What does it mean when a new networking device has its indicator lights flashing and you can connect to the Internet...

What does it mean when a new networking device has its indicator lights flashing and you can connect to the Internet through it, but it doesn't show up in an NMap scan? The device in question is pic related (it's a proprietary hardware firewall). Can't seem to access it through the serial port either.

Attached: DSCN9711.jpg (865x556, 162K)

try to:
1. power it off (unplug the cord)
2. connect the serial port
3. power it on

Can't tell if trolling or would actually work.

>but it doesn't show up in an NMap scan
nmap isn't magic, if nothing replies to its probes obviously it can't make assumptions.
Since you're probing a dedicated hardware firewall which is probably configured to resist any sort of attacks, how does this surprise you?

Good point. I'll try omitting the pings and just scanning port 80, since I know it has an HTTP interface (that's how you're supposed to set it up actually, but the address given in the booklet wasn't working and when I went to register the device at the website to get the feature key I got a 500 Internal Server Error).

I don't know if this applies to firewalls but for home use routers the default gateway is generally also the ip for the web interface.
also if it has multiple ethernet ports it's possible only one of them can be used for administrative access

Have you scanned for open ports on that device’s address?

Well, topologically, the firewall is not acting as a gateway. It's bridging two LAN segments. So both sides of the firewall have the same address space and the default gateway is the router for the household LAN, which I don't control since I'm in a retard house. (That's mostly why I wanted my own hardware firewall in the first place. It allows me to have a choke point on my own LAN segment and control the security policy for all my connected devices.)

As for the second point, that may be the case. The booklet tells you to connect WAN1 to the gateway and LAN0 to the LAN. I've got LAN0 connected to my WiFi/Ethernet bridge and LAN1 connected to my personal network's switch, so maybe if I switched them around I would be able to access the firewall through Ethernet.

I don't know the address. That's what I'm trying to determine by doing the NMap scan.

oh, right. are you running windows? maybe it shows up on the "Network" location in explorer

That's a watchguard firebox, even if it has a serial port it does not have a serial console, don't waste your time. The management port for these is 8080.

If it's not your box there's a good chance that the local management port is disabled and the firewall is being controlled from the Watchguard System Manager Server, maybe from another location, if you can browse the internet but cannot open the management page on the 8080 port this is probably the case (that's how I manage my fireboxes).

On a normal configuration Lan0 should be the internal (Trusted) network and wan1 should be the internet (external), the rest of the ports are not configured and unless someone bridged them together is not going to work like a switch, plug your internet on wan1 and your switch to lan0, then connect the wifi ethernet to the switch.

By the way, if you do a factory reset your won't be able to reconfigure it because these things are licensed with feature keys, and the installation will ask you for one, so I hope you are not tinkering with something from your job or something like that...

I reckon you're picking your IP from the house gateway, but these sorts of non-consumer-grade gadgets tend to have static IP addresses. You might get lucky and it has it's own DHCP server: disconnect from the rest of the network, renew lease, and see.

This. Do NOT ignore that serial port, it's usually a highway directly into the machine's brain. You're probably not getting a response because you haven't set your serial options wrong. It's almost always 8-N-1, but speed varies widely. 9600bps is probably the most common, 2400bps slightly less common, I've seen a lot of 19200bps and 115200bps gear, even met a 57600bps once - so just try them all one by one. And note the serial port won't magically respond on connection (it ain't Telnet): press enter a few times to tell the gadget you're there.

It's only a little thing by the looks of it (five port?), so I doubt it's going to have a dedicated admin port.

Ahh good, someone who knows about these things. I took a quick look at the website, but since it didn't give me manuals, datasheets, etc. absolutely instantly, I gave up in disgust.

Tell me though, why does it have a serial port if it's not console access? Another shit-tier firmware upgrade port or something?

i'd suggest poking around with a serial breakout box and oscilloscope, they're probably doing something faggy and non-compliant on the pinout. a cisco cable certainly won't work, i don't know why you'd expect it to, nothing ever fucking works in proprietary portland.
once you've guessed the bauds&tbits, it's literally press enter for login prompt, "admin" "readwrite" and then you hack the gibson.

Yeah, I figured control of the device is somewhat centralized, since the manual says you have to register the device on the company's website for it to work. I tried doing that earlier and got an internal server error when I submitted my serial number. I reported the error, so hopefully they will have fixed it in a couple days. If not I'll probably call their tech support line.

