Using https://www.whatsmyip.org/port-scanner/ port 23 (telnet) is open, i dont find where or how to block it, thanks.
This thread was automatically locked due to age.
Important note about SSL VPN compatibility for 20.0 MR1 with EoL SFOS versions and UTM9 OS. Learn more in the release notes.
Using https://www.whatsmyip.org/port-scanner/ port 23 (telnet) is open, i dont find where or how to block it, thanks.
Hi Miguel Cruz
On XG firewall device access allows you to limit administrative access to certain services from custom and default zones.
Please navigate to SYSTEM > Administration > Device Access > Local service ACL > Admin services > find Telnet and disable if it is enabled.
Thanks,
Thanks for your fast response, I just did that, but it keeps working (port 23 open)
Hi,
A majority of application use http/s, maybe imap/s and smtps.
So you create firewall rule using the web proxy for http and https, another one for imap/s and smtp/s do not enable scanning unless you have installed the XG CA. In the web proxy, choose allow all, application allow all, IPS LANtoWAN - log.
I assume you are running v18 GA so please add a firewall rule at the bottom Source LAN,WAN,WIF,VPN, DMZ ->any -> destination WAN, LAN, WIFI, VPN, DMZ -> ANY -> Drop -> log , this will avow you to see other traffic.
Do you have any staff running VPN or similar?
Now I suspect that not all services will connect so you will need to add additional rules, please feel free to ask for further assistance.
ian
XG115W - v20.0.2 MR-2 - Home
XG on VM 8 - v21 GA
If a post solves your question please use the 'Verify Answer' button.
Hi,
A majority of application use http/s, maybe imap/s and smtps.
So you create firewall rule using the web proxy for http and https, another one for imap/s and smtp/s do not enable scanning unless you have installed the XG CA. In the web proxy, choose allow all, application allow all, IPS LANtoWAN - log.
I assume you are running v18 GA so please add a firewall rule at the bottom Source LAN,WAN,WIF,VPN, DMZ ->any -> destination WAN, LAN, WIFI, VPN, DMZ -> ANY -> Drop -> log , this will avow you to see other traffic.
Do you have any staff running VPN or similar?
Now I suspect that not all services will connect so you will need to add additional rules, please feel free to ask for further assistance.
ian
XG115W - v20.0.2 MR-2 - Home
XG on VM 8 - v21 GA
If a post solves your question please use the 'Verify Answer' button.