New Sophos Support Phone Numbers in Effect July 1st, 2023

Thread Info
  • State Suggested Answer
  • Locked Locked
  • Replies 1 reply
  • Answers 1 answer
  • Subscribers 4 subscribers
  • Views 3797 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

How to block external IP-Address

Tom Szymanski

Hello,

how can I deny the Access to our Sophos UTM for a specific external IP-Address?

Notification: "Failed SSH login attempt from 176.235.x.x"

 

I have found some discussions here, but they couldn't help.



This thread was automatically locked due to age.
  • 0

    Hallo Tom and welcome to the UTM Community!

    Before I answer your explicit question, let me address the underlying issue... I would recommend that you eliminate "Any" from 'Allowed Networks' in both Shell Access and WebAdmin Settings.  Put only those Hosts and DNS Hosts from where you be accessing your UTM.  Add "Internal (Network)" if you're comfortable with that.  Add your "username (User Network)" object and configure one of the Remote Access methods so that you can get to the UTM from anywhere.

    To see how to blackhole accesses from any specific IP or subnet, see #2 in Rulz.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Unfiltered HTML