UserPortal Accessible from WAN even though deactivated

Hey,

I don't understand why the UserPortal of my Sophos XG is still accessible from WAN. I had it activated for testing purposes weeks ago, but deactivated once we started to use the Firewall.

I can still sign in when just connecting to https://externalIP. I have checked my Firewall-Rules but couldn't find any open Port 443. Any idea?



Added TAGs
[edited by: emmosophos at 4:09 PM (GMT -8) on 25 Nov 2021]
  • Hi,  Thank you for reaching out to the Sophos community team. Please validate if any local ACL rule is misconfigured which is allowing the user portal to any IP from outside. If any rule there then delete the same and validate the status.

    Reference snapshot:

    Regards,

    Vishal Ranpariya
    Technical Account Manager | Sophos Technical Support

    Sophos Support Videos | Knowledge Base  |  @SophosSupport | Sign up for SMS Alerts |
    If a post solves your question use the 'This helped me' link.

  • Dear Vishai,

    it is very weird. Before using the built in Sophos-VPN I made a rule on Port 443 to my old VPN, which was hosted by a Server behind the Firewall.

    NAT and Firewallrules have been deactivated weeks or months ago, and the Port 443 just remained as a "Service" under "Hosts and Services". With that, and a deactivated (!!)  NAT-Rule, it was enough for the Firewall to keep Port 443 to the User Portal open.

    I consider that as a bug. There was no ACL btw.

    Thanks, the Problem is solved.