Important note about SSL VPN compatibility for 20.0 MR1 with EoL SFOS versions and UTM9 OS. Learn more in the release notes.

Thread Info
  • State Verified Answer
  • Locked Locked
  • Replies 3 replies
  • Subscribers 42 subscribers
  • Views 3891 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

enable or disable Sophos XGS PortMGMT https://10.0.1.1:4444

SGH

on the XGS2100 there is e new Hardware PortMGMT interface
Default setting is enabled
IP 10.0.1.1
Network  zone: LAN
Everyone in LAN can reach this IP?
Interface is not used and that is also why Control Center always shows "warning" for your interfaces

I do not think this is a good signal and now I disabled the PortMGMT interface

Question:
Is this good thinking?
What happens when I need a console port(MGMT) , wil the USB(COM) port still be available?
Can this PORTMGMT interface be used for HA-interface or any other purpose? 
There is NO info in quickstart guide or sophos/google -search except that it is for "Administration purpose"

Here's an example of a management port:



This thread was automatically locked due to age.
  • +1

    Essentially you can disable all Access on this Zone (MGMT). 

    In case of "emergency" there is a commando for the COM Port (USB) called Device-access: https://support.sophos.com/support/s/article/KB-000038694?language=en_US

    This commando will enable Webadmin/SSH on all Ports. So if you really need phyiscal access on MGMT, you can go to the appliance, use USB and enable it to get access for this port. 

    MGMT Port is basically a additional RJ45 interface. So you can use it for what ever purpose. It is there per default, in case you need an access on the box with a certain appliance. 

    __________________________________________________________________________________________________________________

  • 0 in reply to LuCar Toni

    @ LuCar Toni ... it is an interface like all others?
    Some vendors have a separate routing table...
    Some other vendors say: don't use it in production because the hardware is less powerful


    Dirk

    Systema Gesellschaft für angewandte Datentechnik mbH  // Sophos Platinum Partner
    Sophos Solution Partner since 2003
    If a post solves your question, click the 'Verify Answer' link at this post.

  • 0 in reply to dirkkotte

    XGS does not have separate data plans for this kind of technologies. This would need some sort of own dataplane to begin with. 

    __________________________________________________________________________________________________________________

Unfiltered HTML