Join the Conversation

To sign in, use your existing MySonicWall account. To create a free MySonicWall account click "Register".

Having an issue with Appliance being visable to public internet for management

Hi wondering if anyone can help as im pretty new to Sonical wall devices, i have a TZ 570 and im trying to stop the admin interface being vible across the internet unless its accessed by trusted management.

Ive attached screenshot of my rule that i beleive is right, but i can still get to the external IP address of the device from another device. im not sure what im missing

I can see my rule thats created but it has an orange tab next to it and is labelled as an unused rule, i can also see a deafult rule that looks to do the same thing but it has the source address set as any, could this be why i can access it from any device? i cant delete this rule or amend it as i get the rule overlap message

can anyone point me in the right direction please?

Category: Firewall Management and Analytics
Reply

Best Answer

Answers

  • BWCBWC Cybersecurity Overlord ✭✭✭

    @JOELA80 remove your custom Rule "Inbound Firewall Management" and just set GRP_WAN_Trusted Management as Source Address for the Default Management Rules.

    —Michael@BWC

  • joela80joela80 Newbie ✭

    thanks for that reply, that makes sense. i have another question if you can help, the device was set up by a third party and it looks like that inbound rule has been set up as a default rule not custom, is there a way to remove this as its giving me the stop sign icon when i try to delete.

    thanks again

  • BWCBWC Cybersecurity Overlord ✭✭✭

    If you don't want ANY Management Access from the WAN, you might head over to the Network Interface (e.g. X1) and. untick the Management options you dont want.

    Default Rules can be deleted if enabled by Option in the internal settings, but I would not go that route if not really necessary.

    —Michael@BWC

  • joela80joela80 Newbie ✭

    thanks again, i might just do that

    my aim is to stop the interface being visible to anyone that knows the ip address, unless they are part of the trusted group as i may still need wan management.

    will just amending the rules as you mentioned solve this issue? can you point me where i need to be in the internal settings can i access this from the web interface?

  • joela80joela80 Newbie ✭

    many thanks for your help, ive got it sorted

Sign In or Register to comment.