Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 5 replies
  • Subscribers 3 subscribers
  • Views 12516 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

RED blocking internet access to QNAP and DLINK devices

Paulo Rocada

Hi. I recently came accross this issue.

We have a SG135 UTM with a RED 10 and a RED 15 connecting two branch offices.

The RED devices are in standard/split mode. They were installed using the server deployment helper.

The computers behind the RED are able to use the internet and are correctly redirected to the UTM when desired.

However I realised that a NAS from QNAP and a switch from D-Link were not able to communicate to the internet at all. They can communicate however with the UTM network. These two devices get their IP address from the UTM DHCP server as all the other devices.

First I thought it was related to the fact of being UNIX machines and that they were being blocked somehow to browse the internet, despite the RED being in standard/split mode. However one of the branch offices has two axis cameras, which are also unix machines, and they are able to access the internet with no problems.

To make things more confusing, if i disconnect the QNAP or DLINK switch from the network and I connect them back again, they are able to access the internet for few seconds and then they are cutted off again.

Is there any log files I can look at in the UTM. Can the RED be completely reset so I can be sure there is nothing blocking the internet access. If the NAS and the switch are connected directly to an ISP router, they can access the internet correctly.

Thanks in advance.

 

Paulo



This thread was automatically locked due to age.
  • 0

    Hi, Paulo, and welcome to the UTM Community!

    Does doing #1 in Rulz give you any insight?

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • 0 in reply to BAlfson

    Hi BAlfson. I did check #1 in Rulz with no luck. The other devices on the network are able to browse the internet with no problem.

    This QNAP with mac address starting with 24:5E:BE can't. It it helps if I issue a wget command like wget www.google.com it is able to resolve the name and I can see the IP address of QNAP on the application flow monitor, but nothing else. It can't also use an NTP server to sync time.

    I would like also to refer this again. If I disconnect the port and connect it again I am able to get it working for few seconds then it gets blocked. But I can't find any log where this info might appear.

  • 0 in reply to Paulo Rocada

    OK, this sounds like there might be an IP conflict.  Do the blocked devices have manually-assigned IPs?  If so, are they outside the range of IPs assigned by the UTM's DHCP?

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • 0 in reply to BAlfson

    Both devices get their IP from the DHCP on the UTM. To put aside any conflict with other IP's, L2/L3 switches, I have connected the QNAP to one of the LAN ports of the RED, the WAN port of the RED to the ISP router and my portable to another LAN port of the RED. Everything else disconnected.

    Both my computer and the QNAP get an IP address from the DHCP server on the UTM. They both can ping the UTM internal network as well as the UTM gateway. The computer can ping and browse the web correctly. The QNAP can't. the same behaviour will occur if I connect the DLINK L2 switch.

    Completely lost on this one. Specially because I don't know where to look on the log files, though I suspect that no traffic will go to the UTM if the final destination is the internet.

    So this ends up being the RED. Could it be the UTM is passing wrong information to the RED, but why would this only affect QNAP and DLINK? They had in common the fact of being linux devices, but then an AXIS camera, also linux, connect with no problem.

  • 0 in reply to Paulo Rocada

    I don't understand it either.  If the Web Filtering log doesn't give you any hint, you'll want to get Sophos Support involved ASAP.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Unfiltered HTML