Important note about SSL VPN compatibility for 20.0 MR1 with EoL SFOS versions and UTM9 OS. Learn more in the release notes.

Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 5 replies
  • Subscribers 40 subscribers
  • Views 3769 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Network

James Nyamu

Hi,

I recently discovered that users in our organisation are accessing the internet and not going through the firewall.

We have an XG firewall in place.

Other users can't access until they go through the firewall.

Funny thing is that I thought it was a VPN installed inside a pc then had to format it but after formatting, the user could still access the internet even before installing the firewall login agent.

This is very annoying and risky.

I need advise, help or suggestions as its leaving our whole network vulnerable.

Thanks, James



This thread was automatically locked due to age.
  • 0

    Can you show us a little overview, when you can access the internet and when not? 

    I am not able to understand when this happens. There should be some kind of pattern? 

    __________________________________________________________________________________________________________________

  • 0 in reply to LuCar Toni

    Hi ManBearPig,

    There's no pattern or I have not yet got down to noticing the pattern.

    These some users can access the internet from our company network without going through the firewall.

    Maybe there's something am overlooking or some settings in the firewall are not configured correctly.

    Should I try restoring a backup from when it used to work? Will that help really?

  • 0 in reply to James Nyamu

    Hi,

    please provide a drawing of how the firewall connect to the internet and what other devices are outside the firewall that might allow users to bypass the firewall.

    Also please post your firewall rules so we can review them.

    Ian

    XG115W - v20.0.3 MR-3 - on holiday

    XGS118 - v21 GA

    If a post solves your question please use the 'Verify Answer' button.

  • 0 in reply to rfcat_vk

    This is the firewall rules setup.

    and below is the network layout.

     

    As previously requested.

  • 0 in reply to James Nyamu

    Hi James,

    thank you for providing the details.

    Your firewall rules could do with a little tightening eg restricting the services to the applications allowed.

    Your network does appear to be a security managers nightmare.

    Not sure why you have a rule vpn to lan and another lan to vpn. If the VPN goes to another site and traffic originates locally to that site then fine, if the traffic only originates on the VPN the the return rue is not required.

    Finally your last rule (9) should be a drop or reject, not accept if it is as the name implies.

    Ian

    What is the difference between rules 1 and 3?

    XG115W - v20.0.3 MR-3 - on holiday

    XGS118 - v21 GA

    If a post solves your question please use the 'Verify Answer' button.

Unfiltered HTML