Guest User!

You are not Sophos Staff.

Thread Info
  • State Suggested Answer
  • Locked Locked
  • Replies 6 replies
  • Answers 2 answers
  • Subscribers 29 subscribers
  • Views 1092 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Sophos XGS User portal

piddae

Hallo communitiists,

i have finished configuring my first xgs. Now i have discovered the following: On the fw exist two local nets /24.  I have scanned both Networks with namp. Surprise surprise on the .0 normally the network address reisdes the user portal on port 443. Bigger surprise on the .255 normaly known as broadcast on a net reisdes the user portal on port 443. The portal hasent been configured yet. Is this a security feature of sophos?

Next point the xgs is not a timeserver.

Finaly one idea. I dont think that its good that Logout is placed direct underneath the point shutdown the appliance. That is worse.

There are many more things that look strange when you are used to configure a SG. But the xgs works fine as far as I can see.

Greetings Pit



This thread was automatically locked due to age.
Parents
  • 0

    So SFOS will not break with the norm about network and broadcast packets. So it is likely not configured. Check the port settings under Administration - Admin Settings. You find the port of the user portal. Is it 443? Default should be 443. 

    We enable the portal on LAN Zones per default. You see this under Device Access. But it should not be on the broadcast/network address. Can you open this on the browser as well? Could be because the firewall did not drop the traffic, instead it accept and it on those ports, because those ports are eventually send to the firewall as well. (Called Device Access). 

    NTP Server: Use this to have a NTP Server on the firewall: https://community.sophos.com/sophos-xg-firewall/f/recommended-reads/118433/using-v18-nat-to-achieve-ntp-proxy-like-functionality

    Shutdown need a reason. So: If you misclick it, the cat needs to run over the keyboard, then you need to hit enter as well. There are some IFs to accidentally shutdown the firewall in this scenario. 

    __________________________________________________________________________________________________________________

  • 0 in reply to LuCar Toni

    Sure i know to configure the user portal I need an explanation for this:

    Starting Nmap 7.91 ( https://nmap.org ) at 2022-07-03 17:06 Mitteleuropäische Sommerzeit

    Nmap scan report for 10.0.14.0

    Host is up (0.027s latency).

    Not shown: 99 filtered ports

    PORT    STATE SERVICE

    443/tcp open  https

    The user portal ansewers

    This is not configured at all

    map scan report for 10.0.14.255

    Host is up (0.027s latency).

    Not shown: 99 filtered ports

    PORT    STATE SERVICE

    443/tcp open  https

    the portal answers

    This is not configured at all

    This is configured by stanmdard:

    Nmap scan report for 10.0.14.254

    Host is up (0.026s latency).

    Not shown: 96 filtered ports

    PORT     STATE SERVICE


    443/tcp  open  https


    and works although.

    What si this?

    I dont understand.

    Greetings Piddae

Reply
  • 0 in reply to LuCar Toni

    Sure i know to configure the user portal I need an explanation for this:

    Starting Nmap 7.91 ( https://nmap.org ) at 2022-07-03 17:06 Mitteleuropäische Sommerzeit

    Nmap scan report for 10.0.14.0

    Host is up (0.027s latency).

    Not shown: 99 filtered ports

    PORT    STATE SERVICE

    443/tcp open  https

    The user portal ansewers

    This is not configured at all

    map scan report for 10.0.14.255

    Host is up (0.027s latency).

    Not shown: 99 filtered ports

    PORT    STATE SERVICE

    443/tcp open  https

    the portal answers

    This is not configured at all

    This is configured by stanmdard:

    Nmap scan report for 10.0.14.254

    Host is up (0.026s latency).

    Not shown: 96 filtered ports

    PORT     STATE SERVICE


    443/tcp  open  https


    and works although.

    What si this?

    I dont understand.

    Greetings Piddae

Children
Share Feedback
×

Submitted a Tech Support Case lately from the Support Portal?

Unfiltered HTML