https service in wan zone

Question

Dears, 
 I have a two firewalls, main firewall and a secondary firewall, and there is a connection between them through a VPN, in the past, access to the remte firewall from the main headquarters was through the VPN port, but now, when I want to enable the HTTPS service in wan zone this message appear 
 ( 
 You can't allow web admin console access from all WAN sources. For secure access, we recommend one of the following: 
 
 Add a local service ACL exception rule that only allows access from specific IP addresses and networks. 
 Use Sophos Central. 
 
 ) 
 I have added an access list, but the problem remains the same. 
 How i can solve it. 
 
 Regards,

Erick Jan · Answer

Hi Fadi, 
 Thank you for reaching out to Sophos Community. 
 Kindly check the log viewer upon testing the access. Verify the correct configuration is made from the Local ACL. 
 Also, Sophos Central would be the best course of action instead of allowing HTTPS on the WAN Zone for best practice. 
 Central Management provides additional security features and centralized visibility to all your firewalls. 
 You may check the following KB for reference 
 
 Firewall Management