Join the Conversation

To sign in, use your existing MySonicWall account. To create a free MySonicWall account click "Register".

When turn on BGP on Sonicwall look like all ports are open.

Hi support,

I discovered small issue on my firewalls. When I've started use BGP my firewall is open. Look like DROP ALL policy is not working. Could you have a look on it. I thought first time that auto-added rule for BGP opening only port 179 on all interfaces but look like is opening access to all ports.

Regards,

Piotr

Category: Entry Level Firewalls
Reply

Answers

  • BWCBWC Cybersecurity Overlord ✭✭✭

    @Piotr81 full disclosure, I never used BGP on SNWL, but did you verified that the Firewall isn't blocking what it supposed to do?

    Did you checked your ruleset from ANY to LAN for example, is there a Allow Any Rule for that? If not, the implicit Drop All should be effective. Just make sure you're displaying all Rules (Default+Custom) to catch everything.

    --Michael@BWC

  • TonyATonyA SonicWall Employee

    Hi @Piotr81


    What @BWC is suggesting is a good place to start.

    Question - Which Firewall model are you using? How did you determine that all the ports were open? Are these internal facing interfaces (LAN) or External facing interfaces (WAN)?

  • Piotr81Piotr81 Newbie ✭

    Hi TonyA,

    Im using TZ470 and I scanned WAN interface from Linux machine in cloud. I used nmap to check it. From what I observed even my different Sonicwall which do not use BGP showing open ports on the WAN interface. Is this is a normal state that firewall sending wrong information to network scanners? I feel very confused because all my firewalls have similar configuration and they show different ports open. I thought that default policy on WAN-WAN is set to DENY and I do not need set DENY rule on the bottom.

    Thanks,

    Piotr

  • TonyATonyA SonicWall Employee

    hi @Piotr81


    Are they random ports? or known ports like 443, 80, etc?

    Check the WAN to WAN rules to see if there is any rules allowing any traffic.

    If it still looks odd - I would suggest calling our technical support team so they make take a look and clear any doubts.

Sign In or Register to comment.