Important note about SSL VPN compatibility for 20.0 MR1 with EoL SFOS versions and UTM9 OS. Learn more in the release notes.

Thread Info
  • State Verified Answer
  • Locked Locked
  • Replies 6 replies
  • Subscribers 42 subscribers
  • Views 3661 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Ports blocking on LAN zone.

Alex KABWE

Hello dear all,

I'm connected with one of my clients via LAN, without going to the internet, just a LAN to LAN connection to have access to their server. But the port open to receive SNMP traffic is blocked from time to time, and I no longer receive the traffic, each time when this happens, I change the port and I ask my client to do the same, but however , I would like to understand the real problem, to resolve it definitively. Why every time, after one or two months, I no longer receive anything at my port?  

Please, I expect your support on this.



This thread was automatically locked due to age.
Parents
  • 0

    Hello,

    this sounds like an IPS protection effect. Do you have IPS policies in place?

    Mit freundlichem Gruß, best regards from Germany,

    Philipp Rusch

    New Vision GmbH, Germany
    Sophos Silver-Partner

    If a post solves your question please use the 'Verify Answer' button.

  • 0 in reply to PhilippRusch

    Hello Philipp,

    Thanks for your feedback,
    Yes I've the IPS activated, but it's a basic configuration, no more.

    If it's so, do you know how I can remove my port from the black liste and avoid it to be blocked in the future ? or How can I clear the cache and remove my port from the black liste ?

Reply
  • 0 in reply to PhilippRusch

    Hello Philipp,

    Thanks for your feedback,
    Yes I've the IPS activated, but it's a basic configuration, no more.

    If it's so, do you know how I can remove my port from the black liste and avoid it to be blocked in the future ? or How can I clear the cache and remove my port from the black liste ?

Children
  • +1 in reply to Alex KABWE

    You can check in the logging (Log Viewer -> IPS) whether something is blocked. This should give you a reason which you can use to exclude this.

    Other thing you can do is to make sure you do'nt use IPS LAN to LAN in the specific LAN interfaces. For that make sure to use 'None' in the IPS setting in the firewall rule.

    Managing several Sophos firewalls both at work and at some home locations, dedicated to continuously improve IT-security and feeling well helping others with their IT-security challenges.

  • 0 in reply to apijnappels

    Thank you,

    From the Log viewer i've found some public IP using my privat port which is oepen only on LAN zones.
    I first black listed them, and i'm seeing that they are keep changing and using the smae ports.

Unfiltered HTML