Important note about SSL VPN compatibility for 20.0 MR1 with EoL SFOS versions and UTM9 OS. Learn more in the release notes.

This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

my network exposed

hello

today i tried to ipscan my network with a very larg range to check my network, the result shows there are many ranges that i am not aware of and they are not in my network, i ping them and i was able to run some ips in the browsers shows they are switches but not in my network, i took off my internet connection and they disappears which mean they are outside, i took my pc and plug it side by side with sophos and i was able to view my entire network. moreover, i made the rule to use only http and https protocols and still i am exposed, i cant ping anything inside my network but i can see them. how come i can scan my network and sophos let me go out side and the same to when i am outisde shows what is inside?

looking for your reply



This thread was automatically locked due to age.
Parents
  • Hi Feras,

    Thank you for reaching out to Sophos Community.

    I would recommend reviewing your Firewall rules and ensuring you have properly placed a blocking rule or kindly check if there are any Allow any rules that are causing any external access inside your network.

    You may also check the Log viewer to troubleshoot the issue.

    For best practice, kindly see the following KB

    Erick Jan
    Community Support Engineer | Sophos Technical Support
    Sophos Support Videos Product Documentation  |  @SophosSupport  | Sign up for SMS Alerts
    If a post solves your question use the 'Verify Answer' link.

  • hello,

    thank you for your reply, i have chose http/https protocol only and when i test my policy still i can see both sides, can you tell me what protocol is used in scanners?

    regards

  • Hello,

    can you show as a little diagram to understand from where you are scanning when say you "plug it side by side with sophos" ?

    And what exactly do you mean by using "a large range" ?

    Can you show us a sreenshot of your scanning results?

    Mit freundlichem Gruß, best regards from Germany,

    Philipp Rusch

    New Vision GmbH, Germany
    Sophos Silver-Partner

    If a post solves your question please use the 'Verify Answer' button.

  • Hi,

    I would suspect that you have an any zone, any source network, any destination zone etc firewall rule?

    Ian

    XG115W - v20.0.1 MR-1 - Home

    XG on VM 8 - v20 GA

    If a post solves your question please use the 'Verify Answer' button.

  • hello,

    thank you for your reply, side by side means on the same switch with sophos as i have a range of public IPs i made a scan from outside my network including my network range and it showed my my PCs, names, mac address.

    large range means i took a sample to scan from 192.168.0.0 to 192.168.250.250 just and actually my network is 192.168.8.*

    i found our one rule was causing that issue but i couldnt figure out what protocol ip scanner use.

    regards

Reply
  • hello,

    thank you for your reply, side by side means on the same switch with sophos as i have a range of public IPs i made a scan from outside my network including my network range and it showed my my PCs, names, mac address.

    large range means i took a sample to scan from 192.168.0.0 to 192.168.250.250 just and actually my network is 192.168.8.*

    i found our one rule was causing that issue but i couldnt figure out what protocol ip scanner use.

    regards

Children