Skip to content

Import your firewall configuration

Import your configuration

To import your configuration:

  1. Sign to Sophos Firewall Migration Assistant using your account details.
  2. Click the Upload New tab.
  3. Import your firwall configuration.

    Drag your exported EXP or ABF file into the browser window and drop it in Drag and drop .EXP or .ABF file.

    1. Click Browse for configuration file and select your exported EXP or ABF configuration file.
    2. Click Next.

    The assistant analyzes your configuration file and imports your settings.

  4. Under Target Appliance, select the Sophos XG Firewall appliance you want to migrate to.

    All Sophos XG Firewall hardware models are supported, as well as VM. You can always change the current selection. In this case you lose any changes that you've already made on Interfaces.

Review and edit your configuration

Click each tab to review the imported configuration. You can edit or delete the imported settings.

Warning

Don't click Next until you have reviewed all of the tabs.

The assistant saves any changes you make. To undo your changes, click Revert Changes.

Interfaces

Use the Interfaces tab to review and edit your interface settings.

Option Description
Mapped to This shows the SG Firewall interface that the port has been mapped to.

Change this by selecting another interface from the dropdown list.

IP This shows the IP address from your SG Firewall interface.

Change this by clicking on the address.

Subnet This shows the subnet from your SG Firewall interface.

Change this by clicking on the address.

Zone The zone your SG Firewall interface belongs to.

Change this by clicking on the zone name.

Default Gateway This shows the default gateway IP address of your interface.

Change this by clicking on the default gateway address.

Option Description
Mapped to This shows the SonicWall interface that the port has been mapped to.

Change this by selecting another interface from the dropdown list.

IP This shows the IP address from your SonicWall interface.

Change this by clicking on the address.

Subnet This shows the subnet from your SonicWall interface.

Change this by clicking on the address.

Zone The zone your SonicWall interface belongs to.

Change this by clicking on the zone name.

Default Gateway This shows the default gateway IP address of your interface.

Change this by clicking on the default gateway address.

Add Interface

Restriction

Add Interface is only available if you select XG VM as the target appliance.

Click the Add Interface button to add more virtual interfaces. Sophos Firewall requires two virtual interfaces (Port1 and Port2), as they are the default interfaces included in the installation package for the XG VM.

FlexiPort

If you are using FlexiPort modules with your Sophos XG Firewall appliance, you can select the modules from the FlexiPort slots below the table.

Hosts

The Hosts tab shows your hosts and networks and their current settings. You can review and edit your host and network settings.

Option Description
Name Host or network name.
Address details Host's or network's IP address details.

Click on the IP address or IP address range to change it.

Zone The zone the host or network belongs to.
Type This can be a host or a network.

Tip

You can reorder the columns on most tabs using the controls in the column headers.

Services

Use the Services tab to review and edit your service settings.

Option Description
Name Service name.
Protocol Name Service protocol name.
Port Start Start of the range of ports for the service.

Click on the port number to change it.

Port End End of the range of ports for the service.

Click on the port number to change it.

Routes

The Routes tab shows your routes and their current settings. You can review and edit your route settings.

Option Description
Name The route name.

Click to edit.

Destination Destination display setting.
Source Source display setting.
Service Service display setting.
TOS The type of service defined for the route.
Gateway The gateway used by the route.
Interface The interface used by the route.

Click to edit.

Metric The decision metric for the route.
Comment Route description.

Click to edit or enter text.

NAT

Use the NAT tab to review and edit your network address translation (NAT) rules.

Option Description
Name NAT rule name.

Click to edit.

Original Source Original source IP address.
Original Destination Original destination IP address.
Original Service Original service name.
Translated Source Translated source IP address.
Translated Destination Translated destination IP address.
Translated Service Translated destination service name.
Comment NAT rule description.

Click to edit or enter text.

Threat Prevention

The Threat Prevention tab shows your Intrusion Prevention System (IPS) and GAV (Gateway Anti-virus) settings for your zones. You can review and edit your threat prevention settings.

You can toggle IPS and GAV on and off for each zone. If IPS or GAV are enabled for any zone, default Sophos protection mechanisms and policies will be enabled automatically.

Option Description
Zone This shows the zone.
IPS This shows whether IPS is turned on or off for the zone.

Change this by clicking the toggle.

GAV This shows whether GAV is turned on or off for the zone.

Change this by clicking the toggle.

Content/Web Filtering

The Content/Web Filtering tab shows your Content Filtering category lists and Domain lists (for allowing and blocking domains). You can review and edit your content and web filtering lists.

You must add these lists to policies on Sophos Firewall manually.

Option Description
Name This shows the name of your Category List.
Type This shows the type of Category List.
Details This shows details about the Category List.
Option Description
Name This shows the name of your CFS list.
Type This shows the type of CFS list.
Details This shows details about the CFS list.

Rules

Use the Rules tab to review and edit your firewall rules.

Option Description
Name Rule name.

Click to edit.

Source Zone Source zone for the rule.
Destination Zone Destination zone for the rule.
Source Network Source network for the rule.
Destination Network Destination network for the rule.
Source Port Source port for the rule.
Destination Port Destination port for the rule.
Action Action for the rule.

Click to edit.

Next steps

Once you've reviewed all migrated configurations, continue by finishing the configuration.

Back to top