SSL Inspection and smtp.office365.com Port 587

Hello Community,

I have an interesting problem with an HP Pro 477dw printer and sending email via Office 365. When SSL Inspection is turned on on the firewall, it takes about 5 minutes for mail to be sent via smtp.office365.com (port 587 SSL/TLS). SSL Inspection on the firewall is configured to inspect only HTTPS (port 443). So traffic on port 587 should not go through SSL inspection.

If I completely disable SSL inspection on the firewall, sending mails via Office 365 is very fast. As soon as I turn SSL inspection back on, sending mails takes a very long time again. All exceptions (Local TLS exclusion list, Microsoft Windows Update Original) do not change this obsolescence.

It is sufficient that the SSL inspection is switched on on the XG for the sending of the mails to be slow. Even if I disable all SSL rules, it remains slow.
When I look at the whole thing with the tcpdump, I see a communication between the printer and Office 365 with the pause:

17:19:47.824285 Port1, IN: ethertype IPv4, IP 192.168.42.30.41979 > 52.98.152.178.587: Flags [S], seq 3597158390, win 29200, options [mss 1460,sackOK,TS val 634304 ecr 0,nop,wscale 6], length 0
17:19:47.824289 Port1.42, IN: IP 192.168.42.30.41979 > 52.98.152.178.587: Flags [S], seq 3597158390, win 29200, options [mss 1460,sackOK,TS val 634304 ecr 0,nop,wscale 6], length 0
17:19:47.856069 Port1.42, OUT: IP 52.98.152.178.587 > 192.168.42.30.41979: Flags [S.], seq 4277304867, ack 3597158391, win 8190, options [mss 1440,nop,wscale 4,nop,nop,sackOK], length 0
17:19:47.856294 Port1, IN: ethertype IPv4, IP 192.168.42.30.41979 > 52.98.152.178.587: Flags [.], ack 1, win 457, length 0
17:19:47.856296 Port1.42, IN: IP 192.168.42.30.41979 > 52.98.152.178.587: Flags [.], ack 1, win 457, length 0
17:19:47.856702 Port1, IN: ethertype IPv4, IP 192.168.42.30.41979 > 52.98.152.178.587: Flags [P.], seq 1:119, ack 1, win 457, length 118
17:19:47.856703 Port1.42, IN: IP 192.168.42.30.41979 > 52.98.152.178.587: Flags [P.], seq 1:119, ack 1, win 457, length 118
17:19:47.856924 Port1.42, OUT: IP 52.98.152.178.587 > 192.168.42.30.41979: Flags [.], ack 119, win 4106, length 0
17:19:47.961184 Port1.42, OUT: IP 52.98.152.178.587 > 192.168.42.30.41979: Flags [.], ack 119, win 4106, length 0


[5 Minutes pause]


