Guest User!

You are not Sophos Staff.

Thread Info
  • State Suggested Answer
  • Locked Locked
  • Replies 7 replies
  • Answers 1 answer
  • Subscribers 30 subscribers
  • Views 5257 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Appliance access

NoName NoName2

Hello,

what exactly does "Appliance Access" mean.

I see that again and again in the log of the Sophos XG.

This is about the NTP port or the ports 137, 68, 67.

How do I best deal with these ports.

I found a workaround for the NTP port, but the message "Appliance Access" is displayed again.

Does anyone have an idea for that?

greeting



This thread was automatically locked due to age.
Parents
  • 0

    These are usually broadcasts arriving on the XG (as on any other device in the network) and as XG is not listening for Windows Filesharing Port 137 and others it is detecting it as "appliance access". I find this description in the logs also a bit confusing but I can understand it from a technical perspective.

    Something like "broadcast blocked" may have been clearer.

  • 0 in reply to LHerzog

    What does it mean exactly? Do I have to release port 137 now. I haven't quite understood that yet.

    greeting

  • 0 in reply to NoName NoName2

    Hello,
    a broadcast is a packet send to everyone within the network segment.
    So to the firewall too. The firewall handles this packet like an packet send to the firewall-IP. Therefore, you see "Appliance Access".  This Broadcast IP may be 192.168.11.255.
    Because there is no service at the firewall which "waits" for this packet, the firewall will drop it.
    Port 137 is used by Windows devices. There is nothing you have to open at the firewall.

Reply
  • 0 in reply to NoName NoName2

    Hello,
    a broadcast is a packet send to everyone within the network segment.
    So to the firewall too. The firewall handles this packet like an packet send to the firewall-IP. Therefore, you see "Appliance Access".  This Broadcast IP may be 192.168.11.255.
    Because there is no service at the firewall which "waits" for this packet, the firewall will drop it.
    Port 137 is used by Windows devices. There is nothing you have to open at the firewall.

Children
No Data