Can’t Access Firewall After Netgate [Unwanted] Update

Accessing Netgate IP range even though didn’t add any rules for that

Teri Radichel
Bugs That Bite
Published in
3 min readNov 29, 2024

--

I’m updating my new firewall just received from Netgate and as soon as I set up access ot the internet on HTTPS from the external firewall, the Internal firewall connected to:

208.123.73.69:443

The thing is, I don’t believe I allowed access to port 443 on any of the interfaces. I was in the process of allowing access for one IP range but I don’t believe I had done that yet when I lost access.

So is this traffic going out despite what rules I place on the firewall? That means Netgate could be updating or altering my firewall when I don’t want it to be doing that.

Did I make a mistake? Perhaps. I’ll have to check when I get back in.

So based on this behavior, I would recommend not allowing port 443 or HTTPS access on the external firewall until you see what the internal firewall is doing and if it is obeying the rules you have created.

I have a DENY ALL on WAN and I was in the process of adding HTTPS access for one CIDR on an interface to which my laptop was not connected. I was working on the admin interface described here:

--

--

Bugs That Bite
Bugs That Bite

Published in Bugs That Bite

Helping make the world a better place, one error message at a time.

Teri Radichel
Teri Radichel

Written by Teri Radichel

CEO 2nd Sight Lab | Pentesting | Research | AWS Security Hero | Masters of Infosec & Masters Software Engineering | GSE | IANS | SANS Difference Makers Award