Thread Info
  • State Verified Answer
  • Locked Locked
  • Replies 5 replies
  • Subscribers 27 subscribers
  • Views 7953 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Strange behavior on firewall

Renede Bie

Hi

I got an appliance running as test in homelab with 4 network ports.

Two are configured as LAN.

When I make a rule for http,https and tcp 3218 and Web enabled the internet connection of a system running on 10.10.11.115 and using 10.10.11.254 gateway.

When I open a site like: www.nu.nl or www.telegraaf.nl it works without an issue.

But when I change the source from LAN - ANY to LAN - port D I get issues.

When I open the websites is telling me there is a certificate error and I get a blocked page ?

When changing rule back from LAN - ANY it works again ...

 



This thread was automatically locked due to age.
Parents Reply Children
  • 0 in reply to Renede Bie

    Basically the rule should any zone (source )-> any host -> any zone (destination) -> any host -> any service because you are using the proxy.

    The gateway would be part of your config on port D so going to any host in the destination zone will use the correct gateway.

    Why are you using http and https when they are part of the 3128 proxy?

    What rule does your UTM, are you using the http proxy and in what mode?

    Do you have the proxy setup on your PC?

     

    Ian

  • 0 in reply to rfcat_vk

    Hi

    My sophos works in gateway mode. I did add http, https like in the example of the sophos help page.

    I did remove http and https and it still works.

    But I cannot make a rule that only allows subnet 10.10.11.x thats connected to port D can access the internet. It only works if ANY-ANY is used

  • 0 in reply to Renede Bie

    Did fix it, I did add a new zone and only added that to port D.