Add local service ACL exception rule
Use the local service ACL exception rule to allow access to the device’s admin services from a specified network/host.
- Go to Administration > Device access and click Add under Local service ACL exception rule.
- Enter a name.
- Select the Rule position.
- Enter a description.
Select the IP version from the following options:
Select the Source zone to which the rule applies.
- Click Add new item to select source hosts (based on a network, IP address, range, or list) to which the rule applies. Click Create new to create a new source network/host.
Click Add new item to select the IP address or interface-based destination hosts (example: user portal) to which the rule applies. Click Create new to create a new destination network/host.
Specifying the destination host enables you to control access to a service (example: user portal) with a limited set of destination IP addresses.
Click Add new item to select the admin Services to which the rule applies.
- Web proxy
- DNS (For important details, see DNS service.)
- SSL VPN
- User portal
- Dynamic routing
Select an Action.
If you select DNS as the admin service, Sophos Firewall doesn’t directly start responding to DNS requests from the WAN. So, to enable Sophos Firewall to respond to DNS requests from the WAN, go to Network > DNS and add a static DNS host entry. Turn on Publish on WAN.