Hello Community,
I have an interesting problem with an HP Pro 477dw printer and sending email via Office 365. When SSL Inspection is turned on on the firewall, it takes about 5 minutes for mail to be sent via smtp.office365.com (port 587 SSL/TLS). SSL Inspection on the firewall is configured to inspect only HTTPS (port 443). So traffic on port 587 should not go through SSL inspection.
If I completely disable SSL inspection on the firewall, sending mails via Office 365 is very fast. As soon as I turn SSL inspection back on, sending mails takes a very long time again. All exceptions (Local TLS exclusion list, Microsoft Windows Update Original) do not change this obsolescence.
It is sufficient that the SSL inspection is switched on on the XG for the sending of the mails to be slow. Even if I disable all SSL rules, it remains slow.When I look at the whole thing with the tcpdump, I see a communication between the printer and Office 365 with the pause:
17:19:47.824285 Port1, IN: ethertype IPv4, IP 192.168.42.30.41979 > 52.98.152.178.587: Flags [S], seq 3597158390, win 29200, options [mss 1460,sackOK,TS val 634304 ecr 0,nop,wscale 6], length 017:19:47.824289 Port1.42, IN: IP 192.168.42.30.41979 > 52.98.152.178.587: Flags [S], seq 3597158390, win 29200, options [mss 1460,sackOK,TS val 634304 ecr 0,nop,wscale 6], length 017:19:47.856069 Port1.42, OUT: IP 52.98.152.178.587 > 192.168.42.30.41979: Flags [S.], seq 4277304867, ack 3597158391, win 8190, options [mss 1440,nop,wscale 4,nop,nop,sackOK], length 017:19:47.856294 Port1, IN: ethertype IPv4, IP 192.168.42.30.41979 > 52.98.152.178.587: Flags [.], ack 1, win 457, length 017:19:47.856296 Port1.42, IN: IP 192.168.42.30.41979 > 52.98.152.178.587: Flags [.], ack 1, win 457, length 017:19:47.856702 Port1, IN: ethertype IPv4, IP 192.168.42.30.41979 > 52.98.152.178.587: Flags [P.], seq 1:119, ack 1, win 457, length 11817:19:47.856703 Port1.42, IN: IP 192.168.42.30.41979 > 52.98.152.178.587: Flags [P.], seq 1:119, ack 1, win 457, length 11817:19:47.856924 Port1.42, OUT: IP 52.98.152.178.587 > 192.168.42.30.41979: Flags [.], ack 119, win 4106, length 017:19:47.961184 Port1.42, OUT: IP 52.98.152.178.587 > 192.168.42.30.41979: Flags [.], ack 119, win 4106, length 0[5 Minutes pause]17:24:48.055477 Port1.42, OUT: IP 52.98.152.178.587 > 192.168.42.30.41979: Flags [R.], seq 1, ack 119, win 4106, length 017:24:48.057143 Port1, IN: ethertype IPv4, IP 192.168.42.30.41981 > 52.98.152.178.587: Flags [S], seq 2111075026, win 29200, options [mss 1460,sackOK,TS val 664325 ecr 0,nop,wscale 6], length 017:24:48.057147 Port1.42, IN: IP 192.168.42.30.41981 > 52.98.152.178.587: Flags [S], seq 2111075026, win 29200, options [mss 1460,sackOK,TS val 664325 ecr 0,nop,wscale 6], length 017:24:48.086083 Port1.42, OUT: IP 52.98.152.178.587 > 192.168.42.30.41981: Flags [S.], seq 3648884178, ack 2111075027, win 8190, options [mss 1440,nop,wscale 4,nop,nop,sackOK], length 017:24:48.086619 Port1, IN: ethertype IPv4, IP 192.168.42.30.41981 > 52.98.152.178.587: Flags [.], ack 1, win 457, length 017:24:48.086622 Port1.42, IN: IP 192.168.42.30.41981 > 52.98.152.178.587: Flags [.], ack 1, win 457, length 017:24:48.115542 Port1.42, OUT: IP 52.98.152.178.587 > 