Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 14 replies
  • Subscribers 2 subscribers
  • Views 14560 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Default Drop with an Allow Any to Any

Bart van Kampen
Hi all,

Im trying to connect with the Sophos IPSec Client to my UTM.
I've added an allow Any to Any rule in the firewall for testing purposes, but port 500 is keeping blocked by an 'Default Drop'.

Can anyone tell my why this happens? Do I miss something in the firewall rule set? 

Thanks,
Bart

UTM Version: 9.310-11

btw: Rule 1&2 are automatically created rules for the Remote Access
:123 is my client in the WAN segment. 
:1 is the address of the UTM WAN interface.


This thread was automatically locked due to age.
Parents
  • 0
    Interesting.  I knew that they had changed "must support IPsec" to "should" several years ago, but I didn't realize that any production IPv6 environment was unencrypted.  If you go to the google.com IPv6 address, 2607:f8b0:4000:806::1005, do you see that the traffic is not encrypted?

    Cheers - Bob
Reply
  • 0
    Interesting.  I knew that they had changed "must support IPsec" to "should" several years ago, but I didn't realize that any production IPv6 environment was unencrypted.  If you go to the google.com IPv6 address, 2607:f8b0:4000:806::1005, do you see that the traffic is not encrypted?

    Cheers - Bob
Children
  • 0 in reply to BAlfson
    Interesting.  I knew that they had changed "must support IPsec" to "should" several years ago, but I didn't realize that any production IPv6 environment was unencrypted.  If you go to the google.com IPv6 address, 2607:f8b0:4000:806::1005, do you see that the traffic is not encrypted?

    Cheers - Bob

    Funny, but my browsers did not like the raw IPv6 address in the address bar. They did a web search for "2607:f8b0:4000:806::1005" instead. :-)

    Next I tried forcing an "http://" in front of the IPv6 address, but got a blank screen - something wasn't right.

    I assume that the IPv6 address is "ipv6.google.com", but it does not match my host DNS lookup, which is: 2607:f8b0:4009:804::1004

    Next I put "ipv6.google.com" in the browser and it worked. I saw a small amount of http traffic, the redirection to https. After that, I could see the TLS protocol contents going back and forth in "plaintext" (no IPsec), but of course the contents were encrypted by the higher level TLS protocol, not IPsec. The browser icon in the address bar changed to indicate "https".

    Does that answer your question?