Thread Info
  • State Suggested Answer
  • Locked Locked
  • Replies 5 replies
  • Answers 1 answer
  • Subscribers 38 subscribers
  • Views 661 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Why when blocking https does that stop access to the XG GUI?

rfcat_vk

Hi folks,

due to a little accident I added https to a drop firewall rule, that stopped the vpn from working and also all other devices using https on that network. I was connected to the GUI at the time and lost the connection. Why did the connection get blocked?

I was able to recover from the blockage by using CM to access the firewall rule.

Ian



This thread was automatically locked due to age.
  • 0

    Because basically the firewall can block access to itself. There is no "Overwrite own process" rule hidden in the system. If you explicitly block HTTPs, it will block https. If you block https, this could mean, the webproxy is getting involved. The web proxy can potentially block port 4444 as well, if it is  https request. 

    __________________________________________________________________________________________________________________

  • 0 in reply to LuCar Toni

    Thank you for the answer, but to me that does not make sense.The firewall rule does not have the web proxy enabled and having the web proxy intercept firewall management traffic does not make sense unless you specifically setup a firewall to do that. Further why isn't the traffic logged so you can analyse what has happened? Yes, there is a report that shows all the changes made and who made them.

    Ian

    XG115W - v20 GA - Home

    XG on VM 8 - v20 GA

    If a post solves your question please use the 'Verify Answer' button.

  • 0 in reply to rfcat_vk

    Looking at the drop rule: 

    It has proxy enabled. That is the reason, you see a green firewall entry in logviewer but the web proxy is dropping. 

    That is only true, if you use the proxy on your client. Simply because the proxy will pick up this traffic: 

    __________________________________________________________________________________________________________________

  • 0 in reply to LuCar Toni

    While you answer is logical, i am not using the proxy on the client.

    Ian

    XG115W - v20 GA - Home

    XG on VM 8 - v20 GA

    If a post solves your question please use the 'Verify Answer' button.

  • 0 in reply to rfcat_vk

    Do you see anything in Logviewer for Port4444? 

    __________________________________________________________________________________________________________________

Unfiltered HTML