Guest User!

You are not Sophos Staff.

Thread Info
  • State Suggested Answer
  • Locked Locked
  • Replies 6 replies
  • Answers 2 answers
  • Subscribers 29 subscribers
  • Views 1090 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Sophos XGS User portal

piddae

Hallo communitiists,

i have finished configuring my first xgs. Now i have discovered the following: On the fw exist two local nets /24.  I have scanned both Networks with namp. Surprise surprise on the .0 normally the network address reisdes the user portal on port 443. Bigger surprise on the .255 normaly known as broadcast on a net reisdes the user portal on port 443. The portal hasent been configured yet. Is this a security feature of sophos?

Next point the xgs is not a timeserver.

Finaly one idea. I dont think that its good that Logout is placed direct underneath the point shutdown the appliance. That is worse.

There are many more things that look strange when you are used to configure a SG. But the xgs works fine as far as I can see.

Greetings Pit



This thread was automatically locked due to age.
  • 0

    Might want to ask this on the XG forums.  ;)

    XG 19.5 GA 64-bit | Intel Xeon 4-core v3 1225 3.20Ghz
    16GB Memory | 500GB SSD HDD | GB Ethernet x5

  • 0

    Hi,

    NTP, you need to setup your own time server. 

    I will suspect you have a configuration issue with your XGS DHCP servers?

    Ian

    XG115W - v19.5.1 mr-1 - Home

    If a post solves your question please use the 'Verify Answer' button.

  • 0

    So SFOS will not break with the norm about network and broadcast packets. So it is likely not configured. Check the port settings under Administration - Admin Settings. You find the port of the user portal. Is it 443? Default should be 443. 

    We enable the portal on LAN Zones per default. You see this under Device Access. But it should not be on the broadcast/network address. Can you open this on the browser as well? Could be because the firewall did not drop the traffic, instead it accept and it on those ports, because those ports are eventually send to the firewall as well. (Called Device Access). 

    NTP Server: Use this to have a NTP Server on the firewall: https://community.sophos.com/sophos-xg-firewall/f/recommended-reads/118433/using-v18-nat-to-achieve-ntp-proxy-like-functionality

    Shutdown need a reason. So: If you misclick it, the cat needs to run over the keyboard, then you need to hit enter as well. There are some IFs to accidentally shutdown the firewall in this scenario. 

    __________________________________________________________________________________________________________________

  • 0 in reply to LuCar Toni

    Sure i know to configure the user portal I need an explanation for this:

    Starting Nmap 7.91 ( https://nmap.org ) at 2022-07-03 17:06 Mitteleuropäische Sommerzeit

    Nmap scan report for 10.0.14.0

    Host is up (0.027s latency).

    Not shown: 99 filtered ports

    PORT    STATE SERVICE

    443/tcp open  https

    The user portal ansewers

    This is not configured at all

    map scan report for 10.0.14.255

    Host is up (0.027s latency).

    Not shown: 99 filtered ports

    PORT    STATE SERVICE

    443/tcp open  https

    the portal answers

    This is not configured at all

    This is configured by stanmdard:

    Nmap scan report for 10.0.14.254

    Host is up (0.026s latency).

    Not shown: 96 filtered ports

    PORT     STATE SERVICE


    443/tcp  open  https


    and works although.

    What si this?

    I dont understand.

    Greetings Piddae

  • 0 in reply to piddae

    Yeah it will be likely the HTTPS Proxy of the firewall dropping this. Check the Logviewer of the firewall, you should see this. 

    __________________________________________________________________________________________________________________

  • 0 in reply to LuCar Toni

    Thats confusing. I will pass it to the tecnical support.

Share Feedback
×

Submitted a Tech Support Case lately from the Support Portal?

Unfiltered HTML