17:24:48.055477 Port1.42, OUT: IP 52.98.152.178.587 > 192.168.42.30.41979: Flags [R.], seq 1, ack 119, win 4106, length 0
17:24:48.057143 Port1, IN: ethertype IPv4, IP 192.168.42.30.41981 > 52.98.152.178.587: Flags [S], seq 2111075026, win 29200, options [mss 1460,sackOK,TS val 664325 ecr 0,nop,wscale 6], length 0
17:24:48.057147 Port1.42, IN: IP 192.168.42.30.41981 > 52.98.152.178.587: Flags [S], seq 2111075026, win 29200, options [mss 1460,sackOK,TS val 664325 ecr 0,nop,wscale 6], length 0
17:24:48.086083 Port1.42, OUT: IP 52.98.152.178.587 > 192.168.42.30.41981: Flags [S.], seq 3648884178, ack 2111075027, win 8190, options [mss 1440,nop,wscale 4,nop,nop,sackOK], length 0
17:24:48.086619 Port1, IN: ethertype IPv4, IP 192.168.42.30.41981 > 52.98.152.178.587: Flags [.], ack 1, win 457, length 0
17:24:48.086622 Port1.42, IN: IP 192.168.42.30.41981 > 52.98.152.178.587: Flags [.], ack 1, win 457, length 0
17:24:48.115542 Port1.42, OUT: IP 52.98.152.178.587 > 192.168.42.30.41981: Flags [P.], seq 1:112, ack 1, win 65535, length 111
17:24:48.115976 Port1, IN: ethertype IPv4, IP 192.168.42.30.41981 > 52.98.152.178.587: Flags [.], ack 112, win 457, length 0
17:24:48.115979 Port1.42, IN: IP 192.168.42.30.41981 > 52.98.152.178.587: Flags [.], ack 112, win 457, length 0
17:24:48.116471 Port1, IN: ethertype IPv4, IP 192.168.42.30.41981 > 52.98.152.178.587: Flags [P.], seq 1:16, ack 112, win 457, length 15
17:24:48.116474 Port1.42, IN: IP 192.168.42.30.41981 > 52.98.152.178.587: Flags [P.], seq 1:16, ack 112, win 457, length 15
17:24:48.143443 Port1.42, OUT: IP 52.98.152.178.587 > 192.168.42.30.41981: Flags [P.], seq 112:317, ack 16, win 65535, length 205
17:24:48.150365 Port1, IN: ethertype IPv4, IP 192.168.42.30.41981 > 52.98.152.178.587: Flags [P.], seq 16:26, ack 317, win 473, length 10
17:24:48.150367 Port1.42, IN: IP 192.168.42.30.41981 > 52.98.152.178.587: Flags [P.], seq 16:26, ack 317, win 473, length 10
17:24:48.176936 Port1.42, OUT: IP 52.98.152.178.587 > 192.168.42.30.41981: Flags [P.], seq 317:346, ack 26, win 65535, length 29
17:24:48.178673 Port1, IN: ethertype IPv4, IP 192.168.42.30.41981 > 52.98.152.178.587: Flags [P.], seq 26:144, ack 346, win 473, length 118
17:24:48.178676 Port1.42, IN: IP 192.168.42.30.41981 > 52.98.152.178.587: Flags [P.], seq 26:144, ack 346, win 473, length 118
17:24:48.178899 Port1.42, OUT: IP 52.98.152.178.587 > 192.168.42.30.41981: Flags [.], ack 144, win 4106, length 0
17:24:48.227155 Port1.42, OUT: IP 52.98.152.178.587 > 192.168.42.30.41981: Flags [.], seq 346:1806, ack 144, win 4106, length 1460
17:24:48.227222 Port1.42, OUT: IP 52.98.152.178.587 > 192.168.42.30.41981: Flags [.], seq 1806:3266, ack 144, win 4106, length 1460
17:24:48.227273 Port1.42, OUT: IP 52.98.152.178.587 > 192.168.42.30.41981: Flags [P.], seq 3266:3833, ack 144, win 4106, length 567
17:24:48.228110 Port1, IN: ethertype IPv4, IP 192.168.42.30.41981 > 52.98.152.178.587: Flags [.], ack 3266, win 565, length 0
