Important note about SSL VPN compatibility for 20.0 MR1 with EoL SFOS versions and UTM9 OS. Learn more in the release notes.

Invalid Traffic - specifically using web browser, not via nmap

Hi all, i have had a look at the Invalid Traffic page but as stated at the bottom doesnt resolve the issue, just reduces the number of logged entries

My setup is as follows

Core network is TPLink Omada (Manages the vlans)

Sophos setup:

Port1 - Management LAN (VLAN 1)

Port2 - Internet WAN

Port3 - VLAN 131 Subnet LAN (gateway for this is the IP of Sophos) (Management wifi)

Port4 - VLAN 121 Subnet LAN (IOT wifi)

Port5 - VLAN 111 Subnet LAN (userland wifi)

When using VLAN 131 subnet I cannot access any resources on Management LAN (by default this is what I want for my main VLAN 111, but still need my management access).

Ive added internal allow rule to the fw (though bit surprised its going through fw considering each subnet is set to LAN) ... and its allowed me now to ping everything and use nmap to the specific ports successfully on the management LAN, but use a web browser the firewall logs with 'Invalid Traffic' (nmap logs successfully hits the rule and gets passed through no issues

Any ideas?



Added TAGs
[edited by: Erick Jan at 12:38 AM (GMT -7) on 11 Oct 2024]