Guest User!

You are not Sophos Staff.

Thread Info
  • Locked Locked
  • Replies 4 replies
  • Subscribers 4 subscribers
  • Views 7830 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

SSH enabled = accessible from WAN???

mikeboss

I'm on the latest release Sophos UTM 9.404-5. by just enabling SSH, it is accessible from the internet! no visible firewall-rule, no visible NAT rule. nothing! by default SSH is accessible from ANY network, so far so good. but without adding any rules it is also accessible from the WAN. not good IMHO...

regards,

michael



This thread was automatically locked due to age.

  • Huh?  There is an allowed networks setting under System Settings> Shell Access.  Do you have that set correctly?  I cannot connect to my UTM from WAN, only LAN, and I have only LAN allowed.

  • in reply to darrellr

    per default, ANY networks are allowed. so far, no problem. because there's no (visible) rule in the firewall allowing SSH -> WAN.

    BUT: it seems there's something like a hidden firewall rule allowing anybody to connect to the WAN address if I just enable SSH.

    of course it's not accessible anymore if I set the allowed networks to LAN only.

  • in reply to mikeboss

    If you enable it, and set it to allow ANY, that implies no firewall rule per the UTM.  Traffic from WAN, terminating on WAN, does not get processed by the UTM.  It is not present in the firewall by design.  It is set to control traffic between interfaces.  You should be able to find a rule via iptables from the shell and allows port 22, but it will not be presented on the GUI.

  • in reply to darrellr

    okay, thanks for the explanation! I just thought that it was odd that the UTM behaved like this. now that I know about this I can make the adjustments needed to stay save...

    regards,

    michael