Important note about SSL VPN compatibility for 20.0 MR1 with EoL SFOS versions and UTM9 OS. Learn more in the release notes.

This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

FW-Rules not working to restrict VPN-Portal?

Hi there,

since some days, we encounter Bruteforce-Attacks against our Mainfirewall (Sophos XGS):

Access from IP address '92.53.xxx.xxx' is blocked for '30' minutes after '5' unsuccessful login attempts

I've tried to block all requests from this IP with a Deny/Reject-Firewall on the Top of our ruleset; but i still got mails with this login-attempts.
The rule was a simple "From WAN, IP-address to ANY Zone/Network, reject/block ANY Port". The States/Traffic-Count on the rule resides at 0 after some minutes (and mails from Sophos, that a IP was banned for some minutes).

So my question is: The access to the VPN-Portal is not limited by the firewall-ruleset?

We don't need the VPN-Portal available via external access and tried to deactivate ist - but then, our clients can't connect anymore via Sophos Connect.

Thanks in advance,



This thread was automatically locked due to age.