Problem with SMTP port 465 SSL in Sophos UTM 9.602-3.1 Home and Proxy SMTP Disable

Hi, I have installed the "Sophos UTM 9.602-3.1 Home" with the "SMTP Proxy disabled" the problem is that it does not allow me to send messages from Microsoft Outlook 2010
(at the time of trying to send it, a poster says that it could not connect to the server). The SMTP configuration that my account uses is:  port 465 SSL. In the log I do not see anything referring to this problem. The funny thing is that if I remove the Sophos UTM and place a common router, messages can be sent without problems from my Microsoft Outlook. Thank you very much for your help.
  • Hi Javier,

    do you have a rule allowing port 465 out of the UTM?

    Ian

  • In reply to rfcat_vk:

    No, could you tell me how to create it? I am very new to this.

    Thank you

  • In reply to Javier Lasala:

    Hola Javier,

    First, please check the Firewall Live Log for blocks of port="465" and then show us the corresponding line(s) from the full firewall log file.  One each with srcport="465" and dstport="465" is all we need.

    Cheers - Bob

  • In reply to BAlfson:

    Hola BAlfson, 

    The funny thing is that in the firewall log when sending messages from Microsoft Outlook nothing appears on port 465.
    The only thing that appears regarding the IP of the equipment with the drawback is this:

    11:08:06 Default DROP TCP  
    192.168.5.199 : 52309
    172.217.192.188 : 5228
     
    [SYN] len=52 ttl=127 tos=0x00 srcmac=60:a4:4c:b0:ae:ad dstmac=38:60:77:4e:1a:1a
    11:08:09 Default DROP TCP  
    192.168.5.199 : 52309
    172.217.192.188 : 5228
     
    [SYN] len=52 ttl=127 tos=0x00 srcmac=60:a4:4c:b0:ae:ad dstmac=38:60:77:4e:1a:1a
    11:08:15 Default DROP TCP  
    192.168.5.199 : 52309
    172.217.192.188 : 5228
     
    [SYN] len=52 ttl=127 tos=0x00 srcmac=60:a4:4c:b0:ae:ad dstmac=38:60:77:4e:1a:1a
    Greetings and thanks for your help.
     
  • In reply to Javier Lasala:

    Hola Javier,

    If creating a Firewall rule like '{192.168.5.0/24} -> {5228} -> Internet IPv4 : Allow' doesn't solve this, do the following:

    Alone among the logs, the Firewall Live Log presents abbreviated information in a format easier to read quickly.  Usually, you can't troubleshoot without looking at the corresponding line from the full Firewall log file.  Please post one line corresponding to those above.

    Cheers - Bob

  • In reply to BAlfson:

    Not with that new rule did not work.
    I paste the detail of the complete log:

    2019:07:16-11:08:06 firewall ulogd[11397]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60002" initf="eth0" outitf="eth1" srcmac="60:a4:4c:b0:ae:ad" dstmac="38:60:77:4e:1a:1a" srcip="192.168.5.199" dstip="172.217.192.188" proto="6" length="52" tos="0x00" prec="0x00" ttl="127" srcport="52309" dstport="5228" tcpflags="SYN" 
    2019:07:16-11:08:09 firewall ulogd[11397]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60003" outitf="eth0" srcmac="38:60:77:4e:1a:1a" srcip="172.217.28.163" dstip="192.168.5.123" proto="6" length="40" tos="0x00" prec="0x00" ttl="64" srcport="80" dstport="38536" tcpflags="RST" 
    2019:07:16-11:08:09 firewall ulogd[11397]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60002" initf="eth0" outitf="eth1" srcmac="60:a4:4c:b0:ae:ad" dstmac="38:60:77:4e:1a:1a" srcip="192.168.5.199" dstip="172.217.192.188" proto="6" length="52" tos="0x00" prec="0x00" ttl="127" srcport="52309" dstport="5228" tcpflags="SYN" 

    Thank you
     
  • In reply to Javier Lasala:

    Please show a picture of the Edit of your Firewall rule.  Double-click on the Network definitions with 'Advanced' open and the Service definition so that the picture includes the Edits of those objects also.

    Cheers - Bob

  • In reply to BAlfson:

    I attach the images requested.


    With this "DNS" rule I have doubts because if I do not have it enabled I can not surf the internet



    Thank you
     
     
  • In reply to Javier Lasala:

    Rather than showing the whole page at low resolution, do a screen capture of just the Edit of the firewall rule.  Before you make the screencap, double-click on the Network and Service object so that they are open in Edit and open 'Advanced' in the Network objects.  Organize the Edits so that all can be captured at once.

    Cheers - Bob

  • In reply to BAlfson:

    Let's see if I understand, is this what you ask me?

    What I was saying is that if I do not have the "4" position rule in the terminals,
    I can not surf the internet. I do not know if this rule is correct.
    Thanks
  • In reply to Javier Lasala:

    In fact, Javier, the Network definitions are the more suspicious.

    Cheers - Bob