>even if it has a serial port it does not have a serial console
How does one interface with a serial port if not through a serial console? Is there a graphical interface to it?

>By the way, if you do a factory reset your won't be able to reconfigure it because these things are licensed with feature keys, and the installation will ask you for one
Is the Reset button on the back panel for factory reset? I already pressed that a couple of times when I was trying to get the firewall to show up on my computer. I hope that didn't ruin it. I haven't gotten the feature key yet, so hopefully I didn't fuck anything up. What does a feature key do anyway?

(Checked)
I've had far more to do with enterprise gear (fully managed switches, etc.) though. Over the years, I've met precisely one device that didn't have an ordinary 9-pin DSUB serial port - that one device (an Allied Telesyn - unfriendly as fuck, but surprisingly capable; it was no Cisco, but gave plenty of Netgears and HPs a run for their money) had an RJ-45 admin port that was actually serial (don't recall what line they threw away to use 8 pins). Quick trip to Jaycar for a customisable adapter and 10 minutes wiring it got me in.

>Ahh good, someone who knows about these things. I took a quick look at the website, but since it didn't give me manuals, datasheets, etc. absolutely instantly, I gave up in disgust.
I know, right? This thing is so obscure and so poorly documented, I've been having a hell of a time figuring out how to get it working. I originally found it in a thrift shop, ended up basically destroying it because I thought a piece of metal that was in the power port wasn't supposed to be there and was blocking the port. Turned out the inner radius of my power adapter was too small, which was something I only learned after buying a second one new on Ebay for $20 plus shipping, because the WatchGuard website gave no indication of the specs of the power adapter other than its voltage, current, and power ratings. I probably should have just chucked it and found a more well-documented low-end firewall that wasn't locked down by the vendor, but I don't know a thing about security appliances, so I would be utterly lost either way. Besides, I paid good money for this firewall, and for the last one that I ruined, so I'm not about to just let it collect dust.

OK, I thought I was just being lazy. I'm used to Cisco and Netgear's sites: type the name of the device, get web page with "Datasheet/Manual/CLI guide/whatever Download" buttons all over it. The concept of even remotely hiding information about a device is so alien to me, if they don't make it one click - unless I'm being paid - into the trash it goes.

>Turned out the inner radius of my power adapter was too small
I had to kek, because this a pretty noob thing to do. But at least you learned, and won't be doing that again!

Protip for anybody listening who has the opposite problem (tip diameter too large): just roll up a piece of ordinary kitchen foil into a rod-like shape, and throw it down the tip. Plug in, and suddenly gadget works.

Attached: 1542118989512.gif (640x360, 439K)

Mah nigger! I've used this trick myself when I got stuck somewhere without my laptop charger.

Yeah, I basically never did anything with hardware until a few months ago. I can code like a pro, but when it comes to basic hardware stuff, I'm a total n00b.

try different baud rates

bump

(ASDFGDFF!F!)
SO close.

>Tell me though, why does it have a serial port if it's not console access? Another shit-tier firmware upgrade port or something?

Probably some kind of diag port that only their support know how it works, these devices are full of ports not used at all, like PCMCIA card slots or disk bays without disks...

>How does one interface with a serial port if not through a serial console? Is there a graphical interface to it?

They have both, the WSM and webgui, on the 8080 tcp port.

>Is the Reset button on the back panel for factory reset? I already pressed that a couple of times when I was trying to get the firewall to show up on my computer. I hope that didn't ruin it. I haven't gotten the feature key yet, so hopefully I didn't fuck anything up. What does a feature key do

The reset works like a normal reset button, you need to keep it pressed for some time when it boots (20secs?) to revert to factory default.

Do *not* buy watchguard devices second hand, every device is registered on someone else's account, and even is supported and want to buy the livesecurity support you'll need to have that device, currently on someone's else account, transfer to yours which is a royal pain the ass.

Without that you are locked without upgrades and you won't be able to do a factory reset if something bad happens.

Also, if you buy them and have a seller install it for you (because, for example, is on the other side of the globe) make sure that you register it on your account first and them provide the onsite tech the feature key & firmware update, this is a common trick partners use to "tie" you to their services, basically kidnapping your firewall.