Limiting probe port access
SonicAdmin80
Cybersecurity Overlord ✭✭✭
I monitor firewall appliances by probing the port defined in "Failover & LB → Any TCP-SYN to Port".
Due to recent vulnerabilities I wanted to limit which IP address can connect to this port. But there aren't any built-in access rules for this and creating a new WAN→WAN deny rule doesn't do anything.
Looks like this setting completely bypasses any access rules defined. Is there no way to limit who can probe this port?
Category: Entry Level Firewalls
0
Answers
https://www.sonicwall.com/support/technical-documentation/docs/sonicosx-7-0-0-0-system/Content/Failover_LB/faliover-lb-settings.htm
Doesnt seem likely as these settings probably modify system-level functions which are outside the view of management. I suppose a poke around in the diagnostics menu might reveal additional options.
Yea looks like it, couldn't find anything relevant in the diag page.