Options

My Firebox allows ping to go through but not http https in other vlan.

clarence.phoonclarence.phoon
in Firebox - Networking, Multi-Wan, VLAN, NAT, SD-WAN

From my wifi, I can ping an address from another subnet.
The firebox is the gateway.
But I cannot http or https into that ip address unless it is in vlan 1.
How do I check the logs for this?
What should I do?
Thanks.

Comments

  • Options
    Bruce_BriggsBruce_Briggs

    You have a Ping policy in your config which allows this access.
    You do not have a HTTP or HTTPS policy in your config which allows this access.
    Look at Traffic Monitor to see denied packets.
    To see packets allowed by a policy, you need to modify that policy and select Logging -> Send log message

  • Options
    clarence.phoonclarence.phoon

    Say my gateway of the watchguard is 192.168.1.254.
    I can ping my watchguard but cannot http, https in.
    It is the same reason?

  • Options
    Bruce_BriggsBruce_Briggs

    Yes.
    You need a policy to allow any packets through the firewall.
    The default Outgoing policy will allow most packet types to the Internet.

    To allow Internet traffic to an internal HTTP/HTTPS server, you will need to add those polices, using SNAT in the To: field.

Sign In to comment.