Important note about SSL VPN compatibility for 20.0 MR1 with EoL SFOS versions and UTM9 OS. Learn more in the release notes.

Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 6 replies
  • Subscribers 39 subscribers
  • Views 3251 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Sophos XG - "Support Access" only showing "Connecting to Server"

Andy Hanson

Hopefully a simple issue - we are trying to enable "Sophos Support Access" and have tried Two Weeks, One Month, Two months and all the device says is "Connecting to Server".

XG86 (SFOS 17.5.8 MR-8)



This thread was automatically locked due to age.
Parents
  • 0

    Hi  

    Please refer to the article- https://community.sophos.com/kb/en-us/122784

    Regards,

    Keyur
    Community Support Engineer | Sophos Support
    Sophos Support VideosKnowledge Base  |  @SophosSupport | Sign up for SMS Alerts |
    If a post solves your question use the 'This helped me' link

  • 0 in reply to Keyur

    Hi Keyur

    Thank you for your reply.

    We know how to turn on the Support Access - what is happening is when we do - it only shows "Connecting to server" and doesn't display the ID required.

     

  • 0 in reply to Andy Hanson

    Hi  

    Please turn off the support access first

    Please take SSH access to the device and login to the device console using Option 4.

    Please execute the command console> tcpdump 'host dispatch.apu.sophos.com or dispatch.apu.sophos.com and Enable Support Access and capture that packets, please share the output.

    Regards,

    Keyur
    Community Support Engineer | Sophos Support
    Sophos Support VideosKnowledge Base  |  @SophosSupport | Sign up for SMS Alerts |
    If a post solves your question use the 'This helped me' link

  • 0 in reply to Keyur

    Hi Keyur,

    I hope this helps:

     


