Important note about SSL VPN compatibility for 20.0 MR1 with EoL SFOS versions and UTM9 OS. Learn more in the release notes.

This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Ports blocking on LAN zone.

Hello dear all,

I'm connected with one of my clients via LAN, without going to the internet, just a LAN to LAN connection to have access to their server. But the port open to receive SNMP traffic is blocked from time to time, and I no longer receive the traffic, each time when this happens, I change the port and I ask my client to do the same, but however , I would like to understand the real problem, to resolve it definitively. Why every time, after one or two months, I no longer receive anything at my port?  

Please, I expect your support on this.



This thread was automatically locked due to age.
Parents
  • Hello,

    this sounds like an IPS protection effect. Do you have IPS policies in place?

    Mit freundlichem Gruß, best regards from Germany,

    Philipp Rusch

    New Vision GmbH, Germany
    Sophos Silver-Partner

    If a post solves your question please use the 'Verify Answer' button.

  • Hello Philipp,

    Thanks for your feedback,
    Yes I've the IPS activated, but it's a basic configuration, no more.

    If it's so, do you know how I can remove my port from the black liste and avoid it to be blocked in the future ? or How can I clear the cache and remove my port from the black liste ?

  • You can check in the logging (Log Viewer -> IPS) whether something is blocked. This should give you a reason which you can use to exclude this.

    Other thing you can do is to make sure you do'nt use IPS LAN to LAN in the specific LAN interfaces. For that make sure to use 'None' in the IPS setting in the firewall rule.


    Managing several Sophos firewalls both at work and at some home locations, dedicated to continuously improve IT-security and feeling well helping others with their IT-security challenges.

Reply
  • You can check in the logging (Log Viewer -> IPS) whether something is blocked. This should give you a reason which you can use to exclude this.

    Other thing you can do is to make sure you do'nt use IPS LAN to LAN in the specific LAN interfaces. For that make sure to use 'None' in the IPS setting in the firewall rule.


    Managing several Sophos firewalls both at work and at some home locations, dedicated to continuously improve IT-security and feeling well helping others with their IT-security challenges.

Children