192.168.42.30.41981: Flags [P.], seq 1:112, ack 1, win 65535, length 11117:24:48.115976 Port1, IN: ethertype IPv4, IP 192.168.42.30.41981 > 52.98.152.178.587: Flags [.], ack 112, win 457, length 017:24:48.115979 Port1.42, IN: IP 192.168.42.30.41981 > 52.98.152.178.587: Flags [.], ack 112, win 457, length 017:24:48.116471 Port1, IN: ethertype IPv4, IP 192.168.42.30.41981 > 52.98.152.178.587: Flags [P.], seq 1:16, ack 112, win 457, length 1517:24:48.116474 Port1.42, IN: IP 192.168.42.30.41981 > 52.98.152.178.587: Flags [P.], seq 1:16, ack 112, win 457, length 1517:24:48.143443 Port1.42, OUT: IP 52.98.152.178.587 > 192.168.42.30.41981: Flags [P.], seq 112:317, ack 16, win 65535, length 20517:24:48.150365 Port1, IN: ethertype IPv4, IP 192.168.42.30.41981 > 52.98.152.178.587: Flags [P.], seq 16:26, ack 317, win 473, length 1017:24:48.150367 Port1.42, IN: IP 192.168.42.30.41981 > 52.98.152.178.587: Flags [P.], seq 16:26, ack 317, win 473, length 1017:24:48.176936 Port1.42, OUT: IP 52.98.152.178.587 > 192.168.42.30.41981: Flags [P.], seq 317:346, ack 26, win 65535, length 2917:24:48.178673 Port1, IN: ethertype IPv4, IP 192.168.42.30.41981 > 52.98.152.178.587: Flags [P.], seq 26:144, ack 346, win 473, length 11817:24:48.178676 Port1.42, IN: IP 192.168.42.30.41981 > 52.98.152.178.587: Flags [P.], seq 26:144, ack 346, win 473, length 11817:24:48.178899 Port1.42, OUT: IP 52.98.152.178.587 > 192.168.42.30.41981: Flags [.], ack 144, win 4106, length 017:24:48.227155 Port1.42, OUT: IP 52.98.152.178.587 > 192.168.42.30.41981: Flags [.], seq 346:1806, ack 144, win 4106, length 146017:24:48.227222 Port1.42, OUT: IP 52.98.152.178.587 > 192.168.42.30.41981: Flags [.], seq 1806:3266, ack 144, win 4106, length 146017:24:48.227273 Port1.42, OUT: IP 52.98.152.178.587 > 192.168.42.30.41981: Flags [P.], seq 3266:3833, ack 144, win 4106, length 56717:24:48.228110 Port1, IN: ethertype IPv4, IP 192.168.42.30.41981 > 52.98.152.178.587: Flags [.], ack 3266, win 565, length 017:24:48.228113 Port1.42, IN: IP 192.168.42.30.41981 > 52.98.152.178.587: Flags [.], ack 3266, win 565, length 017:24:48.258411 Port1, IN: ethertype IPv4, IP 192.168.42.30.41981 > 52.98.152.178.587: Flags [.], ack 3833, win 610, length 017:24:48.258413 Port1.42, IN: IP 192.168.42.30.41981 > 52.98.152.178.587: Flags [.], ack 3833, win 610, length 017:24:48.263035 Port1, IN: ethertype IPv4, IP 192.168.42.30.41981 > 52.98.152.178.587: Flags [P.], seq 144:474, ack 3833, win 610, length 33017:24:48.263038 Port1.42, IN: IP 192.168.42.30.41981 > 52.98.152.178.587: Flags [P.], seq 144:474, ack 3833, win 610, length 33017:24:48.290753 Port1.42, OUT: IP 52.98.152.178.587 > 192.168.42.30.41981: Flags [P.], seq 3833:3884, ack 474, win 4106, length 5117:24:48.291367 Port1, IN: ethertype IPv4, IP 192.168.42.30.41981 > 52.98.152.178.587: Flags [.], ack 3884, win 610, length 017:24:48.291371 Port1.42, IN: IP 192.168.42.30.41981 > 52.98.152.178.587: Flags [.], ack 3884, win 610, length 017:24:48.294358 Port1, IN: ethertype IPv4, IP 192.168.42.30.41981 > 52.98.152.178.587: Flags [P.], seq 474:518, ack 3884, win 610, length 4417:24:48.294361 Port1.42, IN: IP 192.168.42.30.41981 > 52.98.152.178.587: Flags [P.], seq 474:518, ack 3884, win 