    Sophos Firmware Version SFOS 17.5.8 MR-8

    console> tcpdump 'host dispatch.apu.sophos.com'
    tcpdump: Starting Packet Dump
    14:46:27.319473 Port2, IN: IP 54.72.45.94.22 > 194.168.187.226.48552: Flags [S.] , seq 2734257685, ack 3245121103, win 26883, options [mss 1460,nop,nop,sackOK,no p,wscale 7], length 0
    14:46:27.319532 Port2, OUT: IP 194.168.187.226.48552 > 54.72.45.94.22: Flags [.] , ack 1, win 229, length 0
    14:46:27.320002 Port2, OUT: IP 194.168.187.226.48552 > 54.72.45.94.22: Flags [P. ], ack 1, win 229, length 21
    14:46:27.336563 Port2, IN: IP 54.72.45.94.22 > 194.168.187.226.48552: Flags [F.] , seq 1, ack 1, win 211, length 0
    14:46:27.336830 Port2, IN: IP 54.72.45.94.22 > 194.168.187.226.48552: Flags [R], seq 2734257686, win 0, length 0
    14:46:27.336855 Port2, OUT: IP 194.168.187.226.48552 > 54.72.45.94.22: Flags [.] , ack 2, win 229, length 0
    14:46:27.336898 Port2, OUT: IP 194.168.187.226.48552 > 54.72.45.94.22: Flags [F. ], seq 22, ack 2, win 229, length 0
    14:46:27.353644 Port2, IN: IP 54.72.45.94.22 > 194.168.187.226.48552: Flags [R], seq 2734257687, win 0, length 0
    14:46:27.353670 Port2, IN: IP 54.72.45.94.22 > 194.168.187.226.48552: Flags [R], seq 2734257687, win 0, length 0
    14:46:38.342665 Port2, OUT: IP 194.168.187.226.48559 > 54.72.45.94.22: Flags [S], seq 1205511454, win 29200, options [mss 1460,nop,nop,sackOK,nop,wscale 7], length 0
    14:46:38.359575 Port2, IN: IP 54.72.45.94.22 > 194.168.187.226.48559: Flags [S.], seq 799582346, ack 1205511455, win 26883, options [mss 1460,nop,nop,sackOK,nop,wscale 7], length 0
    14:46:38.359640 Port2, OUT: IP 194.168.187.226.48559 > 54.72.45.94.22: Flags [.], ack 1, win 229, length 0
    14:46:38.360180 Port2, OUT: IP 194.168.187.226.48559 > 54.72.45.94.22: Flags [P.], ack 1, win 229, length 21
    14:46:38.376595 Port2, IN: IP 54.72.45.94.22 > 194.168.187.226.48559: Flags [P.], ack 1, win 211, length 12
    14:46:38.376783 Port2, OUT: IP 194.168.187.226.48559 > 54.72.45.94.22: Flags [.], ack 13, win 229, length 0
    14:46:38.376923 Port2, IN: IP 54.72.45.94.22 > 194.168.187.226.48559: Flags [.], ack 22, win 211, length 0
    14:46:38.377337 Port2, OUT: IP 194.168.187.226.48559 > 54.72.45.94.22: Flags [.], ack 13, win 229, length 1460
    14:46:38.377395 Port2, IN: IP 54.72.45.94.22 > 194.168.187.226.48559: Flags [P.], ack 22, win 211, length 464
    14:46:38.377539 Port2, OUT: IP 194.168.187.226.48559 > 54.72.45.94.22: Flags [P.], ack 477, win 237, length 388
    14:46:38.394715 Port2, IN: IP 54.72.45.94.22 > 194.168.187.226.48559: Flags [.], ack 1870, win 256, length 0
    14:46:38.394753 Port2, OUT: IP 194.168.187.226.48559 > 54.72.45.94.22: Flags [P.], ack 477, win 237, length 48
    14:46:38.425338 Port2, IN: IP 54.72.45.94.22 > 194.168.187.226.48559: Flags [P.], ack 1918, win 256, length 1120
    14:46:38.425358 Port2, IN: IP 54.72.45.94.22 > 194.168.187.226.48559: Flags [P.], ack 1918, win 256, length 16
    14:46:38.425373 Port2, OUT: IP 194.168.187.226.48559 > 54.72.45.94.22: Flags [.], ack 1613, win 260, length 0
    14:46:38.426199 Port2, OUT: IP 194.168.187.226.48559 > 54.72.45.94.22: Flags [F.], seq 1918, ack 1613, win 260, length 0
    14:46:38.443238 Port2, IN: IP 54.72.45.94.22 > 194.168.187.226.48559: Flags [F.], seq 1613, ack 1919, win 256, length 0
    14:46:38.443280 Port2, OUT: IP 194.168.187.226.48559 > 54.72.45.94.22: Flags [.], ack 1614, win 260, length 0
    14:46:49.394279 Port2, OUT: IP 194.168.187.226.48566 > 54.72.45.94.22: Flags [S], seq 1077286449, win 29200, options [mss 1460,nop,nop,sackOK,nop,wscale 7], length 0
    14:46:49.411264 Port2, IN: IP 54.72.45.94.22 > 194.168.187.226.48566: Flags [S.], seq 1666731196, ack 1077286450, win 26883, options [mss 1460,nop,nop,sackOK,nop,wscale 7], length 0
    14:46:49.411313 Port2, OUT: IP 194.168.187.226.48566 > 54.72.45.94.22: Flags [.], ack 1, win 229, length 0
    14:46:49.411812 Port2, OUT: IP 194.168.187.226.48566 > 54.72.45.94.22: Flags [P.], ack 1, win 229, length 21
    14:46:49.428666 Port2, IN: IP 54.72.45.94.22 > 194.168.187.226.48566: Flags [.], ack 22, win 211, length 0
    14:46:49.436278 Port2, IN: IP 54.72.45.94.22 > 194.168.187.226.48566: Flags [R.], seq 1, ack 22, win 211, length 0
    14:47:00.418603 Port2, OUT: IP 194.168.187.226.48573 > 54.72.45.94.22: Flags [S], seq 207851965, win 29200, options [mss 1460,nop,nop,sackOK,nop,wscale 7], length 0
    14:47:00.435778 Port2, IN: IP 54.72.45.94.22 > 194.168.187.226.48573: Flags [S.], seq 3881560929, ack 207851966, win 26883, options [mss 1460,nop,nop,sackOK,nop,wscale 7], length 0
    14:47:00.435831 Port2, OUT: IP 194.168.187.226.48573 > 54.72.45.94.22: Flags [.], ack 1, win 229, length 0
    14:47:00.436426 Port2, OUT: IP 194.168.187.226.48573 > 54.72.45.94.22: Flags [P.], ack 1, win 229, length 21
    14:47:00.453144 Port2, IN: IP 54.72.45.94.22 > 194.168.187.226.48573: Flags [P.], ack 1, win 211, length 12
    14:47:00.453353 Port2, OUT: IP 194.168.187.226.48573 > 54.72.45.94.22: Flags [.], ack 13, win 229, length 0
    14:47:00.453579 Port2, IN: IP 54.72.45.94.22 > 194.168.187.226.48573: Flags [.], ack 22, win 211, length 0
    14:47:00.453956 Port2, IN: IP 54.72.45.94.22 > 194.168.187.226.48573: Flags [P.], ack 22, win 211, length 464
    14:47:00.453984 Port2, OUT: IP 194.168.187.226.48573 > 54.72.45.94.22: Flags [.], ack 477, win 237, length 0
    14:47:00.454254 Port2, OUT: IP 194.168.187.226.48573 > 54.72.45.94.22: Flags [.], ack 477, win 237, length 1460
    14:47:00.454427 Port2, OUT: IP 194.168.187.226.48573 > 54.72.45.94.22: Flags [P.], ack 477, win 237, length 388
    14:47:00.471944 Port2, IN: IP 54.72.45.94.22 > 194.168.187.226.48573: Flags [.], ack 1870, win 239, length 0
    14:47:00.471976 Port2, OUT: IP 194.168.187.226.48573 > 54.72.45.94.22: Flags [P.], ack 477, win 237, length 48
    14:47:00.499177 Port2, IN: IP 54.72.45.94.22 > 194.168.187.226.48573: Flags [P.], ack 1918, win 239, length 1120
    14:47:00.499195 Port2, IN: IP 54.72.45.94.22 > 194.168.187.226.48573: Flags [P.], ack 1918, win 239, length 16
    14:47:00.499212 Port2, OUT: IP 194.168.187.226.48573 > 54.72.45.94.22: Flags [.], ack 1613, win 260, length 0
    14:47:00.500070 Port2, OUT: IP 194.168.187.226.48573 > 54.72.45.94.22: Flags [F.], seq 1918, ack 1613, win 260, length 0
    14:47:00.517243 Port2, IN: IP 54.72.45.94.22 > 194.168.187.226.48573: Flags [F.], seq 1613, ack 1919, win 239, length 0
    14:47:00.517275 Port2, OUT: IP 194.168.187.226.48573 > 54.72.45.94.22: Flags [.], ack 1614, win 260, length 0
    14:47:11.450717 Port2, OUT: IP 194.168.187.226.48585 > 54.72.45.94.22: Flags [S], seq 2055262988, win 29200, options [mss 1460,nop,nop,sackOK,nop,wscale 7], length 0
