Sophos XGS 126 : access seems impossible

If you're trying to go to the admin console, you should use: 

https://<LAN IP Address of the device>:4444

Also try to ping the IP of the XGS126 device to make sure it's reachable from your Mac. 

Trying the ping I received:

$ ping <IP_Firewall>

PING <IP_Firewall> (<IP_Firewall>): 56 data bytes

Request timeout for icmp_seq 0

Request timeout for icmp_seq 1

Request timeout for icmp_seq 2

Request timeout for icmp_seq 3

ping: sendto: No route to host

Request timeout for icmp_seq 4

ping: sendto: Host is down

Request timeout for icmp_seq 5

...

---<IP_Firewall> ping statistics ---

7 packets transmitted, 0 packets received, 100.0% packet loss

And in Chrome I received: 

ERR_CONNECTION_TIMED_OUT

Hi  Roberto Catanuto

Do you have access to the console as per the link   Sophos Firewall: How to setup a Serial connection with a console cable  now ?

If yes go to option 4 on CLI access and run tcpdump and share the output 

console>tcpdump 'host <Sophos XG IP> and proto ICMP (tcpdump 'host 192.168.1.1 and proto ICMP)

console>dr 'host <Sophos XG IP> and proto ICMP

Regards

The access to the console has been granted.

Now after the first command I got:

console> tcpdump 'host <Sophos XG IP> and proto ICMP

tcpdump: verbose output suppressed, use -v or -vv for full protocol decode

listening on any, link-type LINUX_SLL (Linux cooked v1), capture size 262144 bytes

---

And then after 5 minutes nothing happens, is that correct?

Please share a screenshot of tcpdump traffic from console access.

Verify if the appliance access is disabled by running the following command from the console: 

system appliance_access show

(show share the output)

system appliance_access disable

Then Go to Administration > Device access to enable HTTPS on the required zone and share the screenshot 

Share the output by option 5 then with option 3 

psql -U nobody -d corporate -c "select destinationport from tbllocalservicedetails WHERE localserviceid =2" 

service -S | grep  -iE 'tomcat|apache'

Regards

Verify if the appliance access is disabled by running the following command from the console: 

system appliance_access show

(show share the output)

system appliance_access disable

Then Go to Administration > Device access to enable HTTPS on the required zone and share the screenshot 

Share the output by option 5 then with option 3 

psql -U nobody -d corporate -c "select destinationport from tbllocalservicedetails WHERE localserviceid =2" 

service -S | grep  -iE 'tomcat|apache'

Regards

From your first command, I got

console> system appliance_access show

Appliance access disabled.

---

Also, where is "Administration > Device access" ?

execute 

console>system appliance_access disable 

and check you are getting ping and GUI access ?

Regards

Bharat J said:

console>system appliance_access disable

Will this cause any network interruption to other clients currently within the network?

Roberto Catanuto said:

Will this cause any network interruption to other clients currently within the network?

No, by default appliance access is disabled, to enable access to the appliance execute below command : 

console>system appliance_access enable 

Once you execute the above command check if you are able to ping and access Sophos XG GUI?

This might affect your current working users you can disable the appliance console>system appliance_access disable 

Regards

To me, it's unclear if after 

"All internet traffic will be dropped"

it will be up again automatically.

Could you please help me on that? There are many users connected.

Thanks

Roberto Catanuto said:

it will be up again automatically.

No, you have to disable the appliance_access by executing the below command : 

console>system appliance_access disable

Before you apply the above command check whether you are able to ping and access Sophos XG firewall ?

Regards