610, length 4417:24:48.321151 Port1.42, OUT: IP 52.98.152.178.587 > 192.168.42.30.41981: Flags [P.], seq 3884:4128, ack 518, win 65535, length 24417:24:48.322534 Port1, IN: ethertype IPv4, IP 192.168.42.30.41981 > 52.98.152.178.587: Flags [P.], seq 518:559, ack 4128, win 656, length 4117:24:48.322537 Port1.42, IN: IP 192.168.42.30.41981 > 52.98.152.178.587: Flags [P.], seq 518:559, ack 4128, win 656, length 4117:24:48.349072 Port1.42, OUT: IP 52.98.152.178.587 > 192.168.42.30.41981: Flags [P.], seq 4128:4175, ack 559, win 65535, length 4717:24:48.350147 Port1, IN: ethertype IPv4, IP 192.168.42.30.41981 > 52.98.152.178.587: Flags [P.], seq 559:626, ack 4175, win 656, length 6717:24:48.350149 Port1.42, IN: IP 192.168.42.30.41981 > 52.98.152.178.587: Flags [P.], seq 559:626, ack 4175, win 656, length 6717:24:48.376598 Port1.42, OUT: IP 52.98.152.178.587 > 192.168.42.30.41981: Flags [P.], seq 4175:4222, ack 626, win 65535, length 4717:24:48.377619 Port1, IN: ethertype IPv4, IP 192.168.42.30.41981 > 52.98.152.178.587: Flags [P.], seq 626:677, ack 4222, win 656, length 5117:24:48.377621 Port1.42, IN: IP 192.168.42.30.41981 > 52.98.152.178.587: Flags [P.], seq 626:677, ack 4222, win 656, length 5117:24:48.423934 Port1.42, OUT: IP 52.98.152.178.587 > 192.168.42.30.41981: Flags [.], ack 677, win 65535, length 017:24:48.783047 Port1.42, OUT: IP 52.98.152.178.587 > 192.168.42.30.41981: Flags [P.], seq 4222:4288, ack 677, win 65535, length 6617:24:48.784217 Port1, IN: ethertype IPv4, IP 192.168.42.30.41981 > 52.98.152.178.587: Flags [P.], seq 677:747, ack 4288, win 656, length 7017:24:48.784220 Port1.42, IN: IP 192.168.42.30.41981 > 52.98.152.178.587: Flags [P.], seq 677:747, ack 4288, win 656, length 7017:24:48.821932 Port1.42, OUT: IP 52.98.152.178.587 > 192.168.42.30.41981: Flags [P.], seq 4288:4338, ack 747, win 65535, length 5017:24:48.822992 Port1, IN: ethertype IPv4, IP 192.168.42.30.41981 > 52.98.152.178.587: Flags [P.], seq 747:807, ack 4338, win 656, length 6017:24:48.822994 Port1.42, IN: IP 192.168.42.30.41981 > 52.98.152.178.587: Flags [P.], seq 747:807, ack 4338, win 656, length 6017:24:48.858110 Port1.42, OUT: IP 52.98.152.178.587 > 192.168.42.30.41981: Flags [P.], seq 4338:4391, ack 807, win 65535, length 5317:24:48.859217 Port1, IN: ethertype IPv4, IP 192.168.42.30.41981 > 52.98.152.178.587: Flags [P.], seq 807:842, ack 4391, win 656, length 3517:24:48.859220 Port1.42, IN: IP 192.168.42.30.41981 > 52.98.152.178.587: Flags [P.], seq 807:842, ack 4391, win 656, length 3517:24:48.894529 Port1.42, OUT: IP 52.98.152.178.587 > 192.168.42.30.41981: Flags [P.], seq 4391:4466, ack 842, win 65535, length 7517:24:48.895496 Port1, IN: ethertype IPv4, IP 192.168.42.30.41981 > 52.98.152.178.587: Flags [P.], seq 842:877, ack 4466, win 656, length 3517:24:48.895500 Port1.42, IN: IP 192.168.42.30.41981 > 52.98.152.178.587: Flags [P.], seq 842:877, ack 4466, win 656, length 3517:24:48.942335 Port1.42, OUT: IP 52.98.152.178.587 > 192.168.42.30.41981: Flags [.], ack 877, win 65535, length 017:24:48.942951 Port1, IN: ethertype IPv4, IP 192.168.42.30.41981 > 52.98.152.178.587: Flags [P.], seq 877:2066, ack 4466, win 656, length 118917:24:48.942954 Port1.42, IN: IP 192.168.42.30.41981 > 52.98.152.178.587: Flags [P.], seq 877:2066, ack 4466, win 656, length 118917:24:48.990327 Port1.42, OUT: IP 52.98.152.178.587 > 192.168.42.30.41981: Flags [.], ack 2066, win 65535, length 017:24:49.064054 Port1.42, OUT: IP 52.98.152.178.587 > 192.168.42.30.41981: Flags [P.], seq 4466:4585, ack 2066, win 65535, length 11917:24:49.065056 Port1, IN: ethertype IPv4, IP 192.168.42.30.41981 > 52.98.152.178.587: Flags [P.], seq 2066:2101, ack 4585, win 656, length 3517:24:49.065059 Port1.42, IN: IP 192.168.42.30.41981 > 52.98.152.178.587: Flags [P.], seq 2066:2101, ack 4585, win 656, length 3517:24:49.067368 Port1, IN: ethertype IPv4, IP 192.168.42.30.41981 > 52.98.152.178.587: Flags [FP.], seq 2101:2132, ack 4585, win 656, length 3117:24:49.067370 Port1.42, IN: IP 192.168.42.30.41981 > 52.98.152.178.587: Flags [FP.], seq 2101:2132, ack 4585, win 656, length 3117:24:49.094551 Port1.42, OUT: IP 52.98.152.178.587 > 192.168.42.30.41981: Flags [.], ack 2133, win 65535, length 017:24:49.095434 Port1.42, OUT: IP 52.98.152.178.587 > 192.168.42.30.41981: Flags [F.], seq 4585, ack 2133, win 65535, length 017:24:49.095851 Port1, IN: ethertype IPv4, IP 192.168.42.30.41981 > 52.98.152.178.587: Flags [.], ack 4586, win 656, length 017:24:49.095853 Port1.42, IN: IP 192.168.42.30.41981 > 52.98.152.178.587: Flags [.], ack 4586, win 656, length 0
Without SSL Inspection it looks like this:
17:26:27.014903 Port1, IN: ethertype IPv4, IP 192.168.42.30.44469 > 52.98.152.242.587: Flags [S], seq 1895870530, win 29200, options [mss 1460,sackOK,TS val 674221 ecr 0,nop,wscale 6], length 017:26:27.014906 Port1.42, IN: IP 192.168.42.30.44469 > 52.98.152.242.587: Flags [S], seq 1895870530, win 29200, options [mss 1460,sackOK,TS val 674221 ecr 0,nop,wscale 6], length 017:26:27.043961 Port1.42, OUT: IP 52.98.152.242.587 > 192.168.42.30.44469: Flags [S.], seq 3766787557, ack 1895870531, win 8190, options [mss 1440,nop,wscale 4,nop,nop,sackOK], length 017:26:27.044140 Port1, IN: ethertype IPv4, IP 192.168.42.30.44469 > 52.98.152.242.587: Flags [.], ack 1, win 457, length 017:26:27.044143 Port1.42, IN: IP 192.168.42.30.44469 > 52.98.152.242.587: Flags [.], ack 1, win 457, length 017:26:27.044399 Port1, IN: ethertype IPv4, IP 192.168.42.30.44469 > 52.98.152.242.587: Flags [P.], seq 1:119, ack 1, win 457, length 11817:26:27.044401 Port1.42, IN: IP 192.168.42.30.44469 > 52.98.152.242.587: Flags [P.], seq 1:119, ack 1, win 457, length 11817:26:27.073768 Port1.42, OUT: IP 52.98.152.242.587 > 192.168.42.30.44469: Flags [P.], seq 1:112, ack 1, win 65535, length 11117:26:27.073941 Port1, IN: ethertype IPv4, IP 192.168.42.30.44469 > 52.98.152.242.587: Flags [.], ack 112, win 457, length 017:26:27.073944 Port1.42, IN: IP 192.168.42.30.44469 > 52.98.152.242.587: Flags [.], ack 112, win 457, length 017:26:27.074050 Port1, IN: ethertype IPv4, IP 192.168.42.30.44469 > 52.98.152.242.587: Flags [R.], seq 119, ack 112, win 457, length 017:26:27.074052 Port1.42, IN: IP 192.168.42.30.44469 > 52.98.152.242.587: Flags [R.], seq 119, ack 112, win 457, length 017:26:27.074144 Port1, IN: ethertype IPv4, IP 192.168.42.30.44470 > 52.98.152.242.587: Flags [S], seq 2672864145, win 29200, options [mss 1460,sackOK,TS val 674226 