    14:47:11.468309 Port2, IN: IP 54.72.45.94.22 > 194.168.187.226.48585: Flags [S.], seq 4213149154, ack 2055262989, win 26883, options [mss 1460,nop,nop,sackOK,nop,wscale 7], length 0
    14:47:11.468369 Port2, OUT: IP 194.168.187.226.48585 > 54.72.45.94.22: Flags [.], ack 1, win 229, length 0
    14:47:11.468733 Port2, OUT: IP 194.168.187.226.48585 > 54.72.45.94.22: Flags [P.], ack 1, win 229, length 21
    14:47:11.486037 Port2, IN: IP 54.72.45.94.22 > 194.168.187.226.48585: Flags [P.], ack 1, win 211, length 12
    14:47:11.486088 Port2, OUT: IP 194.168.187.226.48585 > 54.72.45.94.22: Flags [.], ack 13, win 229, length 0
    14:47:11.486223 Port2, IN: IP 54.72.45.94.22 > 194.168.187.226.48585: Flags [.], ack 22, win 211, length 0
    14:47:11.486482 Port2, OUT: IP 194.168.187.226.48585 > 54.72.45.94.22: Flags [.], ack 13, win 229, length 1460
    14:47:11.486598 Port2, OUT: IP 194.168.187.226.48585 > 54.72.45.94.22: Flags [P.], ack 13, win 229, length 388
    14:47:11.486650 Port2, IN: IP 54.72.45.94.22 > 194.168.187.226.48585: Flags [P.], ack 22, win 211, length 464
    14:47:11.504611 Port2, IN: IP 54.72.45.94.22 > 194.168.187.226.48585: Flags [.], ack 1870, win 239, length 0
    14:47:11.504646 Port2, OUT: IP 194.168.187.226.48585 > 54.72.45.94.22: Flags [P.], ack 477, win 237, length 48
    14:47:11.532381 Port2, IN: IP 54.72.45.94.22 > 194.168.187.226.48585: Flags [P.], ack 1918, win 239, length 1120
    14:47:11.532408 Port2, IN: IP 54.72.45.94.22 > 194.168.187.226.48585: Flags [P.], ack 1918, win 239, length 16
    14:47:11.532432 Port2, OUT: IP 194.168.187.226.48585 > 54.72.45.94.22: Flags [.], ack 1613, win 260, length 0
    14:47:11.533184 Port2, OUT: IP 194.168.187.226.48585 > 54.72.45.94.22: Flags [F.], seq 1918, ack 1613, win 260, length 0
    14:47:11.550732 Port2, IN: IP 54.72.45.94.22 > 194.168.187.226.48585: Flags [F.], seq 1613, ack 1919, win 239, length 0
    14:47:11.550775 Port2, OUT: IP 194.168.187.226.48585 > 54.72.45.94.22: Flags [.], ack 1614, win 260, length 0
    14:47:22.478634 Port2, OUT: IP 194.168.187.226.48592 > 54.72.45.94.22: Flags [S], seq 912175918, win 29200, options [mss 1460,nop,nop,sackOK,nop,wscale 7], length 0
    14:47:22.495478 Port2, IN: IP 54.72.45.94.22 > 194.168.187.226.48592: Flags [S.], seq 3436714366, ack 912175919, win 26883, options [mss 1460,nop,nop,sackOK,nop,wscale 7], length 0
    14:47:22.495565 Port2, OUT: IP 194.168.187.226.48592 > 54.72.45.94.22: Flags [.], ack 1, win 229, length 0
    14:47:22.495865 Port2, OUT: IP 194.168.187.226.48592 > 54.72.45.94.22: Flags [P.], ack 1, win 229, length 21
    14:47:22.512678 Port2, IN: IP 54.72.45.94.22 > 194.168.187.226.48592: Flags [.], ack 22, win 211, length 0
    14:47:22.517552 Port2, IN: IP 54.72.45.94.22 > 194.168.187.226.48592: Flags [P.], ack 22, win 211, length 12
    14:47:22.517665 Port2, OUT: IP 194.168.187.226.48592 > 54.72.45.94.22: Flags [.], ack 13, win 229, length 0
    14:47:22.517931 Port2, IN: IP 54.72.45.94.22 > 194.168.187.226.48592: Flags [P.], ack 22, win 211, length 464
    14:47:22.517950 Port2, OUT: IP 194.168.187.226.48592 > 54.72.45.94.22: Flags [.], ack 477, win 237, length 0
    14:47:22.518143 Port2, OUT: IP 194.168.187.226.48592 > 54.72.45.94.22: Flags [.], ack 477, win 237, length 1460
    14:47:22.518335 Port2, OUT: IP 194.168.187.226.48592 > 54.72.45.94.22: Flags [P.], ack 477, win 237, length 388
    14:47:22.535473 Port2, IN: IP 54.72.45.94.22 > 194.168.187.226.48592: Flags [.], ack 1870, win 239, length 0
    14:47:22.535503 Port2, OUT: IP 194.168.187.226.48592 > 54.72.45.94.22: Flags [P.], ack 477, win 237, length 48
    14:47:22.562310 Port2, IN: IP 54.72.45.94.22 > 194.168.187.226.48592: Flags [P.], ack 1918, win 239, length 1120
    14:47:22.562324 Port2, IN: IP 54.72.45.94.22 > 194.168.187.226.48592: Flags [P.], ack 1918, win 239, length 16
    14:47:22.562340 Port2, OUT: IP 194.168.187.226.48592 > 54.72.45.94.22: Flags [.], ack 1613, win 260, length 0
    14:47:22.563025 Port2, OUT: IP 194.168.187.226.48592 > 54.72.45.94.22: Flags [F.], seq 1918, ack 1613, win 260, length 0
    14:47:22.579822 Port2, IN: IP 54.72.45.94.22 > 194.168.187.226.48592: Flags [F.], seq 1613, ack 1919, win 239, length 0
    14:47:22.579850 Port2, OUT: IP 194.168.187.226.48592 > 54.72.45.94.22: Flags [.], ack 1614, win 260, length 0
    14:47:33.506614 Port2, OUT: IP 194.168.187.226.48598 > 54.72.45.94.22: Flags [S], seq 873184336, win 29200, options [mss 1460,nop,nop,sackOK,nop,wscale 7], length 0
    14:47:33.523799 Port2, IN: IP 54.72.45.94.22 > 194.168.187.226.48598: Flags [S.], seq 3092087831, ack 873184337, win 26883, options [mss 1460,nop,nop,sackOK,nop,wscale 7], length 0
    14:47:33.523845 Port2, OUT: IP 194.168.187.226.48598 > 54.72.45.94.22: Flags [.], ack 1, win 229, length 0
    14:47:33.524287 Port2, OUT: IP 194.168.187.226.48598 > 54.72.45.94.22: Flags [P.], ack 1, win 229, length 21
    14:47:33.541117 Port2, IN: IP 54.72.45.94.22 > 194.168.187.226.48598: Flags [P.], ack 1, win 211, length 12
    14:47:33.541255 Port2, OUT: IP 194.168.187.226.48598 > 54.72.45.94.22: Flags [.], ack 13, win 229, length 0
    14:47:33.541373 Port2, IN: IP 54.72.45.94.22 > 194.168.187.226.48598: Flags [.], ack 22, win 211, length 0
    14:47:33.541725 Port2, OUT: IP 194.168.187.226.48598 > 54.72.45.94.22: Flags [.], ack 13, win 229, length 1460
    14:47:33.541846 Port2, IN: IP 54.72.45.94.22 > 194.168.187.226.48598: Flags [P.], ack 22, win 211, length 464
    14:47:33.541924 Port2, OUT: IP 194.168.187.226.48598 > 54.72.45.94.22: Flags [P.], ack 477, win 237, length 388
    14:47:33.559409 Port2, IN: IP 54.72.45.94.22 > 194.168.187.226.48598: Flags [.], ack 1870, win 256, length 0
    14:47:33.559439 Port2, OUT: IP 194.168.187.226.48598 > 54.72.45.94.22: Flags [P.], ack 477, win 237, length 48
    14:47:33.590640 Port2, IN: IP 54.72.45.94.22 > 194.168.187.226.48598: Flags [P.], ack 1918, win 256, length 1120
    14:47:33.590662 Port2, IN: IP 54.72.45.94.22 > 194.168.187.226.48598: Flags [P.], ack 1918, win 256, length 16
    14:47:33.590684 Port2, OUT: IP 194.168.187.226.48598 > 54.72.45.94.22: Flags [.], ack 1613, win 260, length 0
    14:47:33.591493 Port2, OUT: IP 194.168.187.226.48598 > 54.72.45.94.22: Flags [F.], seq 1918, ack 1613, win 260, length 0
    14:47:33.621523 Port2, IN: IP 54.72.45.94.22 > 194.168.187.226.48598: Flags [F.], seq 1613, ack 1919, win 256, length 0
    14:47:33.621566 Port2, OUT: IP 194.168.187.226.48598 > 54.72.45.94.22: Flags [.], ack 1614, win 260, length 0
