Important note about SSL VPN compatibility for 20.0 MR1 with EoL SFOS versions and UTM9 OS. Learn more in the release notes.

Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 3 replies
  • Subscribers 39 subscribers
  • Views 1720 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Unable to access web admin console

Edtrick Lam

One of windows suddenly cannot access web admin console (XG135). I read through all forum and try different method but still no luck. 

Windows 2012- using chrome/IE/Firefox, firewall allow port 4444 <---failed to connect 

This site can’t be reached

192.168.0.1 refused to connect.

I used tcp dump to capture, please see as following:-

XG135_XN02_SFOS 17.5.10 MR-10# tcpdump -nei any port 4444
tcpdump: Starting Packet Dump
15:48:52.814791 Port1, IN: In 00:0c:29:8b:fa:5d ethertype IPv4 (0x0800), length 68: 192.168.0.6.64528 > 192.168.0.1.4444: Flags [SEW], seq 2348182323, win 8192, options [mss 1460,nop,wscale 8,nop,nop,sackOK], length 0
15:48:52.814894 Port1, OUT: Out 00:1a:8c:6e:c6:30 ethertype IPv4 (0x0800), length 56: 192.168.0.1.4444 > 192.168.0.6.64528: Flags [R.], seq 0, ack 2348182324, win 0, length 0
15:48:52.815018 Port1, IN: In 00:0c:29:8b:fa:5d ethertype IPv4 (0x0800), length 68: 192.168.0.6.64529 > 192.168.0.1.4444: Flags [SEW], seq 3008997716, win 8192, options [mss 1460,nop,wscale 8,nop,nop,sackOK], length 0
15:48:52.815081 Port1, OUT: Out 00:1a:8c:6e:c6:30 ethertype IPv4 (0x0800), length 56: 192.168.0.1.4444 > 192.168.0.6.64529: Flags [R.], seq 0, ack 3008997717, win 0, length 0
15:48:53.066860 Port1, IN: In 00:0c:29:8b:fa:5d ethertype IPv4 (0x0800), length 68: 192.168.0.6.64532 > 192.168.0.1.4444: Flags [SEW], seq 3145320578, win 8192, options [mss 1460,nop,wscale 8,nop,nop,sackOK], length 0

I tested another windows 2008 machine, it works , and tcp dump as following:-

15:51:40.732293 Port1, IN: In 3c:4a:92:70:e1:e4 ethertype IPv4 (0x0800), length 924: 192.168.0.19.53309 > 192.168.0.1.4444: Flags [P.], ack 138, win 256, length 868
15:51:40.732329 Port1, OUT: Out 00:1a:8c:6e:c6:30 ethertype IPv4 (0x0800), length 56: 192.168.0.1.4444 > 192.168.0.19.53309: Flags [.], ack 1437, win 260, length 0

I have no idea what wrong with that Win2012 machine. It seems XG135 blocked  Win2012(192.168.0.6)

Any solutions about this problems??

Thanks.

 

 

 

 



This thread was automatically locked due to age.
Parents
  • 0

    Hi  

    Is there any local ACL or firewall rule configured to block the access of the device?

    Check local service ACL rule, also check drop packet capture for port 4444 - https://community.sophos.com/kb/en-us/127111

    Regards,

    Keyur
    Community Support Engineer | Sophos Support
    Sophos Support VideosKnowledge Base  |  @SophosSupport | Sign up for SMS Alerts |
    If a post solves your question use the 'This helped me' link

  • 0 in reply to Keyur

    hi Keyur,

    Local ACL assigned LAN to access Admin Services and no Firewall rule block that PC.

    I have tried drop-packet-capture 'host 192.168.0.6 and port 4444' but no any return messages.

    I also tried "Reset Default Web Admin Certificate", but no luck. (May be I reboot XG135 tonight and let see any difference)

    I also tried "system appliance_access enable", yes it works but after I disable it, it cannot connect again.

    Refer to tcp dumps ,[mss 1460,nop,wscale 8,nop,nop,sackOK], Is any hints for this connection problem?? 

    15:48:52.815018 Port1, IN: In 00:0c:29:8b:fa:5d ethertype IPv4 (0x0800), length 68: 192.168.0.6.64529 > 192.168.0.1.4444: Flags [SEW], seq 3008997716, win 8192, options [mss 1460,nop,wscale 8,nop,nop,sackOK], length 0 
    15:48:52.815081 Port1, OUT: Out 00:1a:8c:6e:c6:30 ethertype IPv4 (0x0800), length 56: 192.168.0.1.4444 > 192.168.0.6.64529: Flags [R.], seq 0, ack 3008997717, win 0, length 0

     

  • 0 in reply to Edtrick Lam

    Hi  

    Could you please check the below steps?

    1. Did you check by changing the IP of the window server 2012?

    2. Please check DOS setting and DOS status and check if the IP of the server listed.

    3. Access CLI console and execute the command drop-packet-capture 'port 4444 and try to access the webpage from the system

    4. Check local AV if it is blocking the access.

    5. Please check if any firewall rule configured to Drop All traffic

    Regards,

    Keyur
    Community Support Engineer | Sophos Support
    Sophos Support VideosKnowledge Base  |  @SophosSupport | Sign up for SMS Alerts |
    If a post solves your question use the 'This helped me' link

Reply
  • 0 in reply to Edtrick Lam

    Hi  

    Could you please check the below steps?

    1. Did you check by changing the IP of the window server 2012?

    2. Please check DOS setting and DOS status and check if the IP of the server listed.

    3. Access CLI console and execute the command drop-packet-capture 'port 4444 and try to access the webpage from the system

    4. Check local AV if it is blocking the access.

    5. Please check if any firewall rule configured to Drop All traffic

    Regards,

    Keyur
    Community Support Engineer | Sophos Support
    Sophos Support VideosKnowledge Base  |  @SophosSupport | Sign up for SMS Alerts |
    If a post solves your question use the 'This helped me' link

Children
No Data
Unfiltered HTML