Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 62 replies
  • Subscribers 8 subscribers
  • Views 12636 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

I can't Access Web Admin via WAN

Patrick

Hello ,

I have a sophos UTM 9.716-2. I can't connect via hostname from noip.com on port 4444. I can't connect via ssl vpn too. My ISP has cg-nat . I think cg-nat is the problem.

I try with success to setup a vps with wireguard to avoid cg nat. Now I got a new IP from vps.  If I write on GNU/linux  traceroute public ip show that I am not on cg-nat.

I have in Webadmin settings -> General -> Allowed Networks has ANY, Internal (Network), VPN Pool (SSL)  but problem not solved.

How can I ascess web admin via wan ???



This thread was automatically locked due to age.
Parents
  • 0

    I try to connect to webadmin from my cell phone's LTE connection to https://dynDNS.hostname:4444 ....then I am in shell then I write tcpdump -nei any port 4444

     then I don't show my cell phone's IP.

    I think the request don't reach on my sophos UTM.

    Is there other tcpdump to capture      to   cell phone's LTE IP ????

  • 0 in reply to Patrick

    your selected option is the one i would use too.

    But tcpdump -nei any host xxx.yyy.zz.zz

    or

    tcpdump -nei any | grep xxx.yyy.zz.zz  is also an option


    Dirk

    Systema Gesellschaft für angewandte Datentechnik mbH  // Sophos Platinum Partner
    Sophos Solution Partner since 2003
    If a post solves your question, click the 'Verify Answer' link at this post.

  • 0 in reply to dirkkotte

    Thanks you for replying!

    Dirk nothing show from cell phone's LTE connection.

    The packest can't reach to hostname:4444.....Did you see my topology above? I attach a picture. router behind sophos UTM  forward all packets with iptables. Nonthing block sophos utm. (I think?)

    The only thing that works is

    1. ONLY https://dynDNS.hostname <--- without 4444 ONLY FROM LAN  show the user portal

    2. SSL VPN with port udp 443 ONLY FROM LAN

    Something block to reach packets to https://dynDNS.hostname:4444 from wan....

    Dirk do you have any idea?

    Please for anyone here. I have this problem with CG-NAT over 1 year. PLEASE if someone has bybass CG-NAT I would like to post it here to help me.....

    Thank you!

Reply
  • 0 in reply to dirkkotte

    Thanks you for replying!

    Dirk nothing show from cell phone's LTE connection.

    The packest can't reach to hostname:4444.....Did you see my topology above? I attach a picture. router behind sophos UTM  forward all packets with iptables. Nonthing block sophos utm. (I think?)

    The only thing that works is

    1. ONLY https://dynDNS.hostname <--- without 4444 ONLY FROM LAN  show the user portal

    2. SSL VPN with port udp 443 ONLY FROM LAN

    Something block to reach packets to https://dynDNS.hostname:4444 from wan....

    Dirk do you have any idea?

    Please for anyone here. I have this problem with CG-NAT over 1 year. PLEASE if someone has bybass CG-NAT I would like to post it here to help me.....

    Thank you!

Children
No Data
Unfiltered HTML