This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Problem with SMTP port 465 SSL in Sophos UTM 9.602-3.1 Home and Proxy SMTP Disable

Hi, I have installed the "Sophos UTM 9.602-3.1 Home" with the "SMTP Proxy disabled" the problem is that it does not allow me to send messages from Microsoft Outlook 2010
(at the time of trying to send it, a poster says that it could not connect to the server). The SMTP configuration that my account uses is:  port 465 SSL. In the log I do not see anything referring to this problem. The funny thing is that if I remove the Sophos UTM and place a common router, messages can be sent without problems from my Microsoft Outlook. Thank you very much for your help.


This thread was automatically locked due to age.
Parents Reply Children
  • Hola Javier,

    First, please check the Firewall Live Log for blocks of port="465" and then show us the corresponding line(s) from the full firewall log file.  One each with srcport="465" and dstport="465" is all we need.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • Hola BAlfson, 

    The funny thing is that in the firewall log when sending messages from Microsoft Outlook nothing appears on port 465.
    The only thing that appears regarding the IP of the equipment with the drawback is this:

    11:08:06 Default DROP TCP  
    192.168.5.199 : 52309
    172.217.192.188 : 5228
     
    [SYN] len=52 ttl=127 tos=0x00 srcmac=60:a4:4c:b0:ae:ad dstmac=38:60:77:4e:1a:1a
    11:08:09 Default DROP TCP  
    192.168.5.199 : 52309
    172.217.192.188 : 5228
     
    [SYN] len=52 ttl=127 tos=0x00 srcmac=60:a4:4c:b0:ae:ad dstmac=38:60:77:4e:1a:1a
    11:08:15 Default DROP TCP  
    192.168.5.199 : 52309
    172.217.192.188 : 5228
     
    [SYN] len=52 ttl=127 tos=0x00 srcmac=60:a4:4c:b0:ae:ad dstmac=38:60:77:4e:1a:1a
    Greetings and thanks for your help.
     
  • Hola Javier,

    If creating a Firewall rule like '{192.168.5.0/24} -> {5228} -> Internet IPv4 : Allow' doesn't solve this, do the following:

    Alone among the logs, the Firewall Live Log presents abbreviated information in a format easier to read quickly.  Usually, you can't troubleshoot without looking at the corresponding line from the full Firewall log file.  Please post one line corresponding to those above.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • Not with that new rule did not work.
    I paste the detail of the complete log:

    2019:07:16-11:08:06 firewall ulogd[11397]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60002" initf="eth0" outitf="eth1" srcmac="60:a4:4c:b0:ae:ad" dstmac="38:60:77:4e:1a:1a" srcip="192.168.5.199" dstip="172.217.192.188" proto="6" length="52" tos="0x00" prec="0x00" ttl="127" srcport="52309" dstport="5228" tcpflags="SYN" 
    2019:07:16-11:08:09 firewall ulogd[11397]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60003" outitf="eth0" srcmac="38:60:77:4e:1a:1a" srcip="172.217.28.163" dstip="192.168.5.123" proto="6" length="40" tos="0x00" prec="0x00" ttl="64" srcport="80" dstport="38536" tcpflags="RST" 
    2019:07:16-11:08:09 firewall ulogd[11397]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60002" initf="eth0" outitf="eth1" srcmac="60:a4:4c:b0:ae:ad" dstmac="38:60:77:4e:1a:1a" srcip="192.168.5.199" dstip="172.217.192.188" proto="6" length="52" tos="0x00" prec="0x00" ttl="127" srcport="52309" dstport="5228" tcpflags="SYN" 

    Thank you
     
  • Please show a picture of the Edit of your Firewall rule.  Double-click on the Network definitions with 'Advanced' open and the Service definition so that the picture includes the Edits of those objects also.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • I attach the images requested.


    With this "DNS" rule I have doubts because if I do not have it enabled I can not surf the internet



    Thank you
     
     
  • Rather than showing the whole page at low resolution, do a screen capture of just the Edit of the firewall rule.  Before you make the screencap, double-click on the Network and Service object so that they are open in Edit and open 'Advanced' in the Network objects.  Organize the Edits so that all can be captured at once.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • Let's see if I understand, is this what you ask me?

    What I was saying is that if I do not have the "4" position rule in the terminals,
    I can not surf the internet. I do not know if this rule is correct.
    Thanks
  • In fact, Javier, the Network definitions are the more suspicious.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA