Guest User!

You are not Sophos Staff.

Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 5 replies
  • Subscribers 5 subscribers
  • Views 3915 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

cant block firewall itself

IlyaYakov

hi

i am testing utm 9 home edition version
i have some problem,i created rule any to any block,and the firewall still going to inet....after i hade block any to any i can do traces and dns lookups from support>tools
how can i prevent utm (firewall) go to internet??
like in kerio,chekpoint there is a "firewall" instead wan and lan networks,and i can prevent firewall going to internet or block some ports just for a "firewall"/
i put sophos behind another firewall ..and i see after i have create rule any to any block,utm still  going to internet ,and i can acees from wan to webadmin....

sophos utm(as a firewall) always going to Inet ,i can prevent host in lan ,but i cant block the wirewall itself going to internet....

some one knoe i can i prevent firewall going to inet?and how ca i see states thas are opened (states of firewall itself)

i dont want sophos utm sending notification to some smtp service automatic to deadmail.fw-notify.net

how can i control what is going on :)?


thanks



This thread was automatically locked due to age.
Parents
  • 0

    Why would you want to block the firewall itself to internet? By this the firewall is able to download pattern-updates and keep itself up-to-date. If you don't trust the firewall then you shouldn't use it at all.

    Managing several Sophos UTMs and Sophos XGs both at work and at some home locations, dedicated to continuously improve IT-security and feeling well helping others with their IT-security challenges.

    Sometimes I post some useful tips on my blog, see blog.pijnappels.eu/category/sophos/ for Sophos related posts.

  • 0 in reply to apijnappels

    the question is not "trust or don’t trust"… how can I control all traffic from firewall itself? When I creating rule on all interfaces any to any block - ALL TRAFFIC should be blocked! Also firewall itself .I decide which traffic is allowed.so what I see that firewall steel going to iNet. Why I don’t see any loopback traffic on wan lag ?i can see it just in shell..ip tables print , i dont any logs in Sophos logs for loopback traffic So I removed loopback interface ..and changed some other rules (from command prompt),but this is not the way I think it should be "firewall" object/host built-in in UTM,and after installation it shoulbe blocked

Reply
  • 0 in reply to apijnappels

    the question is not "trust or don’t trust"… how can I control all traffic from firewall itself? When I creating rule on all interfaces any to any block - ALL TRAFFIC should be blocked! Also firewall itself .I decide which traffic is allowed.so what I see that firewall steel going to iNet. Why I don’t see any loopback traffic on wan lag ?i can see it just in shell..ip tables print , i dont any logs in Sophos logs for loopback traffic So I removed loopback interface ..and changed some other rules (from command prompt),but this is not the way I think it should be "firewall" object/host built-in in UTM,and after installation it shoulbe blocked

Children
No Data
Unfiltered HTML