17:24:48.228113 Port1.42, IN: IP 192.168.42.30.41981 > 52.98.152.178.587: Flags [.], ack 3266, win 565, length 0
17:24:48.258411 Port1, IN: ethertype IPv4, IP 192.168.42.30.41981 > 52.98.152.178.587: Flags [.], ack 3833, win 610, length 0
17:24:48.258413 Port1.42, IN: IP 192.168.42.30.41981 > 52.98.152.178.587: Flags [.], ack 3833, win 610, length 0
17:24:48.263035 Port1, IN: ethertype IPv4, IP 192.168.42.30.41981 > 52.98.152.178.587: Flags [P.], seq 144:474, ack 3833, win 610, length 330
17:24:48.263038 Port1.42, IN: IP 192.168.42.30.41981 > 52.98.152.178.587: Flags [P.], seq 144:474, ack 3833, win 610, length 330
17:24:48.290753 Port1.42, OUT: IP 52.98.152.178.587 > 192.168.42.30.41981: Flags [P.], seq 3833:3884, ack 474, win 4106, length 51
17:24:48.291367 Port1, IN: ethertype IPv4, IP 192.168.42.30.41981 > 52.98.152.178.587: Flags [.], ack 3884, win 610, length 0
17:24:48.291371 Port1.42, IN: IP 192.168.42.30.41981 > 52.98.152.178.587: Flags [.], ack 3884, win 610, length 0
17:24:48.294358 Port1, IN: ethertype IPv4, IP 192.168.42.30.41981 > 52.98.152.178.587: Flags [P.], seq 474:518, ack 3884, win 610, length 44
17:24:48.294361 Port1.42, IN: IP 192.168.42.30.41981 > 52.98.152.178.587: Flags [P.], seq 474:518, ack 3884, win 610, length 44
17:24:48.321151 Port1.42, OUT: IP 52.98.152.178.587 > 192.168.42.30.41981: Flags [P.], seq 3884:4128, ack 518, win 65535, length 244
17:24:48.322534 Port1, IN: ethertype IPv4, IP 192.168.42.30.41981 > 52.98.152.178.587: Flags [P.], seq 518:559, ack 4128, win 656, length 41
17:24:48.322537 Port1.42, IN: IP 192.168.42.30.41981 > 52.98.152.178.587: Flags [P.], seq 518:559, ack 4128, win 656, length 41
17:24:48.349072 Port1.42, OUT: IP 52.98.152.178.587 > 192.168.42.30.41981: Flags [P.], seq 4128:4175, ack 559, win 65535, length 47
17:24:48.350147 Port1, IN: ethertype IPv4, IP 192.168.42.30.41981 > 52.98.152.178.587: Flags [P.], seq 559:626, ack 4175, win 656, length 67
17:24:48.350149 Port1.42, IN: IP 192.168.42.30.41981 > 52.98.152.178.587: Flags [P.], seq 559:626, ack 4175, win 656, length 67
17:24:48.376598 Port1.42, OUT: IP 52.98.152.178.587 > 192.168.42.30.41981: Flags [P.], seq 4175:4222, ack 626, win 65535, length 47
17:24:48.377619 Port1, IN: ethertype IPv4, IP 192.168.42.30.41981 > 52.98.152.178.587: Flags [P.], seq 626:677, ack 4222, win 656, length 51
17:24:48.377621 Port1.42, IN: IP 192.168.42.30.41981 > 52.98.152.178.587: Flags [P.], seq 626:677, ack 4222, win 656, length 51
17:24:48.423934 Port1.42, OUT: IP 52.98.152.178.587 > 192.168.42.30.41981: Flags [.], ack 677, win 65535, length 0
17:24:48.783047 Port1.42, OUT: IP 52.98.152.178.587 > 192.168.42.30.41981: Flags [P.], seq 4222:4288, ack 677, win 65535, length 66
17:24:48.784217 Port1, IN: ethertype IPv4, IP 192.168.42.30.41981 > 52.98.152.178.587: Flags [P.], seq 677:747, ack 4288, win 656, length 70
