Remove 'Allow any/any' rule

Question

We have an UTM9 firewall running. The two last firewall rules are: 
 
 rule 17: Allow any/any (Default Allow rule) 
 rule 18: Drop any/any (Default drop rule) 
 
 I want to remove the 'allow any/any' rule as it defeats previous, more specific 'allow' rules in the firewall. 
 Before doing that, I want to be absolutely sure that, when removing the 'allow any/any' rule, I don't lock myself out on the WebAdmin access. 
 I will be performing the change from a network that is in the 'Allowed Networks' in the General WebAdmin settings. Is that enough? Do these networks always have access to the WebAdmin even though there is no firewall rule that allows this traffic? 
 Thanks!

FormerMember · Accepted Answer

Hi Onetrail Techops , 
 Thank you for reaching out to the Community! 
 The WebAdmin access isn&rsquo;t subjected to the firewall rules. If the source network is allowed under WebAdmin Access Configuration, you could access it without a firewall rule. 
 Allowed Networks : The Allowed Networks box lets you define the networks that should connect to the WebAdmin interface. For the sake of a smooth installation of Sophos UTM , the default is Any . This means that the WebAdmin interface can be accessed from everywhere. Change this setting to your internal network(s) as soon as possible. However, the most secure solution would be to limit the access to only one administrator PC through HTTPS. Adding a definition is explained on the Definitions & Users > Network Definitions > Network Definitions page. 
 Reference UTM help page. 
 Thanks,

Remove 'Allow any/any' rule

Top Replies