ecr 0,nop,wscale 6], length 017:26:27.074149 Port1.42, IN: IP 192.168.42.30.44470 > 52.98.152.242.587: Flags [S], seq 2672864145, win 29200, options [mss 1460,sackOK,TS val 674226 ecr 0,nop,wscale 6], length 017:26:27.092932 Port1.42, OUT: IP 52.98.152.242.587 > 192.168.42.30.44469: Flags [.], ack 119, win 65535, length 017:26:27.093094 Port1, IN: ethertype IPv4, IP 192.168.42.30.44469 > 52.98.152.242.587: Flags [R], seq 1895870649, win 0, length 017:26:27.093097 Port1.42, IN: IP 192.168.42.30.44469 > 52.98.152.242.587: Flags [R], seq 1895870649, win 0, length 017:26:27.102648 Port1.42, OUT: IP 52.98.152.242.587 > 192.168.42.30.44470: Flags [S.], seq 104696859, ack 2672864146, win 8190, options [mss 1440,nop,wscale 4,nop,nop,sackOK], length 017:26:27.102835 Port1, IN: ethertype IPv4, IP 192.168.42.30.44470 > 52.98.152.242.587: Flags [.], ack 1, win 457, length 017:26:27.102842 Port1.42, IN: IP 192.168.42.30.44470 > 52.98.152.242.587: Flags [.], ack 1, win 457, length 017:26:27.131814 Port1.42, OUT: IP 52.98.152.242.587 > 192.168.42.30.44470: Flags [P.], seq 1:112, ack 1, win 65535, length 11117:26:27.132002 Port1, IN: ethertype IPv4, IP 192.168.42.30.44470 > 52.98.152.242.587: Flags [.], ack 112, win 457, length 017:26:27.132009 Port1.42, IN: IP 192.168.42.30.44470 > 52.98.152.242.587: Flags [.], ack 112, win 457, length 017:26:27.132054 Port1, IN: ethertype IPv4, IP 192.168.42.30.44470 > 52.98.152.242.587: Flags [P.], seq 1:16, ack 112, win 457, length 1517:26:27.132056 Port1.42, IN: IP 192.168.42.30.44470 > 52.98.152.242.587: Flags [P.], seq 1:16, ack 112, win 457, length 1517:26:27.159336 Port1.42, OUT: IP 52.98.152.242.587 > 192.168.42.30.44470: Flags [P.], seq 112:317, ack 16, win 65535, length 20517:26:27.160425 Port1, IN: ethertype IPv4, IP 192.168.42.30.44470 > 52.98.152.242.587: Flags [P.], seq 16:26, ack 317, win 473, length 1017:26:27.160430 Port1.42, IN: IP 192.168.42.30.44470 > 52.98.152.242.587: Flags [P.], seq 16:26, ack 317, win 473, length 1017:26:27.186888 Port1.42, OUT: IP 52.98.152.242.587 > 192.168.42.30.44470: Flags [P.], seq 317:346, ack 26, win 65535, length 2917:26:27.187259 Port1, IN: ethertype IPv4, IP 192.168.42.30.44470 > 52.98.152.242.587: Flags [P.], seq 26:144, ack 346, win 473, length 11817:26:27.187264 Port1.42, IN: IP 192.168.42.30.44470 > 52.98.152.242.587: Flags [P.], seq 26:144, ack 346, win 473, length 11817:26:27.214697 Port1.42, OUT: IP 52.98.152.242.587 > 192.168.42.30.44470: Flags [.], seq 346:1786, ack 144, win 65535, length 144017:26:27.214710 Port1.42, OUT: IP 52.98.152.242.587 > 192.168.42.30.44470: Flags [.], seq 1786:3226, ack 144, win 65535, length 144017:26:27.214927 Port1.42, OUT: IP 52.98.152.242.587 > 192.168.42.30.44470: Flags [P.], seq 3226:3833, ack 144, win 65535, length 60717:26:27.215131 Port1, IN: ethertype IPv4, IP 192.168.42.30.44470 > 52.98.152.242.587: Flags [.], ack 3226, win 565, length 017:26:27.215137 Port1.42, IN: IP 192.168.42.30.44470 > 52.98.152.242.587: Flags [.], ack 3226, win 565, length 017:26:27.219588 Port1, IN: ethertype IPv4, IP 192.168.42.30.44470 > 52.98.152.242.587: Flags [P.], seq 144:474, ack 3833, win 610, length 33017:26:27.219591 Port1.42, IN: IP 192.168.42.30.44470 > 