Important note about SSL VPN compatibility for 20.0 MR1 with EoL SFOS versions and UTM9 OS. Learn more in the release notes.

This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

How to Find / Prove ISP blocking port access

Hey Guys,

I am trying to work out why I am unable to access the web interface of some customers Sophos Firewalls. This has only begun to occur recently. I believe it is an ISP Proxy / block issue, but I cant find a way to prove this to the relevant ISP's.

I have access to a number of Sophos XG firewalls, all running 17.x firmware. From my office networks (multiple computers) I am not able to access the web interface of 3 firewalls. I am using their IP Address. All 3 of these are using the same ISP. This ISP is not the one I use.

I can Ping the units. I can SSH to the units (When I enable these in the Device Access) but I cannot access the HTTPS page.

Other Sophos units connected with other ISP's I can access without issue.

2 of the 3 units I can't access have a secondary WAN connection (one is 4g, the other is ADSL) I can access the web interface on those specific IP address.

If I change my ISP connection to my portable 4G unit (Connected to another port on my Sophos XG running V18) I can connect fine.

If I run up a VPN from my office machine I can connect fine.

From one of the 3 units, if I teamviewer to a machine on their network, I can access the web interface of the other machines on that ISP, plus the web interface of my office Sophos unit.

 

I am looking for tools I can setup and use which will point to where the issue lies. Is there a way I can Telnet to the web port and get a page dump which will tell me if there is a transparent proxy? Was easy to do with HTTP requests, I dont know how to do it with HTTPS ones.

Is there a utility which will do an open on every device between my link and the other firewall so I can determine which intermediate device is blocking the request.

 



This thread was automatically locked due to age.
Parents
  • Hello All

     

    Turns out that the blocking was occurring somewhere in my Sophos XG125 unit.

     

    I had checked inside the unit, and there were no blocked IP address in the system, nothing listed anywhere, and nothing in the logs saying that the web filter was blocking anything.

     

    I reset the XG125 to Factory Default to run through the initial setup of EAP3 Refresh1 and found the sites accessible again.

     

    Very strange.

    Regards,

    Gavin Daniels. DipIT(Networking)

     

     
Reply
  • Hello All

     

    Turns out that the blocking was occurring somewhere in my Sophos XG125 unit.

     

    I had checked inside the unit, and there were no blocked IP address in the system, nothing listed anywhere, and nothing in the logs saying that the web filter was blocking anything.

     

    I reset the XG125 to Factory Default to run through the initial setup of EAP3 Refresh1 and found the sites accessible again.

     

    Very strange.

    Regards,

    Gavin Daniels. DipIT(Networking)

     

     
Children
No Data