Guest User!

You are not Sophos Staff.

Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 6 replies
  • Subscribers 27 subscribers
  • Views 18859 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

create new rule from any to any using console.

MoMx

create new rule from any to any using console.

i am not able to access the web interface neither the telnet , i cant ping or access the device using any way except the phsyical access using the console . and i need to create one rule to allow traffic from any zone to any zone for any service . so how can i do that . Thanks



This thread was automatically locked due to age.
  • 0
    Momx,

    so you are not able to access web interface, correct? Try to connect to XG using command line, option 4 then type:

    system appliance_access enable

    Now you should be able to access XG using web interface. Remove the rules that locks you out and re-type the command:

    system appliance_access disable

    "This command will restore the Appliance Access settings as per configured in System >Administration>Device Access.
    Check that appliance is accessible only from specified IP addresses or ports as per your configuration after performing the above command."

    Luk
  • 0 in reply to lferrara
    hi lferrara

    let me tell you what happen so you can have an idea . you can try this and see if the same issue will happen to you

    this is a testing VM machine runing SophosXG on ESXI host , created one FW rule allowing any from lan to wan. and every thing was working fine . once i migrate this machine to another ESXI host . it stop pinging and stop leting me accessing the admin interface on port 4444. it just blcoked every thing. so i used the console to enale the manage access as you sugest and i can access now only access port 80 which is the userportal

    using the advanced shell i flushed all the iptables using -F .but still i cant access the admin manage . it give me connection refused. i can ping the dvice now and do any thing excpet accessing the web admin .

    so i wonder where can i find the logs that can help me troubleshout this issue ( i already saw the logs under /var/tslogs) but didnot know where exactly is the one for the admin inetrafce .

    SophosXG is after all linux with lots of Cyberoam hinst,command, inside the device itself .

    so can you help in why i cant access the web admin ?
    also how can i flush all the ARP spoof MACs
  • 0 in reply to MoMx
    ok it seems to be somthing related to MAC Spoof . anyway i just go back to previous snapshot ant it work fine now .

    Thanks
  • 0 in reply to MoMx
    So it seems that you locked you out using dos protection and Mac spoofing.

    Luk
  • 0
    Moving to another vm host would have given you new MAC addresses on all interfaces which the XG would have seen as spoofing.

    Ian,

    home UTM 9.x running in ESXi 6 e3-1275v2

    AP55c and AP10 (courtesy Astaro)

    Three other UTMs, SUM and SFM in hibernation

    XG 15.x MR3 in hibernation

Share Feedback
×

Submitted a Tech Support Case lately from the Support Portal?