52.98.152.242.587: Flags [P.], seq 144:474, ack 3833, win 610, length 33017:26:27.247423 Port1.42, OUT: IP 52.98.152.242.587 > 192.168.42.30.44470: Flags [P.], seq 3833:3884, ack 474, win 65535, length 5117:26:27.248032 Port1, IN: ethertype IPv4, IP 192.168.42.30.44470 > 52.98.152.242.587: Flags [P.], seq 474:518, ack 3884, win 610, length 4417:26:27.248037 Port1.42, IN: IP 192.168.42.30.44470 > 52.98.152.242.587: Flags [P.], seq 474:518, ack 3884, win 610, length 4417:26:27.274718 Port1.42, OUT: IP 52.98.152.242.587 > 192.168.42.30.44470: Flags [P.], seq 3884:4128, ack 518, win 65535, length 24417:26:27.275059 Port1, IN: ethertype IPv4, IP 192.168.42.30.44470 > 52.98.152.242.587: Flags [P.], seq 518:559, ack 4128, win 655, length 4117:26:27.275065 Port1.42, IN: IP 192.168.42.30.44470 > 52.98.152.242.587: Flags [P.], seq 518:559, ack 4128, win 655, length 4117:26:27.301523 Port1.42, OUT: IP 52.98.152.242.587 > 192.168.42.30.44470: Flags [P.], seq 4128:4175, ack 559, win 65535, length 4717:26:27.301824 Port1, IN: ethertype IPv4, IP 192.168.42.30.44470 > 52.98.152.242.587: Flags [P.], seq 559:626, ack 4175, win 655, length 6717:26:27.301830 Port1.42, IN: IP 192.168.42.30.44470 > 52.98.152.242.587: Flags [P.], seq 559:626, ack 4175, win 655, length 6717:26:27.328631 Port1.42, OUT: IP 52.98.152.242.587 > 192.168.42.30.44470: Flags [P.], seq 4175:4222, ack 626, win 65535, length 4717:26:27.328892 Port1, IN: ethertype IPv4, IP 192.168.42.30.44470 > 52.98.152.242.587: Flags [P.], seq 626:677, ack 4222, win 655, length 5117:26:27.328897 Port1.42, IN: IP 192.168.42.30.44470 > 52.98.152.242.587: Flags [P.], seq 626:677, ack 4222, win 655, length 5117:26:27.375707 Port1.42, OUT: IP 52.98.152.242.587 > 192.168.42.30.44470: Flags [.], ack 677, win 65535, length 017:26:28.030817 Port1.42, OUT: IP 52.98.152.242.587 > 192.168.42.30.44470: Flags [P.], seq 4222:4288, ack 677, win 65535, length 6617:26:28.031186 Port1, IN: ethertype IPv4, IP 192.168.42.30.44470 > 52.98.152.242.587: Flags [P.], seq 677:747, ack 4288, win 655, length 7017:26:28.031191 Port1.42, IN: IP 192.168.42.30.44470 > 52.98.152.242.587: Flags [P.], seq 677:747, ack 4288, win 655, length 7017:26:28.068996 Port1.42, OUT: IP 52.98.152.242.587 > 192.168.42.30.44470: Flags [P.], seq 4288:4338, ack 747, win 65535, length 5017:26:28.069255 Port1, IN: ethertype IPv4, IP 192.168.42.30.44470 > 52.98.152.242.587: Flags [P.], seq 747:807, ack 4338, win 655, length 6017:26:28.069258 Port1.42, IN: IP 192.168.42.30.44470 > 52.98.152.242.587: Flags [P.], seq 747:807, ack 4338, win 655, length 6017:26:28.108608 Port1.42, OUT: IP 52.98.152.242.587 > 192.168.42.30.44470: Flags [P.], seq 4338:4391, ack 807, win 65535, length 5317:26:28.108883 Port1, IN: ethertype IPv4, IP 192.168.42.30.44470 > 52.98.152.242.587: Flags [P.], seq 807:842, ack 4391, win 655, length 3517:26:28.108886 Port1.42, IN: IP 192.168.42.30.44470 > 52.98.152.242.587: Flags [P.], seq 807:842, ack 4391, win 655, length 3517:26:28.144092 Port1.42, OUT: IP 52.98.152.242.587 > 192.168.42.30.44470: Flags [P.], seq 4391:4466, ack 842, win 65535, length 7517:26:28.144347 Port1, IN: ethertype IPv4, IP 192.168.42.30.44470 > 52.98.152.242.587: Flags [P.], seq 842:877, ack 