This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Outbound TCP Rule

LookOut over 9 years ago

I am using Sophos Enterprise Console version 5.2.1.197 on a Windows based server.

I am having problems getting the outbound TCP rule to work without generating firewall events.

A sample firewall event would be:

Event type: No global rule

Direction: Outbound

Protocol: TCP

Remote Port: 80

Remote Address: 54.177.147.99

I have set up a global rule called Outbound TCP Rule which is a high priority rule. The settings for this rule are:

Protocol: Stateful TCP

Direction: Outbound

Remote Address: *.*.*.*

Local address: Local network

Remote Port: HTTP, HTTPS

Allow

Can someone please explain why firewall events are still being generated with this rule in place? I have tried to make the allowed connection as broad as possible in an attempt to see where the problem may be coming from, but so far no luck.

To the best of my knowledge, there are no other conflicting rules.

I apologize in advance for being generally competent with Sophos, but I am certainly no expert in this area.

Any assistance would be greatly appreciated.

Thank you!

This thread was automatically locked due to age.

Parents

0 QC over 9 years ago

Hello LookOut,
which SESC/SCF version and which Windows version on the endpoint? I've added such a rule (although one normally doesn't specify a local address) and it is triggered correctly. Do use a secondary location?
Christian
:55305
Cancel
Vote Up 0 Vote Down

Cancel

Reply

0 QC over 9 years ago

Hello LookOut,
which SESC/SCF version and which Windows version on the endpoint? I've added such a rule (although one normally doesn't specify a local address) and it is triggered correctly. Do use a secondary location?
Christian
:55305
Cancel
Vote Up 0 Vote Down

Cancel

Children

No Data