    14:47:44.546334 Port2, OUT: IP 194.168.187.226.48604 > 54.72.45.94.22: Flags [S], seq 1312258231, win 29200, options [mss 1460,nop,nop,sackOK,nop,wscale 7], length 0
    14:47:44.563839 Port2, IN: IP 54.72.45.94.22 > 194.168.187.226.48604: Flags [S.], seq 3221044585, ack 1312258232, win 26883, options [mss 1460,nop,nop,sackOK,nop,wscale 7], length 0
    14:47:44.563888 Port2, OUT: IP 194.168.187.226.48604 > 54.72.45.94.22: Flags [.], ack 1, win 229, length 0
    14:47:44.564350 Port2, OUT: IP 194.168.187.226.48604 > 54.72.45.94.22: Flags [P.], ack 1, win 229, length 21
    14:47:44.581465 Port2, IN: IP 54.72.45.94.22 > 194.168.187.226.48604: Flags [P.], ack 1, win 211, length 12
    14:47:44.581590 Port2, OUT: IP 194.168.187.226.48604 > 54.72.45.94.22: Flags [.], ack 13, win 229, length 0
    14:47:44.581820 Port2, IN: IP 54.72.45.94.22 > 194.168.187.226.48604: Flags [.], ack 22, win 211, length 0
    14:47:44.582066 Port2, OUT: IP 194.168.187.226.48604 > 54.72.45.94.22: Flags [.], ack 13, win 229, length 1460
    14:47:44.582240 Port2, IN: IP 54.72.45.94.22 > 194.168.187.226.48604: Flags [P.], ack 22, win 211, length 464
    14:47:44.582273 Port2, OUT: IP 194.168.187.226.48604 > 54.72.45.94.22: Flags [P.], ack 477, win 237, length 388
    14:47:44.600074 Port2, IN: IP 54.72.45.94.22 > 194.168.187.226.48604: Flags [.], ack 1870, win 256, length 0
    14:47:44.600105 Port2, OUT: IP 194.168.187.226.48604 > 54.72.45.94.22: Flags [P.], ack 477, win 237, length 48
    14:47:44.627655 Port2, IN: IP 54.72.45.94.22 > 194.168.187.226.48604: Flags [P.], ack 1918, win 256, length 1120
    14:47:44.627673 Port2, IN: IP 54.72.45.94.22 > 194.168.187.226.48604: Flags [P.], ack 1918, win 256, length 16
    14:47:44.627692 Port2, OUT: IP 194.168.187.226.48604 > 54.72.45.94.22: Flags [.], ack 1613, win 260, length 0
    14:47:44.628390 Port2, OUT: IP 194.168.187.226.48604 > 54.72.45.94.22: Flags [F.], seq 1918, ack 1613, win 260, length 0
    14:47:44.645878 Port2, IN: IP 54.72.45.94.22 > 194.168.187.226.48604: Flags [F.], seq 1613, ack 1919, win 256, length 0
    14:47:44.645916 Port2, OUT: IP 194.168.187.226.48604 > 54.72.45.94.22: Flags [.], ack 1614, win 260, length 0
    14:47:55.562685 Port2, OUT: IP 194.168.187.226.48611 > 54.72.45.94.22: Flags [S], seq 1529808311, win 29200, options [mss 1460,nop,nop,sackOK,nop,wscale 7], length 0
    14:47:55.580225 Port2, IN: IP 54.72.45.94.22 > 194.168.187.226.48611: Flags [S.], seq 2108276348, ack 1529808312, win 26883, options [mss 1460,nop,nop,sackOK,nop,wscale 7], length 0
    14:47:55.580273 Port2, OUT: IP 194.168.187.226.48611 > 54.72.45.94.22: Flags [.], ack 1, win 229, length 0
    14:47:55.580572 Port2, OUT: IP 194.168.187.226.48611 > 54.72.45.94.22: Flags [P.], ack 1, win 229, length 21
    14:47:55.597853 Port2, IN: IP 54.72.45.94.22 > 194.168.187.226.48611: Flags [F.], seq 1, ack 1, win 211, length 0
    14:47:55.598095 Port2, OUT: IP 194.168.187.226.48611 > 54.72.45.94.22: Flags [F.], seq 22, ack 2, win 229, length 0
    14:47:55.598103 Port2, IN: IP 54.72.45.94.22 > 194.168.187.226.48611: Flags [R], seq 2108276349, win 0, length 0
    14:47:55.615610 Port2, IN: IP 54.72.45.94.22 > 194.168.187.226.48611: Flags [R], seq 2108276350, win 0, length 0
    14:48:06.591719 Port2, OUT: IP 194.168.187.226.48621 > 54.72.45.94.22: Flags [S], seq 668676307, win 29200, options [mss 1460,nop,nop,sackOK,nop,wscale 7], length 0
    14:48:06.608943 Port2, IN: IP 54.72.45.94.22 > 194.168.187.226.48621: Flags [S.], seq 703282976, ack 668676308, win 26883, options [mss 1460,nop,nop,sackOK,nop,wscale 7], length 0
    14:48:06.609039 Port2, OUT: IP 194.168.187.226.48621 > 54.72.45.94.22: Flags [.], ack 1, win 229, length 0
    14:48:06.609328 Port2, OUT: IP 194.168.187.226.48621 > 54.72.45.94.22: Flags [P.], ack 1, win 229, length 21
    14:48:06.626281 Port2, IN: IP 54.72.45.94.22 > 194.168.187.226.48621: Flags [F.], seq 1, ack 1, win 211, length 0
    14:48:06.626532 Port2, IN: IP 54.72.45.94.22 > 194.168.187.226.48621: Flags [R], seq 703282977, win 0, length 0
    14:48:06.626575 Port2, OUT: IP 194.168.187.226.48621 > 54.72.45.94.22: Flags [.], ack 2, win 229, length 0
    14:48:06.626650 Port2, OUT: IP 194.168.187.226.48621 > 54.72.45.94.22: Flags [F.], seq 22, ack 2, win 229, length 0
    14:48:06.643695 Port2, IN: IP 54.72.45.94.22 > 194.168.187.226.48621: Flags [R], seq 703282978, win 0, length 0
    14:48:06.643739 Port2, IN: IP 54.72.45.94.22 > 194.168.187.226.48621: Flags [R], seq 703282978, win 0, length 0
    14:48:17.619396 Port2, OUT: IP 194.168.187.226.48630 > 54.72.45.94.22: Flags [S], seq 1915897832, win 29200, options [mss 1460,nop,nop,sackOK,nop,wscale 7], length 0
    14:48:17.636920 Port2, IN: IP 54.72.45.94.22 > 194.168.187.226.48630: Flags [S.], seq 799842008, ack 1915897833, win 26883, options [mss 1460,nop,nop,sackOK,nop,wscale 7], length 0
    14:48:17.636994 Port2, OUT: IP 194.168.187.226.48630 > 54.72.45.94.22: Flags [.], ack 1, win 229, length 0
    14:48:17.637262 Port2, OUT: IP 194.168.187.226.48630 > 54.72.45.94.22: Flags [P.], ack 1, win 229, length 21
    14:48:17.654618 Port2, IN: IP 54.72.45.94.22 > 194.168.187.226.48630: Flags [P.], ack 1, win 211, length 12
    14:48:17.654676 Port2, OUT: IP 194.168.187.226.48630 > 54.72.45.94.22: Flags [.], ack 13, win 229, length 0
    14:48:17.654807 Port2, IN: IP 54.72.45.94.22 > 194.168.187.226.48630: Flags [.], ack 22, win 211, length 0
    14:48:17.654947 Port2, OUT: IP 194.168.187.226.48630 > 54.72.45.94.22: Flags [.], ack 13, win 229, length 1460
    14:48:17.655039 Port2, OUT: IP 194.168.187.226.48630 > 54.72.45.94.22: Flags [P.], ack 13, win 229, length 388
    14:48:17.655250 Port2, IN: IP 54.72.45.94.22 > 194.168.187.226.48630: Flags [P.], ack 22, win 211, length 464
    14:48:17.672984 Port2, IN: IP 54.72.45.94.22 > 194.168.187.226.48630: Flags [.], ack 1870, win 239, length 0
    14:48:17.673061 Port2, OUT: IP 194.168.187.226.48630 > 54.72.45.94.22: Flags [P.], ack 477, win 237, length 48
    14:48:17.704325 Port2, IN: IP 54.72.45.94.22 > 194.168.187.226.48630: Flags [P.], ack 1918, win 239, length 1120
    14:48:17.704372 Port2, IN: IP 54.72.45.94.22 > 194.168.187.226.48630: Flags [P.], ack 1918, win 239, length 16
    14:48:17.704408 Port2, OUT: IP 194.168.187.226.48630 > 54.72.45.94.22: Flags [.], ack 1613, win 260, length 0
    14:48:17.704945 Port2, OUT: IP 194.168.187.226.48630 > 54.72.45.94.22: Flags [F.], seq 1918, ack 1613, win 260, length 0
    14:48:17.722456 Port2, IN: IP 54.72.45.94.22 > 194.168.187.226.48630: Flags [F.], seq 1613, ack 1919, win 239, length 0
    14:48:17.722539 Port2, OUT: IP 194.168.187.226.48630 > 54.72.45.94.22: Flags [.], ack 1614, win 260, length 0

