https://community.sophos.com/sophos-xg-firewall/f/discussions/132670/access-with-broadcast-ip-addresshello, we have SG330 (SFOS 18.5.2 MR-2-Build380 ) , and we discover that we can access the firewall with broadcast address, how we can desactivate it . any help thanksen-USTelligent Community 12https://community.sophos.com/thread/489312?ContentTypeID=1Thu, 17 Feb 2022 18:12:08 GMT4be5eb7d-caa4-4ff5-8e60-8f9463545a35:884d6f9f-3f6a-4d0c-be83-625dd730bc03emmosophos<p>Hello there,</p> <p>I have sent you a PM.</p> <p>Regards,</p><div style="clear:both;"></div>https://community.sophos.com/thread/489283?ContentTypeID=1Thu, 17 Feb 2022 11:40:22 GMT4be5eb7d-caa4-4ff5-8e60-8f9463545a35:81aa1010-9f61-4199-9185-60304680056bminis<p>Hello,</p> <p>Thank you for your response</p> <p>I check the config , but I didn&#39;t any overlapping between&nbsp; VPN and LAN network .</p> <p>NB: Just to clatify I did the test from VPN network .</p> <p></p> <p>Best regards ,</p><div style="clear:both;"></div>https://community.sophos.com/thread/489126?ContentTypeID=1Tue, 15 Feb 2022 16:53:14 GMT4be5eb7d-caa4-4ff5-8e60-8f9463545a35:bf1a535d-336d-4aaa-9fdc-20e87e764b97emmosophos<p>Hello,</p> <p>Thank you for the screenshot.</p> <p>Please take a screenshot of your interfaces, only fade the Public IPs, not need to fade the internal ones, and also take a screenshot of your SSL VPN &quot;Show VPN settings&quot; it looks your range is overlapping with your subnet as the traffic you&rsquo;re mentioning is coming from tun0 interface.</p> <p>Regards,</p><div style="clear:both;"></div>https://community.sophos.com/thread/489104?ContentTypeID=1Tue, 15 Feb 2022 11:03:25 GMT4be5eb7d-caa4-4ff5-8e60-8f9463545a35:867081d3-d7f9-4020-8cf8-523ac82c4856minis<p>hello;</p> <p>bellow the output of the cmd</p> <p><img src="/resized-image/__size/640x480/__key/communityserver-discussions-components-files/126/pastedimage1644926573937v1.png" alt=" " /></p><div style="clear:both;"></div>https://community.sophos.com/thread/488787?ContentTypeID=1Thu, 10 Feb 2022 23:53:26 GMT4be5eb7d-caa4-4ff5-8e60-8f9463545a35:970f6213-8065-4c01-93c1-81ea5dea5709rfcat_vk<p>More than likely you have a network mask allowing the 255 address to be valid somewhere your configuration eg /23.</p> <p>Ian</p><div style="clear:both;"></div>https://community.sophos.com/thread/488763?ContentTypeID=1Thu, 10 Feb 2022 20:06:35 GMT4be5eb7d-caa4-4ff5-8e60-8f9463545a35:a083730d-921e-4d51-9c05-f8b29e4443d9emmosophos<p>Hello there,</p> <p>Most likely you have a bypass of the Firewall.&nbsp;</p> <p>SSH into the XG and run the following command from the Advanced Shell:</p> <p># cish<br />console&gt; show advanced-firewall</p> <p>Regards,</p><div style="clear:both;"></div>https://community.sophos.com/thread/488735?ContentTypeID=1Thu, 10 Feb 2022 14:14:21 GMT4be5eb7d-caa4-4ff5-8e60-8f9463545a35:62a761ef-87a0-4789-9ae0-1fc2293b94feminis<p>Hi ,</p> <p>hereafter the interface configuration </p> <p><img src="/resized-image/__size/1280x960/__key/communityserver-discussions-components-files/126/pastedimage1644505679387v2.png" alt=" " /></p> <p>the access to the broadcast address</p> <p><img src="/resized-image/__size/1280x960/__key/communityserver-discussions-components-files/126/pastedimage1644505575184v1.png" alt=" " /></p> <p></p> <p>the logs show the traffic is dropped, however, access is allowed<img src="/resized-image/__size/1280x960/__key/communityserver-discussions-components-files/126/pastedimage1644505958826v7.png" alt=" " /></p> <p>any idea !!!</p> <p>BR,</p> <p></p> <p></p> <p></p> <p></p> <p></p> <p></p> <p></p><div style="clear:both;"></div>https://community.sophos.com/thread/488654?ContentTypeID=1Wed, 09 Feb 2022 21:29:57 GMT4be5eb7d-caa4-4ff5-8e60-8f9463545a35:1e818e31-597e-4aea-9abc-2b834d247798rfcat_vk<p>Hi,</p> <p>please post a logviewer entry showing this and also your network interface configuration in expanded form with critical information blocked out.</p> <p>Ian</p><div style="clear:both;"></div>https://community.sophos.com/thread/488599?ContentTypeID=1Wed, 09 Feb 2022 11:22:26 GMT4be5eb7d-caa4-4ff5-8e60-8f9463545a35:8ed7df2f-fcba-4f4f-bfea-f96a7adabdf8minis<p>hi,</p> <p>you are right, we can access it with our local broadcast IP address . and we don&#39;t have any access related to this access,&nbsp;</p> <p>we allow access with administration &gt; device access&nbsp;</p> <p>any advice !!!</p> <p></p><div style="clear:both;"></div>https://community.sophos.com/thread/488597?ContentTypeID=1Wed, 09 Feb 2022 11:08:20 GMT4be5eb7d-caa4-4ff5-8e60-8f9463545a35:08f28488-c408-46f0-a320-a2ceda490e5drfcat_vk<p>Hi,</p> <p>I assume you are talking about 10.10.10.255:4444 in a /24 network? &nbsp;Please post the log entries showing this and then the firewall rule being used?</p> <p>Ian</p><div style="clear:both;"></div>