This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

CFM will not sync for most firewalls.

Hi all,

I'm a bit confused on how to configure the CFM to sync with the firewalls properly, eg, backups. On the appliance, management port, which I can't change, is 6514 for syslog, or is https. If I leave it on Syslog, it looks like I have to enable HTTPS WAN management in Device Access for things to actually work. I generated a few rules on various other XGs to see if they would sync up and no luck, in CFM they still state 'Unsynchronized' minus the one that has HTTPS WAN management on. 

I put in an ACL for my sophos CFM WAN IP with https, ssh, telnet, ping, dns, no change.

So... my question is, do we really need to just leave HTTPS open for CFM to sync? Seems pretty ridiculous. Why bother having an ACL or a cloud management portal if you have to leave it open to everything? From what I see it looks like irrespective of any firewall rules you have setup to allow the traffic from CFM it does not work nor does the ACL allow, and instead you have to leave management open on the device access on WAN.

Can anyone confirm or tell me where I am mistaken?



This thread was automatically locked due to age.