Guest User!

You are not Sophos Staff.

Thread Info
  • State Suggested Answer
  • Locked Locked
  • Replies 3 replies
  • Answers 1 answer
  • Subscribers 27 subscribers
  • Views 620 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Sophos XG 106 Port issue

Ziad Nazar

Hi All,

I am caught up in a situation were I have Opened Ports 90,91 on which a web based software of ours is hosted through IIS, I am able to reach the website through our local IP (ie 192.xx) but when I Try to reach it with our Public IP while connected from outside the network I am able to access the webpage, however it is not taking me further after I input the credentials to login, i.e. I cannot press the enter button, the webpage stops responding.

The software vendor informed my firewall is blocking something which caused this issue, the page goes to not responding after a while. is it actually the firewall blocking anything?



This thread was automatically locked due to age.
Parents
  • FormerMember
    0 FormerMember

    Hey Ziad, Thanks for reaching out to Sophos Community.

    Can you share the screenshots of your DNAT rule on the Firewall?

    Usually, DNAT doesn't restrict any traffic based on the content type. Please make sure that there's no redirection happening to any other Port of that webserver, if there's then you'll have to allow that port as well.

  • 0 in reply to FormerMember

    Thanks for the reply,

    As I am new to this, is this the screenshot you asked for? I saw somewhere in the community public Ip has to be blacked out.

    Port 90 - 1

    Port 90 - 2

    Port 91 -1

    Port 91 - 2

  • FormerMember
    0 FormerMember in reply to Ziad Nazar

    Hi Ziad Nazar,

    Thank you for reaching out to Sophos Community.

    Please check the packet flow on port 90 and port 91.

    ==> Login to SSH > 4. Device Console

    console> tcpdump 'port 91 or 92

    ==> Check drop-packet-capture in other SSH session as well.

    ==> Try to access server publicly and share session output with us.

    console> drop-packet-capture 'port 91 or 92

    Instead of creating 2 different rules for port 91 & port 92, you can add them both in a single service host and turn off/delete another firewall rule.

Reply
  • FormerMember
    0 FormerMember in reply to Ziad Nazar

    Hi Ziad Nazar,

    Thank you for reaching out to Sophos Community.

    Please check the packet flow on port 90 and port 91.

    ==> Login to SSH > 4. Device Console

    console> tcpdump 'port 91 or 92

    ==> Check drop-packet-capture in other SSH session as well.

    ==> Try to access server publicly and share session output with us.

    console> drop-packet-capture 'port 91 or 92

    Instead of creating 2 different rules for port 91 & port 92, you can add them both in a single service host and turn off/delete another firewall rule.

Children
No Data