17:24:48.784220 Port1.42, IN: IP 192.168.42.30.41981 > 52.98.152.178.587: Flags [P.], seq 677:747, ack 4288, win 656, length 70
17:24:48.821932 Port1.42, OUT: IP 52.98.152.178.587 > 192.168.42.30.41981: Flags [P.], seq 4288:4338, ack 747, win 65535, length 50
17:24:48.822992 Port1, IN: ethertype IPv4, IP 192.168.42.30.41981 > 52.98.152.178.587: Flags [P.], seq 747:807, ack 4338, win 656, length 60
17:24:48.822994 Port1.42, IN: IP 192.168.42.30.41981 > 52.98.152.178.587: Flags [P.], seq 747:807, ack 4338, win 656, length 60
17:24:48.858110 Port1.42, OUT: IP 52.98.152.178.587 > 192.168.42.30.41981: Flags [P.], seq 4338:4391, ack 807, win 65535, length 53
17:24:48.859217 Port1, IN: ethertype IPv4, IP 192.168.42.30.41981 > 52.98.152.178.587: Flags [P.], seq 807:842, ack 4391, win 656, length 35
17:24:48.859220 Port1.42, IN: IP 192.168.42.30.41981 > 52.98.152.178.587: Flags [P.], seq 807:842, ack 4391, win 656, length 35
17:24:48.894529 Port1.42, OUT: IP 52.98.152.178.587 > 192.168.42.30.41981: Flags [P.], seq 4391:4466, ack 842, win 65535, length 75
17:24:48.895496 Port1, IN: ethertype IPv4, IP 192.168.42.30.41981 > 52.98.152.178.587: Flags [P.], seq 842:877, ack 4466, win 656, length 35
17:24:48.895500 Port1.42, IN: IP 192.168.42.30.41981 > 52.98.152.178.587: Flags [P.], seq 842:877, ack 4466, win 656, length 35
17:24:48.942335 Port1.42, OUT: IP 52.98.152.178.587 > 192.168.42.30.41981: Flags [.], ack 877, win 65535, length 0
17:24:48.942951 Port1, IN: ethertype IPv4, IP 192.168.42.30.41981 > 52.98.152.178.587: Flags [P.], seq 877:2066, ack 4466, win 656, length 1189
17:24:48.942954 Port1.42, IN: IP 192.168.42.30.41981 > 52.98.152.178.587: Flags [P.], seq 877:2066, ack 4466, win 656, length 1189
17:24:48.990327 Port1.42, OUT: IP 52.98.152.178.587 > 192.168.42.30.41981: Flags [.], ack 2066, win 65535, length 0
17:24:49.064054 Port1.42, OUT: IP 52.98.152.178.587 > 192.168.42.30.41981: Flags [P.], seq 4466:4585, ack 2066, win 65535, length 119
17:24:49.065056 Port1, IN: ethertype IPv4, IP 192.168.42.30.41981 > 52.98.152.178.587: Flags [P.], seq 2066:2101, ack 4585, win 656, length 35
17:24:49.065059 Port1.42, IN: IP 192.168.42.30.41981 > 52.98.152.178.587: Flags [P.], seq 2066:2101, ack 4585, win 656, length 35
17:24:49.067368 Port1, IN: ethertype IPv4, IP 192.168.42.30.41981 > 52.98.152.178.587: Flags [FP.], seq 2101:2132, ack 4585, win 656, length 31
17:24:49.067370 Port1.42, IN: IP 192.168.42.30.41981 > 52.98.152.178.587: Flags [FP.], seq 2101:2132, ack 4585, win 656, length 31
17:24:49.094551 Port1.42, OUT: IP 52.98.152.178.587 > 192.168.42.30.41981: Flags [.], ack 2133, win 65535, length 0
17:24:49.095434 Port1.42, OUT: IP 52.98.152.178.587 > 192.168.42.30.41981: Flags [F.], seq 4585, ack 2133, win 65535, length 0
17:24:49.095851 Port1, IN: ethertype IPv4, IP 192.168.42.30.41981 > 52.98.152.178.587: Flags [.], ack 4586, win 656, length 0
17:24:49.095853 Port1.42, IN: IP 192.168.42.30.41981 > 52.98.152.178.587: Flags [.], ack 4586, win 656, length 0

