Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 3 replies
  • Subscribers 5 subscribers
  • Views 6052 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Outbound Port 80 dropped

Daniel S

Hi,

Not quite sure why these packets are being dropped by the firewall, can anyone shed some light?


Firewall Rule (Internal Network is 192.168.55.0/24, Web Surfing contains HTTP / HTTPS / HTTP PROXY / HTTP CACHE):

Web Filter Rule (this rule has no auth required, has the IP of this server in the allowed networks, and the unfiltered policy allows ALL):

 

Thanks, scratching my head... probably something simple :)



This thread was automatically locked due to age.
  • 0

    Try a masquerading rule.

    Choose the Masquerading rule type and then MASQ your internal network to your external interface.

    -

  • 0

    Destination port is not port 80. Has nothing to o with the rules above

  • 0

    Hi Daniel, and welcome to the UTM Community!

    TCP is a very "chatty" protocol, so you can ignore dropped RST packets unless you're having some other problem that might be related.

    The only "interesting" drop in your picture is the first one - an HTTP-response packet from an internal device.  I can only guess that the device at .55.138 is a web server reached by a DNAT on your "External (Address)" - correct?  That the packet was dropped indicates that the connection tracker (conntrack) thought that the connection had terminated.  That would be unusual with an internal device, so I would check for an Ethernet storm or other problem in your network.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Unfiltered HTML