Save.

Add an SSL VPN remote access policyYou create a policy that allows clients in the Remote SSL VPN group to connect. These users areallowed to access resources on the local subnet.

1. Go to VPN > SSL VPN (remote access) and click Add.

2. Type a name and specify policy members and permitted network resources.



3. Click Apply.

Check authentication servicesYou use local authentication for firewall authentication methods and SSL VPN authentication methods.

1. Go to Authentication > Services.

2. Check that the authentication server is set to Local.

3. Scroll to SSL VPN authentication methods.

4. Check that the authentication server is set to Local.



Check device access settingsTo be able to deploy the connection and to ensure that users have access to the connection, deviceaccess for SSL VPN and the user portal must be enabled.

1. Go to Administration > Device access.

2. Check access to SSL VPN and the user portal.

3. Click Apply.

Add a firewall rule1. Go to Rules and policies > Firewall rules. Select IPv4 or IPv6 and select Add firewall rule.




3. Select Save.

Windows user permissions required for SSL VPNclientRequired permissions for Windows users.

A signed in user who tries to establish an SSL VPN connection needs network operation rights. Thisallows the SSL VPN client to fully set up the network, for example adding the required routes.

In Windows 7 and 8, network operations are an administrator privilege. You can either assign therole of a local administrator to users or use the preferred method and add users to the "NetworkConfiguration Operators" Windows group. Alternatively, users can run the SSL VPN client as anadministrator.

To add users to the "Network Configuration Operators" Windows group, do as follows:

1. In Windows, open Control Panel > Administrative Tools.

2. Open Computer Management.

3. Expand System Tools > Local Users and Groups.

4. Click Groups.

5. Double-click Network Configuration Operators, and then click Add.



6. Enter the username of the user you want to elevate, click Check Names to ensure accuracy, andclick OK.

7. Click Apply to save the changes.

Deploy the connectionInstall an authentication client and connect to the internal network using the VPN connection.

The following steps take place on the client computer.

1. Log on to the user portal.

WarningWe don't recommend enabling the web admin console on external facing (WAN) interfaces.This could allow hackers to easily identify the firewall vendor and type, and launch a targetedattack. If the user portal is not being used, we also recommend deactivating this service onWAN interfaces.

To restrict XG Firewall user portal and web admin console to local interfaces, go toAdministration > Device Access, then deselect User Portal and HTTPS from the WAN zone.

If you enable the user portal on WAN interfaces, we recommend you set up two-factorauthentication. See Configuring two-factor authentication.

2. Download the SSL VPN client.

3. Double-click the client installer file and follow the prompts to finish the installation.

4. Start the client and log on using the username and password.

If authentication fails, go to Authentication > Users and check whether the user account has MACbinding enabled. If MAC binding is enabled, disable it.

Check connectivityYou check the connectivity from the client and on the firewall.

• From the client, check that you have been assigned an IP address from the SSL VPN rangeconfigured earlier in the firewall.On Windows, start a command prompt and type ipconfig. You should see an address in therange 10.81.234.5 – 10.81.234.55.

• On the firewall, click Firewall and view traffic.


XG Firewall startup guide - docs.sophos.com · 5/15/2020 · XG Firewall startup guide Active...

Documents

Transcript of XG Firewall startup guide - docs.sophos.com · 5/15/2020 · XG Firewall startup guide Active...