Reply
  • 0 in reply to Keyur

    Hi Keyur,

    I hope this helps:

     


    Sophos Firmware Version SFOS 17.5.8 MR-8

    console> tcpdump 'host dispatch.apu.sophos.com'
    tcpdump: Starting Packet Dump
    14:46:27.319473 Port2, IN: IP 54.72.45.94.22 > 194.168.187.226.48552: Flags [S.] , seq 2734257685, ack 3245121103, win 26883, options [mss 1460,nop,nop,sackOK,no p,wscale 7], length 0
    14:46:27.319532 Port2, OUT: IP 194.168.187.226.48552 > 54.72.45.94.22: Flags [.] , ack 1, win 229, length 0
    14:46:27.320002 Port2, OUT: IP 194.168.187.226.48552 > 54.72.45.94.22: Flags [P. ], ack 1, win 229, length 21
    14:46:27.336563 Port2, IN: IP 54.72.45.94.22 > 194.168.187.226.48552: Flags [F.] , seq 1, ack 1, win 211, length 0
    14:46:27.336830 Port2, IN: IP 54.72.45.94.22 > 194.168.187.226.48552: Flags [R], seq 2734257686, win 0, length 0
    14:46:27.336855 Port2, OUT: IP 194.168.187.226.48552 > 54.72.45.94.22: Flags [.] , ack 2, win 229, length 0
    14:46:27.336898 Port2, OUT: IP 194.168.187.226.48552 > 54.72.45.94.22: Flags [F. ], seq 22, ack 2, win 229, length 0
    14:46:27.353644 Port2, IN: IP 54.72.45.94.22 > 194.168.187.226.48552: Flags [R], seq 2734257687, win 0, length 0
    14:46:27.353670 Port2, IN: IP 54.72.45.94.22 > 194.168.187.226.48552: Flags [R], seq 2734257687, win 0, length 0
    14:46:38.342665 Port2, OUT: IP 194.168.187.226.48559 > 54.72.45.94.22: Flags [S], seq 1205511454, win 29200, options [mss 1460,nop,nop,sackOK,nop,wscale 7], length 0
    14:46:38.359575 Port2, IN: IP 54.72.45.94.22 > 194.168.187.226.48559: Flags [S.], seq 799582346, ack 1205511455, win 26883, options [mss 1460,nop,nop,sackOK,nop,wscale 7], length 0
    14:46:38.359640 Port2, OUT: IP 194.168.187.226.48559 > 54.72.45.94.22: Flags [.], ack 1, win 229, length 0
    14:46:38.360180 Port2, OUT: IP 194.168.187.226.48559 > 54.72.45.94.22: Flags [P.], ack 1, win 229, length 21
    14:46:38.376595 Port2, IN: IP 54.72.45.94.22 > 194.168.187.226.48559: Flags [P.], ack 1, win 211, length 12
    14:46:38.376783 Port2, OUT: IP 194.168.187.226.48559 > 54.72.45.94.22: Flags [.], ack 13, win 229, length 0
    14:46:38.376923 Port2, IN: IP 54.72.45.94.22 > 194.168.187.226.48559: Flags [.], ack 22, win 211, length 0
    14:46:38.377337 Port2, OUT: IP 194.168.187.226.48559 > 54.72.45.94.22: Flags [.], ack 13, win 229, length 1460
    14:46:38.377395 Port2, IN: IP 54.72.45.94.22 > 194.168.187.226.48559: Flags [P.], ack 22, win 211, length 464
    14:46:38.377539 Port2, OUT: IP 194.168.187.226.48559 > 54.72.45.94.22: Flags [P.], ack 477, win 237, length 388
    14:46:38.394715 Port2, IN: IP 54.72.45.94.22 > 194.168.187.226.48559: Flags [.], ack 1870, win 256, length 0
    14:46:38.394753 Port2, OUT: IP 194.168.187.226.48559 > 54.72.45.94.22: Flags [P.], ack 477, win 237, length 48
    14:46:38.425338 Port2, IN: IP 54.72.45.94.22 > 194.168.187.226.48559: Flags [P.], ack 1918, win 256, length 1120
    14:46:38.425358 Port2, IN: IP 54.72.45.94.22 > 194.168.187.226.48559: Flags [P.], ack 1918, win 256, length 16
    14:46:38.425373 Port2, OUT: IP 194.168.187.226.48559 > 54.72.45.94.22: Flags [.], ack 1613, win 260, length 0
    14:46:38.426199 Port2, OUT: IP 194.168.187.226.48559 > 54.72.45.94.22: Flags [F.], seq 1918, ack 1613, win 260, length 0
    14:46:38.443238 Port2, IN: IP 54.72.45.94.22 > 194.168.187.226.48559: Flags [F.], seq 1613, ack 1919, win 256, length 0
    14:46:38.443280 Port2, OUT: IP 194.168.187.226.48559 > 54.72.45.94.22: Flags [.], ack 1614, win 260, length 0
    14:46:49.394279 Port2, OUT: IP 194.168.187.226.48566 > 54.72.45.94.22: Flags [S], seq 1077286449, win 29200, options [mss 1460,nop,nop,sackOK,nop,wscale 7], length 0
    14:46:49.411264 Port2, IN: IP 54.72.45.94.22 > 194.168.187.226.48566: Flags [S.], seq 1666731196, ack 1077286450, win 26883, options [mss 1460,nop,nop,sackOK,nop,wscale 7], length 0
    14:46:49.411313 Port2, OUT: IP 194.168.187.226.48566 > 54.72.45.94.22: Flags [.], ack 1, win 229, length 0
    14:46:49.411812 Port2, OUT: IP 194.168.187.226.48566 > 54.72.45.94.22: Flags [P.], ack 1, win 229, length 21
    14:46:49.428666 Port2, IN: IP 54.72.45.94.22 > 194.168.187.226.48566: Flags [.], ack 22, win 211, length 0
    14:46:49.436278 Port2, IN: IP 54.72.45.94.22 > 194.168.187.226.48566: Flags [R.], seq 1, ack 22, win 211, length 0
    14:47:00.418603 Port2, OUT: IP 194.168.187.226.48573 > 54.72.45.94.22: Flags [S], seq 207851965, win 29200, options [mss 1460,nop,nop,sackOK,nop,wscale 7], length 0
    14:47:00.435778 Port2, IN: IP 54.72.45.94.22 > 194.168.187.226.48573: Flags [S.], seq 3881560929, ack 207851966, win 26883, options [mss 1460,nop,nop,sackOK,nop,wscale 7], length 0
    14:47:00.435831 Port2, OUT: IP 194.168.187.226.48573 > 54.72.45.94.22: Flags [.], ack 1, win 229, length 0
    14:47:00.436426 Port2, OUT: IP 194.168.187.226.48573 > 54.72.45.94.22: Flags [P.], ack 1, win 229, length 21
    14:47:00.453144 Port2, IN: IP 54.72.45.94.22 > 194.168.187.226.48573: Flags [P.], ack 1, win 211, length 12
    14:47:00.453353 Port2, OUT: IP 194.168.187.226.48573 > 54.72.45.94.22: Flags [.], ack 13, win 229, length 0
    14:47:00.453579 Port2, IN: IP 54.72.45.94.22 > 194.168.187.226.48573: Flags [.], ack 22, win 211, length 0
    14:47:00.453956 Port2, IN: IP 54.72.45.94.22 > 194.168.187.226.48573: Flags [P.], ack 22, win 211, length 464
    14:47:00.453984 Port2, OUT: IP 194.168.187.226.48573 > 54.72.45.94.22: Flags [.], ack 477, win 237, length 0
    14:47:00.454254 Port2, OUT: IP 194.168.187.226.48573 > 54.72.45.94.22: Flags [.], ack 477, win 237, length 1460
    14:47:00.454427 Port2, OUT: IP 194.168.187.226.48573 > 54.72.45.94.22: Flags [P.], ack 477, win 237, length 388
    14:47:00.471944 Port2, IN: IP 54.72.45.94.22 > 194.168.187.226.48573: Flags [.], ack 1870, win 239, length 0
    14:47:00.471976 Port2, OUT: IP 194.168.187.226.48573 > 54.72.45.94.22: Flags [P.], ack 477, win 237, length 48
    14:47:00.499177 Port2, IN: IP 54.72.45.94.22 > 194.168.187.226.48573: Flags [P.], ack 1918, win 239, length 1120
    14:47:00.499195 Port2, IN: IP 54.72.45.94.22 > 194.168.187.226.48573: Flags [P.], ack 1918, win 239, length 16
    14:47:00.499212 Port2, OUT: IP 194.168.187.226.48573 > 54.72.45.94.22: Flags [.], ack 1613, win 260, length 0
    14:47:00.500070 Port2, OUT: IP 194.168.187.226.48573 > 54.72.45.94.22: Flags [F.], seq 1918, ack 1613, win 260, length 0
    14:47:00.517243 Port2, IN: IP 54.72.45.94.22 > 194.168.187.226.48573: Flags [F.], seq 1613, ack 1919, win 239, length 0
    14:47:00.517275 Port2, OUT: IP 194.168.187.226.48573 > 54.72.45.94.22: Flags [.], ack 1614, win 260, length 0
    14:47:11.450717 Port2, OUT: IP 194.168.187.226.48585 > 54.72.45.94.22: Flags [S], seq 2055262988, win 29200, options [mss 1460,nop,nop,sackOK,nop,wscale 7], length 0
    14:47:11.468309 Port2, IN: IP 54.72.45.94.22 > 194.168.187.226.48585: Flags [S.], seq 4213149154, ack 2055262989, win 26883, options [mss 1460,nop,nop,sackOK,nop,wscale 7], length 0
    14:47:11.468369 Port2, OUT: IP 194.168.187.226.48585 > 54.72.45.94.22: Flags [.], ack 1, win 229, length 0
    14:47:11.468733 Port2, OUT: IP 194.168.187.226.48585 > 54.72.45.94.22: Flags [P.], ack 1, win 229, length 21
    14:47:11.486037 Port2, IN: IP 54.72.45.94.22 > 194.168.187.226.48585: Flags [P.], ack 1, win 211, length 12
    14:47:11.486088 Port2, OUT: IP 194.168.187.226.48585 > 54.72.45.94.22: Flags [.], ack 13, win 229, length 0
    14:47:11.486223 Port2, IN: IP 54.72.45.94.22 > 194.168.187.226.48585: Flags [.], ack 22, win 211, length 0
    14:47:11.486482 Port2, OUT: IP 194.168.187.226.48585 > 54.72.45.94.22: Flags [.], ack 13, win 229, length 1460
    14:47:11.486598 Port2, OUT: IP 194.168.187.226.48585 > 54.72.45.94.22: Flags [P.], ack 13, win 229, length 388
    14:47:11.486650 Port2, IN: IP 54.72.45.94.22 > 194.168.187.226.48585: Flags [P.], ack 22, win 211, length 464
    14:47:11.504611 Port2, IN: IP 54.72.45.94.22 > 194.168.187.226.48585: Flags [.], ack 1870, win 239, length 0
    14:47:11.504646 Port2, OUT: IP 194.168.187.226.48585 > 54.72.45.94.22: Flags [P.], ack 477, win 237, length 48
    14:47:11.532381 Port2, IN: IP 54.72.45.94.22 > 194.168.187.226.48585: Flags [P.], ack 1918, win 239, length 1120
    14:47:11.532408 Port2, IN: IP 54.72.45.94.22 > 194.168.187.226.48585: Flags [P.], ack 1918, win 239, length 16
    14:47:11.532432 Port2, OUT: IP 194.168.187.226.48585 > 54.72.45.94.22: Flags [.], ack 1613, win 260, length 0
    14:47:11.533184 Port2, OUT: IP 194.168.187.226.48585 > 54.72.45.94.22: Flags [F.], seq 1918, ack 1613, win 260, length 0
    14:47:11.550732 Port2, IN: IP 54.72.45.94.22 > 194.168.187.226.48585: Flags [F.], seq 1613, ack 1919, win 239, length 0
    14:47:11.550775 Port2, OUT: IP 194.168.187.226.48585 > 54.72.45.94.22: Flags [.], ack 1614, win 260, length 0
    14:47:22.478634 Port2, OUT: IP 194.168.187.226.48592 > 54.72.45.94.22: Flags [S], seq 912175918, win 29200, options [mss 1460,nop,nop,sackOK,nop,wscale 7], length 0
    14:47:22.495478 Port2, IN: IP 54.72.45.94.22 > 194.168.187.226.48592: Flags [S.], seq 3436714366, ack 912175919, win 26883, options [mss 1460,nop,nop,sackOK,nop,wscale 7], length 0
    14:47:22.495565 Port2, OUT: IP 194.168.187.226.48592 > 54.72.45.94.22: Flags [.], ack 1, win 229, length 0
    14:47:22.495865 Port2, OUT: IP 194.168.187.226.48592 > 54.72.45.94.22: Flags [P.], ack 1, win 229, length 21
    14:47:22.512678 Port2, IN: IP 54.72.45.94.22 > 194.168.187.226.48592: Flags [.], ack 22, win 211, length 0
    14:47:22.517552 Port2, IN: IP 54.72.45.94.22 > 194.168.187.226.48592: Flags [P.], ack 22, win 211, length 12
    14:47:22.517665 Port2, OUT: IP 194.168.187.226.48592 > 54.72.45.94.22: Flags [.], ack 13, win 229, length 0
    14:47:22.517931 Port2, IN: IP 54.72.45.94.22 > 194.168.187.226.48592: Flags [P.], ack 22, win 211, length 464
    14:47:22.517950 Port2, OUT: IP 194.168.187.226.48592 > 54.72.45.94.22: Flags [.], ack 477, win 237, length 0
    14:47:22.518143 Port2, OUT: IP 194.168.187.226.48592 > 54.72.45.94.22: Flags [.], ack 477, win 237, length 1460
    14:47:22.518335 Port2, OUT: IP 194.168.187.226.48592 > 54.72.45.94.22: Flags [P.], ack 477, win 237, length 388
    14:47:22.535473 Port2, IN: IP 54.72.45.94.22 > 194.168.187.226.48592: Flags [.], ack 1870, win 239, length 0
    14:47:22.535503 Port2, OUT: IP 194.168.187.226.48592 > 54.72.45.94.22: Flags [P.], ack 477, win 237, length 48
    14:47:22.562310 Port2, IN: IP 54.72.45.94.22 > 194.168.187.226.48592: Flags [P.], ack 1918, win 239, length 1120
    14:47:22.562324 Port2, IN: IP 54.72.45.94.22 > 194.168.187.226.48592: Flags [P.], ack 1918, win 239, length 16
    14:47:22.562340 Port2, OUT: IP 194.168.187.226.48592 > 54.72.45.94.22: Flags [.], ack 1613, win 260, length 0
    14:47:22.563025 Port2, OUT: IP 194.168.187.226.48592 > 54.72.45.94.22: Flags [F.], seq 1918, ack 1613, win 260, length 0
    14:47:22.579822 Port2, IN: IP 54.72.45.94.22 > 194.168.187.226.48592: Flags [F.], seq 1613, ack 1919, win 239, length 0
    14:47:22.579850 Port2, OUT: IP 194.168.187.226.48592 > 54.72.45.94.22: Flags [.], ack 1614, win 260, length 0
    14:47:33.506614 Port2, OUT: IP 194.168.187.226.48598 > 54.72.45.94.22: Flags [S], seq 873184336, win 29200, options [mss 1460,nop,nop,sackOK,nop,wscale 7], length 0
    14:47:33.523799 Port2, IN: IP 54.72.45.94.22 > 194.168.187.226.48598: Flags [S.], seq 3092087831, ack 873184337, win 26883, options [mss 1460,nop,nop,sackOK,nop,wscale 7], length 0
    14:47:33.523845 Port2, OUT: IP 194.168.187.226.48598 > 54.72.45.94.22: Flags [.], ack 1, win 229, length 0
    14:47:33.524287 Port2, OUT: IP 194.168.187.226.48598 > 54.72.45.94.22: Flags [P.], ack 1, win 229, length 21
    14:47:33.541117 Port2, IN: IP 54.72.45.94.22 > 194.168.187.226.48598: Flags [P.], ack 1, win 211, length 12
    14:47:33.541255 Port2, OUT: IP 194.168.187.226.48598 > 54.72.45.94.22: Flags [.], ack 13, win 229, length 0
    14:47:33.541373 Port2, IN: IP 54.72.45.94.22 > 194.168.187.226.48598: Flags [.], ack 22, win 211, length 0
    14:47:33.541725 Port2, OUT: IP 194.168.187.226.48598 > 54.72.45.94.22: Flags [.], ack 13, win 229, length 1460
    14:47:33.541846 Port2, IN: IP 54.72.45.94.22 > 194.168.187.226.48598: Flags [P.], ack 22, win 211, length 464
    14:47:33.541924 Port2, OUT: IP 194.168.187.226.48598 > 54.72.45.94.22: Flags [P.], ack 477, win 237, length 388
    14:47:33.559409 Port2, IN: IP 54.72.45.94.22 > 194.168.187.226.48598: Flags [.], ack 1870, win 256, length 0
    14:47:33.559439 Port2, OUT: IP 194.168.187.226.48598 > 54.72.45.94.22: Flags [P.], ack 477, win 237, length 48
    14:47:33.590640 Port2, IN: IP 54.72.45.94.22 > 194.168.187.226.48598: Flags [P.], ack 1918, win 256, length 1120
    14:47:33.590662 Port2, IN: IP 54.72.45.94.22 > 194.168.187.226.48598: Flags [P.], ack 1918, win 256, length 16
    14:47:33.590684 Port2, OUT: IP 194.168.187.226.48598 > 54.72.45.94.22: Flags [.], ack 1613, win 260, length 0
    14:47:33.591493 Port2, OUT: IP 194.168.187.226.48598 > 54.72.45.94.22: Flags [F.], seq 1918, ack 1613, win 260, length 0
    14:47:33.621523 Port2, IN: IP 54.72.45.94.22 > 194.168.187.226.48598: Flags [F.], seq 1613, ack 1919, win 256, length 0
    14:47:33.621566 Port2, OUT: IP 194.168.187.226.48598 > 54.72.45.94.22: Flags [.], ack 1614, win 260, length 0
    14:47:44.546334 Port2, OUT: IP 194.168.187.226.48604 > 54.72.45.94.22: Flags [S], seq 1312258231, win 29200, options [mss 1460,nop,nop,sackOK,nop,wscale 7], length 0
    14:47:44.563839 Port2, IN: IP 54.72.45.94.22 > 194.168.187.226.48604: Flags [S.], seq 3221044585, ack 1312258232, win 26883, options [mss 1460,nop,nop,sackOK,nop,wscale 7], length 0
    14:47:44.563888 Port2, OUT: IP 194.168.187.226.48604 > 54.72.45.94.22: Flags [.], ack 1, win 229, length 0
    14:47:44.564350 Port2, OUT: IP 194.168.187.226.48604 > 54.72.45.94.22: Flags [P.], ack 1, win 229, length 21
    14:47:44.581465 Port2, IN: IP 54.72.45.94.22 > 194.168.187.226.48604: Flags [P.], ack 1, win 211, length 12
    14:47:44.581590 Port2, OUT: IP 194.168.187.226.48604 > 54.72.45.94.22: Flags [.], ack 13, win 229, length 0
    14:47:44.581820 Port2, IN: IP 54.72.45.94.22 > 194.168.187.226.48604: Flags [.], ack 22, win 211, length 0
    14:47:44.582066 Port2, OUT: IP 194.168.187.226.48604 > 54.72.45.94.22: Flags [.], ack 13, win 229, length 1460
    14:47:44.582240 Port2, IN: IP 54.72.45.94.22 > 194.168.187.226.48604: Flags [P.], ack 22, win 211, length 464
    14:47:44.582273 Port2, OUT: IP 194.168.187.226.48604 > 54.72.45.94.22: Flags [P.], ack 477, win 237, length 388
    14:47:44.600074 Port2, IN: IP 54.72.45.94.22 > 194.168.187.226.48604: Flags [.], ack 1870, win 256, length 0
    14:47:44.600105 Port2, OUT: IP 194.168.187.226.48604 > 54.72.45.94.22: Flags [P.], ack 477, win 237, length 48
    14:47:44.627655 Port2, IN: IP 54.72.45.94.22 > 194.168.187.226.48604: Flags [P.], ack 1918, win 256, length 1120
    14:47:44.627673 Port2, IN: IP 54.72.45.94.22 > 194.168.187.226.48604: Flags [P.], ack 1918, win 256, length 16
    14:47:44.627692 Port2, OUT: IP 194.168.187.226.48604 > 54.72.45.94.22: Flags [.], ack 1613, win 260, length 0
    14:47:44.628390 Port2, OUT: IP 194.168.187.226.48604 > 54.72.45.94.22: Flags [F.], seq 1918, ack 1613, win 260, length 0
    14:47:44.645878 Port2, IN: IP 54.72.45.94.22 > 194.168.187.226.48604: Flags [F.], seq 1613, ack 1919, win 256, length 0
    14:47:44.645916 Port2, OUT: IP 194.168.187.226.48604 > 54.72.45.94.22: Flags [.], ack 1614, win 260, length 0
    14:47:55.562685 Port2, OUT: IP 194.168.187.226.48611 > 54.72.45.94.22: Flags [S], seq 1529808311, win 29200, options [mss 1460,nop,nop,sackOK,nop,wscale 7], length 0
    14:47:55.580225 Port2, IN: IP 54.72.45.94.22 > 194.168.187.226.48611: Flags [S.], seq 2108276348, ack 1529808312, win 26883, options [mss 1460,nop,nop,sackOK,nop,wscale 7], length 0
    14:47:55.580273 Port2, OUT: IP 194.168.187.226.48611 > 54.72.45.94.22: Flags [.], ack 1, win 229, length 0
    14:47:55.580572 Port2, OUT: IP 194.168.187.226.48611 > 54.72.45.94.22: Flags [P.], ack 1, win 229, length 21
    14:47:55.597853 Port2, IN: IP 54.72.45.94.22 > 194.168.187.226.48611: Flags [F.], seq 1, ack 1, win 211, length 0
    14:47:55.598095 Port2, OUT: IP 194.168.187.226.48611 > 54.72.45.94.22: Flags [F.], seq 22, ack 2, win 229, length 0
    14:47:55.598103 Port2, IN: IP 54.72.45.94.22 > 194.168.187.226.48611: Flags [R], seq 2108276349, win 0, length 0
    14:47:55.615610 Port2, IN: IP 54.72.45.94.22 > 194.168.187.226.48611: Flags [R], seq 2108276350, win 0, length 0
    14:48:06.591719 Port2, OUT: IP 194.168.187.226.48621 > 54.72.45.94.22: Flags [S], seq 668676307, win 29200, options [mss 1460,nop,nop,sackOK,nop,wscale 7], length 0
    14:48:06.608943 Port2, IN: IP 54.72.45.94.22 > 194.168.187.226.48621: Flags [S.], seq 703282976, ack 668676308, win 26883, options [mss 1460,nop,nop,sackOK,nop,wscale 7], length 0
    14:48:06.609039 Port2, OUT: IP 194.168.187.226.48621 > 54.72.45.94.22: Flags [.], ack 1, win 229, length 0
    14:48:06.609328 Port2, OUT: IP 194.168.187.226.48621 > 54.72.45.94.22: Flags [P.], ack 1, win 229, length 21
    14:48:06.626281 Port2, IN: IP 54.72.45.94.22 > 194.168.187.226.48621: Flags [F.], seq 1, ack 1, win 211, length 0
    14:48:06.626532 Port2, IN: IP 54.72.45.94.22 > 194.168.187.226.48621: Flags [R], seq 703282977, win 0, length 0
    14:48:06.626575 Port2, OUT: IP 194.168.187.226.48621 > 54.72.45.94.22: Flags [.], ack 2, win 229, length 0
    14:48:06.626650 Port2, OUT: IP 194.168.187.226.48621 > 54.72.45.94.22: Flags [F.], seq 22, ack 2, win 229, length 0
    14:48:06.643695 Port2, IN: IP 54.72.45.94.22 > 194.168.187.226.48621: Flags [R], seq 703282978, win 0, length 0
    14:48:06.643739 Port2, IN: IP 54.72.45.94.22 > 194.168.187.226.48621: Flags [R], seq 703282978, win 0, length 0
    14:48:17.619396 Port2, OUT: IP 194.168.187.226.48630 > 54.72.45.94.22: Flags [S], seq 1915897832, win 29200, options [mss 1460,nop,nop,sackOK,nop,wscale 7], length 0
    14:48:17.636920 Port2, IN: IP 54.72.45.94.22 > 194.168.187.226.48630: Flags [S.], seq 799842008, ack 1915897833, win 26883, options [mss 1460,nop,nop,sackOK,nop,wscale 7], length 0
    14:48:17.636994 Port2, OUT: IP 194.168.187.226.48630 > 54.72.45.94.22: Flags [.], ack 1, win 229, length 0
    14:48:17.637262 Port2, OUT: IP 194.168.187.226.48630 > 54.72.45.94.22: Flags [P.], ack 1, win 229, length 21
    14:48:17.654618 Port2, IN: IP 54.72.45.94.22 > 194.168.187.226.48630: Flags [P.], ack 1, win 211, length 12
    14:48:17.654676 Port2, OUT: IP 194.168.187.226.48630 > 54.72.45.94.22: Flags [.], ack 13, win 229, length 0
    14:48:17.654807 Port2, IN: IP 54.72.45.94.22 > 194.168.187.226.48630: Flags [.], ack 22, win 211, length 0
    14:48:17.654947 Port2, OUT: IP 194.168.187.226.48630 > 54.72.45.94.22: Flags [.], ack 13, win 229, length 1460
    14:48:17.655039 Port2, OUT: IP 194.168.187.226.48630 > 54.72.45.94.22: Flags [P.], ack 13, win 229, length 388
    14:48:17.655250 Port2, IN: IP 54.72.45.94.22 > 194.168.187.226.48630: Flags [P.], ack 22, win 211, length 464
    14:48:17.672984 Port2, IN: IP 54.72.45.94.22 > 194.168.187.226.48630: Flags [.], ack 1870, win 239, length 0
    14:48:17.673061 Port2, OUT: IP 194.168.187.226.48630 > 54.72.45.94.22: Flags [P.], ack 477, win 237, length 48
    14:48:17.704325 Port2, IN: IP 54.72.45.94.22 > 194.168.187.226.48630: Flags [P.], ack 1918, win 239, length 1120
    14:48:17.704372 Port2, IN: IP 54.72.45.94.22 > 194.168.187.226.48630: Flags [P.], ack 1918, win 239, length 16
    14:48:17.704408 Port2, OUT: IP 194.168.187.226.48630 > 54.72.45.94.22: Flags [.], ack 1613, win 260, length 0
    14:48:17.704945 Port2, OUT: IP 194.168.187.226.48630 > 54.72.45.94.22: Flags [F.], seq 1918, ack 1613, win 260, length 0
    14:48:17.722456 Port2, IN: IP 54.72.45.94.22 > 194.168.187.226.48630: Flags [F.], seq 1613, ack 1919, win 239, length 0
    14:48:17.722539 Port2, OUT: IP 194.168.187.226.48630 > 54.72.45.94.22: Flags [.], ack 1614, win 260, length 0

