Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 5 replies
  • Subscribers 5 subscribers
  • Views 4223 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Ports 139 and 445 blocked by UTM

Daniel Huhardeaux

Hi,

I use an UTM9.510-5 in VM and face following problem: VPNs (OpenVPN) are running on another server on the same LAN, UTM redirecting all internal traffic for the VPNs subnet to this server. UTM is default GW for the LAN. If I try to connect to a Windows machine behind a VPN network I get a timeout.

Now I modify my routes on LAN devices giving them the VPNs server as GW for those networks: everything works perfect !

I checked with other services like ssh, http(s), aso, to devices connected on same VPNs network, all of them are perfectly usable if UTM is the GW. So only(?) those 2 ports are blocked by the UTM.

If someone could give me a hint or explanation on what Is wrong.

Regards

Daniel



This thread was automatically locked due to age.
Parents
  • 0

    Hi Daniel Huhardeaux,

    what routing have you put in place?

    XG & UTM Architect (Systems: XG v18 & UTM 9.7 - Virtual, HW & SW)
    Curious enough to take it apart, skilled enough to put it back together, Clever enough to hide the extra parts when I'm Done!

  • 0 in reply to Argo

    Hi Argo,

    I have a policy route who forward all traffic to networks behind VPNs using gateway route:

    source interface=internal

    services=all

    destination network=network definition containing all networks address behind VPNs

    gateway=IP of VPN server in same LAN

    Please remember that this setup is working for all ports to all networks behind VPNs except those 2 ports.

    Thanks for your support

    Daniel

  • 0 in reply to Daniel Huhardeaux

    Do you also have an explicit allow rule for this traffic in the firewall? Just the route is not enough traffic must also be explicitly allowed.

    Managing several Sophos firewalls both at work and at some home locations, dedicated to continuously improve IT-security and feeling well helping others with their IT-security challenges.

  • 0 in reply to Daniel Huhardeaux

    OK, I got it: I had a FW rule who blocked those 2 ports, rule I added for test purpose and forgot to disable.

    Sorry for the noise, many thanks for your help.

    Daniel

Reply Children
Unfiltered HTML