Important note about SSL VPN compatibility for 20.0 MR1 with EoL SFOS versions and UTM9 OS. Learn more in the release notes.

This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Cannot connect to Port 4444 or 443 from VLAN on Port1

Hello, Have an XGS 116 with configured VLAN's on Port1. Trying to get to https://x.x.x.x:4444 or https://x.x.x.x times out when on the VLAN.  I can ping all the VLAN devices and the default network devices successfully form the VLAN and vice versa.  Device settings are to allow https and ssh in those zones. 



This thread was automatically locked due to age.
  • Hi,

    does your pinging device have a valid IP address for the that VLAN?

    Ian

    XG115W - v20.0.3 MR-3 - Home

    XG on VM 8 - v21 GA

    If a post solves your question please use the 'Verify Answer' button.

  • Could you show us a screenshot of the interface configuration from the VLAN interface?


    Managing several Sophos firewalls both at work and at some home locations, dedicated to continuously improve IT-security and feeling well helping others with their IT-security challenges.

  • Hi  ,

    Have you tried accessing other LAN interfaces of the firewall?

    You can also try testing the accessibility using CLI:

    • For Powershell
      • tnc x.x.x.x -port 4444
      • tnc x.x.x.x -port 443
    • Example:

    If the TcpTestSucceeded is True then the port is open and should be accessible.

    If the TcpTestSucceeded is False, kindly check any NAT rules that could be a conflict with this traffic

    • This is only an example, but usually, we have a conflict if there is a NAT configured with the service as ANY Service

    Then make sure that the device access is configured as admin:4444 and userportal:443

    We look forward to hearing from you

  • i would activate logging for "device access" and check within logviever for blocked connections.


    Dirk

    Systema Gesellschaft für angewandte Datentechnik mbH  // Sophos Platinum Partner
    Sophos Solution Partner since 2003
    If a post solves your question, click the 'Verify Answer' link at this post.

  • Did you put that VLAN-interface into the right zone?

    Mit freundlichem Gruß, best regards from Germany,

    Philipp Rusch

    New Vision GmbH, Germany
    Sophos Silver-Partner

    If a post solves your question please use the 'Verify Answer' button.