Guest User!

You are not Sophos Staff.

This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Port Scan - Open Ports

I manage two Sophos SG firewalls (SG115w and SG210) at two different sites and have recently started conducting external port scans on both. The scan reports show that TCP port 2000 and 5060 are open on one of the firewalls and are closed on the other, however having compared their configurations I believe that they are both identical.

Both firewalls are running the most current available firmware version and VoIP and H323 protocol support are disabled within the WebAdmin console on both. Are there any other settings that I may have overlooked on one of the firewalls that can result in these two ports remaining open?

Kind regards,

Lee.



This thread was automatically locked due to age.
Parents
  • Hi Lee and welcome to the UTM Community!

    5060 is SIP - does the site with that open use VoIP?  2000 is a different story - have you looked at the "Automatic firewall rules" to see if there's a NAT or other rule letting that in?

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Reply
  • Hi Lee and welcome to the UTM Community!

    5060 is SIP - does the site with that open use VoIP?  2000 is a different story - have you looked at the "Automatic firewall rules" to see if there's a NAT or other rule letting that in?

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Children
No Data