Guest User!

You are not Sophos Staff.

Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 10 replies
  • Subscribers 28 subscribers
  • Views 1234 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Opening an unrestricted VLAN Network

Yasha Burns

One of our clients was trying to use a specific app and Sophos kept blocking it, so we went in and unblocked the app and all services related to it. However this didn't work so we went on to making an unrestricted VLAN network that they would only use when they needed to use their specific app. They were able to connect to the VLAN network but the app was still blocked. The firewall rule for our network is set to allow everything.



This thread was automatically locked due to age.
Parents
  • 0

    I'm not entirely sure what your looking for but its under appliance access and I copied the log

    2021-12-09 17:56:16Firewallmessageid="02002" log_type="Firewall" log_component="Appliance Access" log_subtype="Denied" status="Deny" con_duration="0" fw_rule_id="N/A" nat_rule_id="0" policy_type="0" user="" user_group="" web_policy_id="0" ips_policy_id="0" appfilter_policy_id="0" app_name="" app_risk="0" app_technology="" app_category="" vlan_id="" ether_type="IPv4 (0x0800)" bridge_name="" bridge_display_name="" in_interface="Port1.8" in_display_interface="Port1.8" out_interface="" out_display_interface="" src_mac="f8:ff:c2:2a:cf:91" dst_mac="" src_ip="192.168.8.24" src_country="R1" dst_ip="192.168.8.255" dst_country="R1" protocol="UDP" src_port="137" dst_port="137" packets_sent="0" packets_received="0" bytes_sent="0" bytes_received="0" src_trans_ip="" src_trans_port="0" dst_trans_ip="" dst_trans_port="0" src_zone_type="" src_zone="" dst_zone_type="" dst_zone="" con_direction="" con_id="" virt_con_id="" hb_status="No Heartbeat" message="" appresolvedby="Signature" app_is_cloud="0"

Reply
  • 0

    I'm not entirely sure what your looking for but its under appliance access and I copied the log

    2021-12-09 17:56:16Firewallmessageid="02002" log_type="Firewall" log_component="Appliance Access" log_subtype="Denied" status="Deny" con_duration="0" fw_rule_id="N/A" nat_rule_id="0" policy_type="0" user="" user_group="" web_policy_id="0" ips_policy_id="0" appfilter_policy_id="0" app_name="" app_risk="0" app_technology="" app_category="" vlan_id="" ether_type="IPv4 (0x0800)" bridge_name="" bridge_display_name="" in_interface="Port1.8" in_display_interface="Port1.8" out_interface="" out_display_interface="" src_mac="f8:ff:c2:2a:cf:91" dst_mac="" src_ip="192.168.8.24" src_country="R1" dst_ip="192.168.8.255" dst_country="R1" protocol="UDP" src_port="137" dst_port="137" packets_sent="0" packets_received="0" bytes_sent="0" bytes_received="0" src_trans_ip="" src_trans_port="0" dst_trans_ip="" dst_trans_port="0" src_zone_type="" src_zone="" dst_zone_type="" dst_zone="" con_direction="" con_id="" virt_con_id="" hb_status="No Heartbeat" message="" appresolvedby="Signature" app_is_cloud="0"

Children
  • 0 in reply to Yasha Burns

    That logviewer report shows the application broadcasting on port 137 to the network broadcast address using a non routable port.

    What does the application provider advise which ports are used?

    Ian

    XG115W - v19.5.1 mr-1 - Home

    If a post solves your question please use the 'Verify Answer' button.

Share Feedback
×

Submitted a Tech Support Case lately from the Support Portal?