Thread Info
  • State Verified Answer
  • Locked Locked
  • Replies 3 replies
  • Subscribers 4 subscribers
  • Views 6570 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

CIDR Network Ranges do not seem to work for access to specific services

Argo

I have just tried to install an SG135, and thought I would create some Rules with specific source groups.

After a lengthy investigation I have found the following;

CIDR network ranges (x.x.x.x/y) do not work as expected for inbound Rules;

this I found did not work for these areas

SSH Access

Webadmin

DNAT Rule

Firewall Rules

 

Is there a work around for this (other than adding individual IP addresses in to the rule, as I know this does work but will become cumbersome to manage)?

is this a known issue?

 

any help greatly appriciated



This thread was automatically locked due to age.
  • +1

    I'm not sure if i understand you correctly, but what I have configured in allowed networks for webadmin access works:

    Pretty sure I have more places where I specifically use network definitions and they also work. Or I am not understanding you in which case you might be able to better explain the problem (and maybe add some screenshots).

    Managing several Sophos firewalls both at work and at some home locations, dedicated to continuously improve IT-security and feeling well helping others with their IT-security challenges.

  • 0 in reply to apijnappels

    that is so weird, I have re-entered my range and all seems to work fine now.... but yes that is the way I created the network entry, then I added it into a group, then assigned that group for either a service or webadmin security.

     

    thanks for this

    XG & UTM Architect (Systems: XG v18 & UTM 9.7 - Virtual, HW & SW)
    Curious enough to take it apart, skilled enough to put it back together, Clever enough to hide the extra parts when I'm Done!

  • 0 in reply to Argo

    Jason, could it be that your earlier definition contravened #3 in Rulz?

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Unfiltered HTML