Web Interface Login Failed with SFOS 16.01.1

Knanh,

try to connect to XG using the command line with admin/admin and check if you are able to reach it.

There is a way to reset the Sophos XG to factory default using the CLI > Option 5 > Option 1.

If you are not able to even access the CLI, use the following KB:

https://community.sophos.com/kb/en-us/123732

Thanks

Knanh,

try to connect to XG using the command line with admin/admin and check if you are able to reach it.

There is a way to reset the Sophos XG to factory default using the CLI > Option 5 > Option 1.

If you are not able to even access the CLI, use the following KB:

https://community.sophos.com/kb/en-us/123732

Thanks

Luk

Thanks for the quick reply. I can connect to the CLI and after resetting it to factory default I still cannot be able to login. Below is a screenshot of the web interface.

You are connecting to user portal and not webadmib, that's why!

Connect to the same ip but use :4444 at the end.

I am having the same issue. I can get to that log in page ip/.../login.jsp but getting login failed error. When I try to add :4444 at the end of https://IP:4444, it does nothing. Well, it tries but then i get a message stating that it took too long. I even tried changing the IP from 172.16.16.16 to an IP from the range that is on my DHCP server but still nothing on both IPS (1 for each of the nic). Any other suggestions?

Thanks

HI GV, 

It would seem the you are trying to access the Web interface via WAN . Or the IP address is not of the same subnet as interface address .  

Try to execute the command  on console, 

What To Do

1. Log in to the Command Line Interface (CLI) using Telnet or SSH. You can also access the CLI from admin > Console in the upper right corner of the Admin Console screen. You can also connect a monitor and keyboard to the device itself.

2. Select option 4. Device Console.

3. Execute the following command:

system appliance_access enable

Note: This will cause a network interruption.

4. Log in to the Admin Console as the administrator and go to System > Administration > Device Access. Check off HTTPS in all the desired/required zones.

5. Execute the following command in the Device Console:

system appliance_access disable

This command will restore network access.

That did the trick. Thank you so much Aditya. Have a great day.

Now that I can get to the web console, i am stuck at Register Device because it keeps telling me that I don't have internet connection. I have local IPs from the IP range that is enabled on the wireless router I have connected to the ESX host with 2 NICs and both lights on the NICs are blinking so i have connectivity. My Port A LAN has static IP that I assigned of 192.x.x.x and Port B WAN also has 192.x.x.x IP but that shows it to be DHCP. What am I doing wrong?

Here is my setup:

On the ESX machine, both NICs shows that they are connected. My management adaptor is mvnic0 that has an IP of 192.x.x.x.

On Sophos under Network settings, it shows the following:

Port:A/Zone:LAN Static IP of 192.x.x.x that I assigned and replaced the 172.16.16.16 that was that was assigned out of the box.

Port:B/Zone:WAN has DHCP IP of 192.x.x.x (should this be an external IP from my provider) I have tried rebooting my cable modem but that did not help.

Any help you can provide would be greatly appreciated.

Thanks

GV,

make sure you are really able to reach internet using the ping command to 8.8.8.8 from XG console.

Also make sure from the computer you are trying to register XG, make sure it can reach internet otherwise the registration will fail.

Regards

Actually no i am not able to ping 8.8.8.8 from XG console. On my ESXI host, I have 2 VM Kernels (VM Network with Mgmt Network with 192 IP connected to a wireless router in bridge mode and VMM Network 2 with VMKerl-WAN connected to my cable mode that is in bridge mode and has 70x IP that it picked up from my service provider). I created the Sophos virtual machine using the instructions here:

https://www.sophos.com/en-us/medialibrary/PDFs/documentation/Sophos-Firewall-Virtual-Appliance-Getting-Started-Guide.pdf

Although it does not provide a whole lot of details on network configurations. Only difference here is that for the Networking Mapping section, i selected VM Network 2 for all of my Network adapters (1,2, and 3) that shows up on the list of properties for the virtual machine i created for Sophos). Should all of the network adapters should be pointing to 'VM Network 2' that has the WAN connection?

When I look at the Network settings, it shows 172.16.16.16 for Zone LAN and 172.16.16.17 but I can't get to either of them when I try to go to https://172.16.16.16:4444. I ran system appliance_access enable that Aditya a few days ago and I was able to get to the admin console but that is when I was not able to activate because I did not have internet connection. But I rebuilt the Sophos VM today but even after running this command, I still can't get to https://172.16.16.16:4444 or https://172.16.16.17:4444. I changed .16 to a local 192x address that my LAN NIC is connected to but I can't to it either. Also when I run this command, it tells me that internet access is disabled while this setting is enabled. And when I rebooted the VM, the WAN NIC no longer shows 172.16.16.17, instead it shows 'Not Configured' with 128.0.0.1 Gateway. I was able to restore the default settings and the 172 IPs returned but I still can't connect to them.

What am I doing wrong? It might be too much to ask but is it possible for you or someone on this community to send me screenshots of their setup that I can compare to? OR if someone has a video of installing sophos on ESX host, that would be very beneficial. Did not find any videos on Google :(.

Thanks for your help in advance!!

Check the server date and time