Without SSL Inspection it looks like this:

17:26:27.014903 Port1, IN: ethertype IPv4, IP 192.168.42.30.44469 > 52.98.152.242.587: Flags [S], seq 1895870530, win 29200, options [mss 1460,sackOK,TS val 674221 ecr 0,nop,wscale 6], length 0
17:26:27.014906 Port1.42, IN: IP 192.168.42.30.44469 > 52.98.152.242.587: Flags [S], seq 1895870530, win 29200, options [mss 1460,sackOK,TS val 674221 ecr 0,nop,wscale 6], length 0
17:26:27.043961 Port1.42, OUT: IP 52.98.152.242.587 > 192.168.42.30.44469: Flags [S.], seq 3766787557, ack 1895870531, win 8190, options [mss 1440,nop,wscale 4,nop,nop,sackOK], length 0
17:26:27.044140 Port1, IN: ethertype IPv4, IP 192.168.42.30.44469 > 52.98.152.242.587: Flags [.], ack 1, win 457, length 0
17:26:27.044143 Port1.42, IN: IP 192.168.42.30.44469 > 52.98.152.242.587: Flags [.], ack 1, win 457, length 0
17:26:27.044399 Port1, IN: ethertype IPv4, IP 192.168.42.30.44469 > 52.98.152.242.587: Flags [P.], seq 1:119, ack 1, win 457, length 118
17:26:27.044401 Port1.42, IN: IP 192.168.42.30.44469 > 52.98.152.242.587: Flags [P.], seq 1:119, ack 1, win 457, length 118
17:26:27.073768 Port1.42, OUT: IP 52.98.152.242.587 > 192.168.42.30.44469: Flags [P.], seq 1:112, ack 1, win 65535, length 111
17:26:27.073941 Port1, IN: ethertype IPv4, IP 192.168.42.30.44469 > 52.98.152.242.587: Flags [.], ack 112, win 457, length 0
17:26:27.073944 Port1.42, IN: IP 192.168.42.30.44469 > 52.98.152.242.587: Flags [.], ack 112, win 457, length 0
17:26:27.074050 Port1, IN: ethertype IPv4, IP 192.168.42.30.44469 > 52.98.152.242.587: Flags [R.], seq 119, ack 112, win 457, length 0
17:26:27.074052 Port1.42, IN: IP 192.168.42.30.44469 > 52.98.152.242.587: Flags [R.], seq 119, ack 112, win 457, length 0
17:26:27.074144 Port1, IN: ethertype IPv4, IP 192.168.42.30.44470 > 52.98.152.242.587: Flags [S], seq 2672864145, win 29200, options [mss 1460,sackOK,TS val 674226 ecr 0,nop,wscale 6], length 0
17:26:27.074149 Port1.42, IN: IP 192.168.42.30.44470 > 52.98.152.242.587: Flags [S], seq 2672864145, win 29200, options [mss 1460,sackOK,TS val 674226 ecr 0,nop,wscale 6], length 0
17:26:27.092932 Port1.42, OUT: IP 52.98.152.242.587 > 192.168.42.30.44469: Flags [.], ack 119, win 65535, length 0
17:26:27.093094 Port1, IN: ethertype IPv4, IP 192.168.42.30.44469 > 52.98.152.242.587: Flags [R], seq 1895870649, win 0, length 017:26:27.093097 Port1.42, IN: IP 192.168.42.30.44469 > 52.98.152.242.587: Flags [R], seq 1895870649, win 0, length 0
17:26:27.102648 Port1.42, OUT: IP 52.98.152.242.587 > 192.168.42.30.44470: Flags [S.], seq 104696859, ack 2672864146, win 8190, options [mss 1440,nop,wscale 4,nop,nop,sackOK], length 0
17:26:27.102835 Port1, IN: ethertype IPv4, IP 192.168.42.30.44470 > 52.98.152.242.587: Flags [.], ack 1, win 457, length 0
17:26:27.102842 Port1.42, IN: IP 192.168.42.30.44470 > 52.98.152.242.587: Flags [.], ack 1, win 457, length 0
17:26:27.131814 Port1.42, OUT: IP 52.98.152.242.587 > 192.168.42.30.44470: Flags [P.], seq 1:112, ack 1, win 65535, length 111
17:26:27.132002 Port1, IN: ethertype IPv4, IP 192.168.42.30.44470 > 52.98.152.242.587: Flags [.], ack 112, win 457, length 0
17:26:27.132009 Port1.42, IN: IP 192.168.42.30.44470 > 52.98.152.242.587: Flags [.], ack 112, win 457, length 0
17:26:27.132054 Port1, IN: ethertype IPv4, IP 192.168.42.30.44470 > 52.98.152.242.587: Flags [P.], seq 1:16, ack 112, win 457, length 15
17:26:27.132056 Port1.42, IN: IP 192.168.42.30.44470 > 52.98.152.242.587: Flags [P.], seq 1:16, ack 112, win 457, length 15
17:26:27.159336 Port1.42, OUT: IP 52.98.152.242.587 > 192.168.42.30.44470: Flags [P.], seq 112:317, ack 16, win 65535, length 20517:26:27.160425 Port1, IN: ethertype IPv4, IP 192.168.42.30.44470 > 52.98.152.242.587: Flags [P.], seq 16:26, ack 317, win 473, length 10
17:26:27.160430 Port1.42, IN: IP 192.168.42.30.44470 > 52.98.152.242.587: Flags [P.], seq 16:26, ack 317, win 473, length 10
17:26:27.186888 Port1.42, OUT: IP 52.98.152.242.587 > 192.168.42.30.44470: Flags [P.], seq 317:346, ack 26, win 65535, length 29
17:26:27.187259 Port1, IN: ethertype IPv4, IP 192.168.42.30.44470 > 52.98.152.242.587: Flags [P.], seq 26:144, ack 346, win 473, length 118
17:26:27.187264 Port1.42, IN: IP 192.168.42.30.44470 > 52.98.152.242.587: Flags [P.], seq 26:144, ack 346, win 473, length 118
17:26:27.214697 Port1.42, OUT: IP 52.98.152.242.587 > 192.168.42.30.44470: Flags [.], seq 346:1786, ack 144, win 65535, length 1440
17:26:27.214710 Port1.42, OUT: IP 52.98.152.242.587 > 192.168.42.30.44470: Flags [.], seq 1786:3226, ack 144, win 65535, length 1440
17:26:27.214927 Port1.42, OUT: IP 52.98.152.242.587 > 192.168.42.30.44470: Flags [P.], seq 3226:3833, ack 144, win 65535, length 607
17:26:27.215131 Port1, IN: ethertype IPv4, IP 192.168.42.30.44470 > 52.98.152.242.587: Flags [.], ack 3226, win 565, length 0
17:26:27.215137 Port1.42, IN: IP 192.168.42.30.44470 > 52.98.152.242.587: Flags [.], ack 3226, win 565, length 0
17:26:27.219588 Port1, IN: ethertype IPv4, IP 192.168.42.30.44470 > 52.98.152.242.587: Flags [P.], seq 144:474, ack 3833, win 610, length 330
17:26:27.219591 Port1.42, IN: IP 192.168.42.30.44470 > 52.98.152.242.587: Flags [P.], seq 144:474, ack 3833, win 610, length 330
17:26:27.247423 Port1.42, OUT: IP 52.98.152.242.587 > 192.168.42.30.44470: Flags [P.], seq 3833:3884, ack 474, win 65535, length 51
17:26:27.248032 Port1, IN: ethertype IPv4, IP 192.168.42.30.44470 > 52.98.152.242.587: Flags [P.], seq 474:518, ack 3884, win 610, length 44
17:26:27.248037 Port1.42, IN: IP 192.168.42.30.44470 > 52.98.152.242.587: Flags [P.], seq 474:518, ack 3884, win 610, length 44
17:26:27.274718 Port1.42, OUT: IP 52.98.152.242.587 > 192.168.42.30.44470: Flags [P.], seq 3884:4128, ack 518, win 65535, length 244
17:26:27.275059 Port1, IN: ethertype IPv4, IP 192.168.42.30.44470 > 52.98.152.242.587: Flags [P.], seq 518:559, ack 4128, win 655, length 41
17:26:27.275065 Port1.42, IN: IP 192.168.42.30.44470 > 52.98.152.242.587: Flags [P.], seq 518:559, ack 4128, win 655, length 41
17:26:27.301523 Port1.42, OUT: IP 52.98.152.242.587 > 192.168.42.30.44470: Flags [P.], seq 4128:4175, ack 559, win 65535, length 47
17:26:27.301824 Port1, IN: ethertype IPv4, IP 192.168.42.30.44470 > 52.98.152.242.587: Flags [P.], seq 559:626, ack 4175, win 655, length 67
17:26:27.301830 Port1.42, IN: IP 192.168.42.30.44470 > 52.98.152.242.587: Flags [P.], seq 559:626, ack 4175, win 655, length 67
17:26:27.328631 Port1.42, OUT: IP 52.98.152.242.587 > 192.168.42.30.44470: Flags [P.], seq 4175:4222, ack 626, win 65535, length 47
17:26:27.328892 Port1, IN: ethertype IPv4, IP 192.168.42.30.44470 > 52.98.152.242.587: Flags [P.], seq 626:677, ack 4222, win 655, length 51
17:26:27.328897 Port1.42, IN: IP 192.168.42.30.44470 > 52.98.152.242.587: Flags [P.], seq 626:677, ack 4222, win 655, length 51
17:26:27.375707 Port1.42, OUT: IP 52.98.152.242.587 > 192.168.42.30.44470: Flags [.], ack 677, win 65535, length 0
17:26:28.030817 Port1.42, OUT: IP 52.98.152.242.587 > 192.168.42.30.44470: Flags [P.], seq 4222:4288, ack 677, win 65535, length 66
17:26:28.031186 Port1, IN: ethertype IPv4, IP 192.168.42.30.44470 > 52.98.152.242.587: Flags [P.], seq 677:747, ack 4288, win 655, length 70
17:26:28.031191 Port1.42, IN: IP 192.168.42.30.44470 > 52.98.152.242.587: Flags [P.], seq 677:747, ack 4288, win 655, length 70
17:26:28.068996 Port1.42, OUT: IP 52.98.152.242.587 > 192.168.42.30.44470: Flags [P.], seq 4288:4338, ack 747, win 65535, length 50
17:26:28.069255 Port1, IN: ethertype IPv4, IP 192.168.42.30.44470 > 52.98.152.242.587: Flags [P.], seq 747:807, ack 4338, win 655, length 60
17:26:28.069258 Port1.42, IN: IP 192.168.42.30.44470 > 52.98.152.242.587: Flags [P.], seq 747:807, ack 4338, win 655, length 60
17:26:28.108608 Port1.42, OUT: IP 52.98.152.242.587 > 192.168.42.30.44470: Flags [P.], seq 4338:4391, ack 807, win 65535, length 53
17:26:28.108883 Port1, IN: ethertype IPv4, IP 192.168.42.30.44470 > 52.98.152.242.587: Flags [P.], seq 807:842, ack 4391, win 655, length 35
17:26:28.108886 Port1.42, IN: IP 192.168.42.30.44470 > 52.98.152.242.587: Flags [P.], seq 807:842, ack 4391, win 655, length 35
17:26:28.144092 Port1.42, OUT: IP 52.98.152.242.587 > 192.168.42.30.44470: Flags [P.], seq 4391:4466, ack 842, win 65535, length 75
17:26:28.144347 Port1, IN: ethertype IPv4, IP 192.168.42.30.44470 > 52.98.152.242.587: Flags [P.], seq 842:877, ack 4466, win 655, length 35
17:26:28.144350 Port1.42, IN: IP 192.168.42.30.44470 > 52.98.152.242.587: Flags [P.], seq 842:877, ack 4466, win 655, length 35
17:26:28.190969 Port1.42, OUT: IP 52.98.152.242.587 > 192.168.42.30.44470: Flags [.], ack 877, win 65535, length 0
17:26:28.191296 Port1, IN: ethertype IPv4, IP 192.168.42.30.44470 > 52.98.152.242.587: Flags [P.], seq 877:2066, ack 4466, win 655, length 1189
17:26:28.191302 Port1.42, IN: IP 192.168.42.30.44470 > 52.98.152.242.587: Flags [P.], seq 877:2066, ack 4466, win 655, length 1189
17:26:28.240120 Port1.42, OUT: IP 52.98.152.242.587 > 192.168.42.30.44470: Flags [.], ack 2066, win 65535, length 0
17:26:28.302698 Port1.42, OUT: IP 52.98.152.242.587 > 192.168.42.30.44470: Flags [P.], seq 4466:4585, ack 2066, win 65535, length 119
17:26:28.303018 Port1, IN: ethertype IPv4, IP 192.168.42.30.44470 > 52.98.152.242.587: Flags [P.], seq 2066:2101, ack 4585, win 655, length 35
17:26:28.303022 Port1.42, IN: IP 192.168.42.30.44470 > 52.98.152.242.587: Flags [P.], seq 2066:2101, ack 4585, win 655, length 3517:26:28.303388 Port1, IN: ethertype IPv4, IP 192.168.42.30.44470 > 52.98.152.242.587: Flags [FP.], seq 2101:2132, ack 4585, win 655, length 31
17:26:28.303390 Port1.42, IN: IP 192.168.42.30.44470 > 52.98.152.242.587: Flags [FP.], seq 2101:2132, ack 4585, win 655, length 31
17:26:28.330766 Port1.42, OUT: IP 52.98.152.242.587 > 192.168.42.30.44470: Flags [.], ack 2133, win 65535, length 0
17:26:28.331334 Port1.42, OUT: IP 52.98.152.242.587 > 192.168.42.30.44470: Flags [F.], seq 4585, ack 2133, win 65535, length 0
17:26:28.331489 Port1, IN: ethertype IPv4, IP 192.168.42.30.44470 > 52.98.152.242.587: Flags [.], ack 4586, win 655, length 0
17:26:28.331492 Port1.42, IN: IP 192.168.42.30.44470 > 52.98.152.242.587: Flags [.], ack 4586, win 655, length 0

Thanks,

Ben

Edited TAGs
[edited by: emmosophos at 10:39 PM (GMT -7) on 14 Jun 2021]

Top Replies

Ben@Network 3 months ago in reply to Timo Bruns +1

Yes, we also have other printers in the office. They also work with SSL inspection.
The strange thing is that if SSL inspection is enabled and all rules are disabled, it is enough for the HP printer to…

Parents

0 Timo Bruns 3 months ago

Hello,

we have the same problem. But i don't know exactly how to turn off SSL Inspection.

We also have the HP 477DW and since we installed our Sophos the scan to mail is extremly slow. The printer stays around 3-5 minutes at "connecting" after this time the e-mail is send to the recipient.

Is there any solution or could tell me somone how exactly i could disable SSL inspection?

Greetings and Thanks
Cancel
Up 0 Down

Reply

Verify Answer

Cancel
0 Ben@Network 3 months ago in reply to Timo Bruns

Hello Timo,

you can disable the SSL Inspection here:

BTW: Until yet I have no solution from Sophos Support for this issue.

Ben
Cancel
Up 0 Down

Reply

Verify Answer

Cancel
0 Timo Bruns 3 months ago in reply to Ben@Network

Hello Ben,

great thank you!

I've tested it right now and it works.
So we have exactly the same problem. Hope for a solution soon.

Greetings

Timo
Cancel
Up 0 Down

Reply

Verify Answer

Cancel
0 Timo Bruns 3 months ago in reply to Timo Bruns

Fun fact, i also have a HP OfficeJet Pro 9020 with scan to mail.
This HP Printer works properly with SSL Inspection and without.
Cancel
Up 0 Down

Reply

Verify Answer

Cancel
0 Ben@Network 3 months ago in reply to Timo Bruns

Yes, we also have other printers in the office. They also work with SSL inspection.
The strange thing is that if SSL inspection is enabled and all rules are disabled, it is enough for the HP printer to send mails slowly.
Cancel
Up +1 Down

Reply

Verify Answer

Cancel
0 Ben@Network 11 days ago in reply to Ben@Network

Yesterday the Sophos Support wrote me:

"The issue here is about Printer unable to communicate on smtp.office365.com on port 587 when enabling SSL/TLS Inspection
Based on ips logs, we are suspecting that your issue is similar to current BUG ID NC-63177 which is resolved in 18.0 MR6."

Unfortunately, we have updated to firmware 18.5-MR1, so the fix is at the moment not avaiable for me.
Cancel
Up +1 Down

Reply

Verify Answer

Reject Answer

Cancel

Reply

0 Ben@Network 11 days ago in reply to Ben@Network

Yesterday the Sophos Support wrote me:

"The issue here is about Printer unable to communicate on smtp.office365.com on port 587 when enabling SSL/TLS Inspection
Based on ips logs, we are suspecting that your issue is similar to current BUG ID NC-63177 which is resolved in 18.0 MR6."

Unfortunately, we have updated to firmware 18.5-MR1, so the fix is at the moment not avaiable for me.
Cancel
Up +1 Down

Reply

Verify Answer

Reject Answer

Cancel

Children

0 emmosophos 10 days ago in reply to Ben@Network

Hello Ben,

Thank you for taking the time to update the community.

For 18.5 this will be resolved on 18.5.2

Regards,

Emmanuel (EmmoSophos)

Community Support Engineer | Sophos Technical Support
Sophos Support Videos | Product Documentation | @SophosSupport | Sign up for SMS Alerts
If a post solves your question use the 'Verify Answer' link.
Cancel
Up 0 Down

Reply

Verify Answer

Cancel
0 Ben@Network 10 days ago in reply to emmosophos

When will the 18.5.2 released?
Cancel
Up 0 Down

Reply

Verify Answer

Cancel
0 emmosophos 9 days ago in reply to Ben@Network

Hello Ben,

I will need to double-check with PM if they already have an ETA,

Regards,

Emmanuel (EmmoSophos)

Community Support Engineer | Sophos Technical Support
Sophos Support Videos | Product Documentation | @SophosSupport | Sign up for SMS Alerts
If a post solves your question use the 'Verify Answer' link.
Cancel
Up 0 Down

Reply

Verify Answer

Cancel