Guest User!

You are not Sophos Staff.

Thread Info
  • State Verified Answer
  • Locked Locked
  • Replies 4 replies
  • Answers 1 answer
  • Subscribers 27 subscribers
  • Views 8703 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Cannot connect to firewall after configuration

James Organ

Hello

I am trying to setup the firewall software on a PC (free Home version). I can install OK and then access the console via HTTPS but I don't have internet access from any device. When I run the configuration wizard the pc running the firewall reboots and a little while later I get a message to say that I can now log back into the console. Unfortunately this doesn't happen. I cannot connect to the firewall pc. The browser displays 'The site cannot be reached'. I cannot ping the IP address yet when I look at the console on the firewall pc it is still showing the  same IP address. I have re-installed the firewall software a number of times. One of the many configurations I have tried is as shown below.

Can anyone provide any help?

Cheers,
James

Appliance Configured in GATEWAY MODE

Interface Configuration
========================

Port1
------
IPAddress: 172.16.16.16
NetMask : 255.255.255.0
Zone : LAN

Port2
------
DHCP Enabled

Gateway Configuration
======================

Gateway Name : DHCP_Port2_GW
IP Address : 128.0.0.1
Ethernet Port : Port2

DNS Configuration
===================
Obtain DNS from: DHCP
--IPv4
DNS1: Not assigned
DNS2: Not assigned
DNS3: Not assigned

Internet Access Configuration
=============================

Network
--------
Web Filter : Allow All
App Filter : Block generally unwanted apps
IPS : LAN TO WAN



This thread was automatically locked due to age.
Parents
  • 0

    Hi James , 

    If you  are trying to access the LAN port from Systems in the same LAN network. It should be pingable , if not you may have a console access and go to option 4
    console > tcpdump 'icmp

    If you see such request on the console that would mean that the traffic reached the XG. Otherwise you may need to check the VM settings and Adapter . 

    If you are able to see the request on XG then you may execute a command . console > system appliance_access enable , then access the XG via https://<IP>:4444 and enable device access for WAN and LAN (by default LAN is enabled). Then turn off the appliance access from console>   system appliance_access disable.

    Please share the Lan setting of the VM .

    Thanks and Regards

    Aditya Patel | Network and Security Engineer. 

  • 0 in reply to Aditya Patel

    Thanks for the response. I don't have a physical Sophos device I have installed the Firewall software on an old PC.

    I tried the tcpdump command but it only showed WAN traffic. The other two commands didn't make any difference. BTW how do you exit the console (I had to reboot the PC.)?

    I reinstalled the software for the ninth or tenth time and started again. I had access to the Firewall via HTTPS in a browser and I had internet access. Once the device was registered I lost internet access - I assume the default is to block everything. I didn't run the wizard as then I lose access to the Firewall.

    I tried turning off all the Web rules but that made no difference.

    I added a Firewall rule which I thought made sense but that made no difference.

    I have shown some configuration information in the attached document.

    What I am trying to do is set this up at home. The first thing I would like to achieve is be able to get internet access with the Firewall in-line. Once I have that then I can look at making it more secure.

    Cheers
    James

     

    4454.sophos.pdf

  • +1 in reply to James Organ

    James,

    remove Match know users and the icon should turn from User to Network and it will work.

    As Best practice, do not use any inside services and also any zone as source/destination.

Reply Children