Suggestions to follow when HTTPS management is enabled on the WAN interface
01/09/2023
26 People found this article helpful
238,829 Views
Description
Below are the steps or suggestions to follow in order to secure the firewall when HTTPS management is enabled on the WAN interface to access the firewall interface from outside the network.
Resolution
Resolution for SonicOS 7.X
This release includes significant user interface changes and many new features that are different from the SonicOS 6.5 and earlier firmware. The below resolution is for customers using SonicOS 7.X firmware.
- Kindly have a strong complex password.
- Change the default management HTTPS port from 443 to any custom port to manage or access the firewall.
- Secure the connection to the firewall over the Internet by having a SSL Certificate. (How to use the SSL certificate for WAN Management)
- Navigate to Policy | Rules | Access rules | Zone WAN to WAN Access rules with service HTTPS management. Kindly edit the rule and in Optional settings, enable Enable connection threshold for each source IP addresses and enter the limit.
![Image](https://sonicwall.rightanswers.com/portal/app/portlets/results/onsitehypermedia/090230106698789.png?linkToken=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJzb25pY3dhbGwiLCJleHAiOjE3NTM0OTkyNzIsImlhdCI6MTcyMTk2MzI3Mn0.PN4YPixlN9or1765BMVWA2VtuPfKrLiL9k41rNArTcU)
- Kindly enable TCP flood protection and have the SYN Flood protection mode to Proxy WAN Client Connections When Attack is Suspected.
![Image](https://sonicwall.rightanswers.com/portal/app/portlets/results/onsitehypermedia/090230106738825.png?linkToken=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJzb25pY3dhbGwiLCJleHAiOjE3NTM0OTkyNzIsImlhdCI6MTcyMTk2MzI3Mn0.PN4YPixlN9or1765BMVWA2VtuPfKrLiL9k41rNArTcU)
- Make sure all the security services are enabled.
Resolution for SonicOS 6.5
This release includes significant user interface changes and many new features that are different from the SonicOS 6.2 and earlier firmware. The below resolution is for customers using SonicOS 6.5 firmware.
- Kindly have a strong complex password.
- Change the default management HTTPS port from 443 to any custom port to manage or access the firewall.
- Secure the connection to the firewall over the Internet by having a SSL Certificate. (How to use the SSL certificate for WAN Management)
- Navigate to Manage | Rules | Access rules | Zone WAN to WAN Access rules with service HTTPS management. Kindly edit the rule and in Optional settings, enable Enable connection threshold for each source IP addresses and enter the limit.
![Image](https://sonicwall.rightanswers.com/portal/app/portlets/results/onsitehypermedia/090230106179551.png?linkToken=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJzb25pY3dhbGwiLCJleHAiOjE3NTM0OTkyNzIsImlhdCI6MTcyMTk2MzI3Mn0.PN4YPixlN9or1765BMVWA2VtuPfKrLiL9k41rNArTcU)
- Kindly enable TCP flood protection and have the SYN Flood protection mode to Proxy WAN Client Connections When Attack is Suspected.
![Image](https://sonicwall.rightanswers.com/portal/app/portlets/results/onsitehypermedia/090230106131356.png?linkToken=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJzb25pY3dhbGwiLCJleHAiOjE3NTM0OTkyNzIsImlhdCI6MTcyMTk2MzI3Mn0.PN4YPixlN9or1765BMVWA2VtuPfKrLiL9k41rNArTcU)
- Make sure all the security services are enabled.
Related Articles
Categories
Was This Article Helpful?
YES
NO