Children
  • 0 in reply to Andy Hanson

    Hi  

    Thank you for providing packet capture.

    There is TCP 3 way handshake with the server.


    14:46:38.342665 Port2, OUT: IP 194.168.187.226.48559 > 54.72.45.94.22: Flags [S] seq 1205511454, win 29200, options [mss 1460,nop,nop,sackOK,nop,wscale 7], length 0
    14:46:38.359575 Port2, IN: IP 54.72.45.94.22 > 194.168.187.226.48559: Flags [S.], seq 799582346, ack 1205511455, win 26883, options [mss 1460,nop,nop,sackOK,nop,wscale 7], length 0
    14:46:38.359640 Port2, OUT: IP 194.168.187.226.48559 > 54.72.45.94.22: Flags [.], ack 1, win 229, length 0


    But after a few Push packets, there is a finishing packet from 194.168.187.226

    14:46:38.425373 Port2, OUT: IP 194.168.187.226.48559 > 54.72.45.94.22: Flags [.], ack 1613, win 260, length 0
    14:46:38.426199 Port2, OUT: IP 194.168.187.226.48559 > 54.72.45.94.22: Flags [F.], seq 1918, ack 1613, win 260, length 0
    14:46:38.443238 Port2, IN: IP 54.72.45.94.22 > 194.168.187.226.48559: Flags [F.], seq 1613, ack 1919, win 256, length 0

    I would request you to contact technical support and open a service request to investigate the issue further.

    Regards,

    Keyur
    Community Support Engineer | Sophos Support
    Sophos Support VideosKnowledge Base  |  @SophosSupport | Sign up for SMS Alerts |
    If a post solves your question use the 'This helped me' link

  • 0 in reply to Keyur

    Thank you Keyur, we will add your notes to a ticket.

Unfiltered HTML