4466, win 655, length 3517:26:28.144350 Port1.42, IN: IP 192.168.42.30.44470 > 52.98.152.242.587: Flags [P.], seq 842:877, ack 4466, win 655, length 3517:26:28.190969 Port1.42, OUT: IP 52.98.152.242.587 > 192.168.42.30.44470: Flags [.], ack 877, win 65535, length 017:26:28.191296 Port1, IN: ethertype IPv4, IP 192.168.42.30.44470 > 52.98.152.242.587: Flags [P.], seq 877:2066, ack 4466, win 655, length 118917:26:28.191302 Port1.42, IN: IP 192.168.42.30.44470 > 52.98.152.242.587: Flags [P.], seq 877:2066, ack 4466, win 655, length 118917:26:28.240120 Port1.42, OUT: IP 52.98.152.242.587 > 192.168.42.30.44470: Flags [.], ack 2066, win 65535, length 017:26:28.302698 Port1.42, OUT: IP 52.98.152.242.587 > 192.168.42.30.44470: Flags [P.], seq 4466:4585, ack 2066, win 65535, length 11917:26:28.303018 Port1, IN: ethertype IPv4, IP 192.168.42.30.44470 > 52.98.152.242.587: Flags [P.], seq 2066:2101, ack 4585, win 655, length 3517:26:28.303022 Port1.42, IN: IP 192.168.42.30.44470 > 52.98.152.242.587: Flags [P.], seq 2066:2101, ack 4585, win 655, length 3517:26:28.303388 Port1, IN: ethertype IPv4, IP 192.168.42.30.44470 > 52.98.152.242.587: Flags [FP.], seq 2101:2132, ack 4585, win 655, length 3117:26:28.303390 Port1.42, IN: IP 192.168.42.30.44470 > 52.98.152.242.587: Flags [FP.], seq 2101:2132, ack 4585, win 655, length 3117:26:28.330766 Port1.42, OUT: IP 52.98.152.242.587 > 192.168.42.30.44470: Flags [.], ack 2133, win 65535, length 017:26:28.331334 Port1.42, OUT: IP 52.98.152.242.587 > 192.168.42.30.44470: Flags [F.], seq 4585, ack 2133, win 65535, length 017:26:28.331489 Port1, IN: ethertype IPv4, IP 192.168.42.30.44470 > 52.98.152.242.587: Flags [.], ack 4586, win 655, length 017:26:28.331492 Port1.42, IN: IP 192.168.42.30.44470 > 52.98.152.242.587: Flags [.], ack 4586, win 655, length 0
Thanks,
Ben
Hello,
we have the same problem. But i don't know exactly how to turn off SSL Inspection.
We also have the HP 477DW and since we installed our Sophos the scan to mail is extremly slow. The printer stays around 3-5 minutes at "connecting" after this time the e-mail is send to the recipient.
Is there any solution or could tell me somone how exactly i could disable SSL inspection?
Greetings and Thanks
Hello Timo,
you can disable the SSL Inspection here:
BTW: Until yet I have no solution from Sophos Support for this issue. Ben
If a post solves your question please use the 'Verify Answer' button.
Hello Ben,
great thank you!
I've tested it right now and it works.So we have exactly the same problem. Hope for a solution soon.
Greetings
Timo
Fun fact, i also have a HP OfficeJet Pro 9020 with scan to mail.This HP Printer works properly with SSL Inspection and without.
Yes, we also have other printers in the office. They also work with SSL inspection. The strange thing is that if SSL inspection is enabled and all rules are disabled, it is enough for the HP printer to send mails slowly.
Yesterday the Sophos Support wrote me:"The issue here is about Printer unable to communicate on smtp.office365.com on port 587 when enabling SSL/TLS Inspection Based on ips logs, we are suspecting that your issue is similar to current BUG ID NC-63177 which is resolved in 18.0 MR6."Unfortunately, we have updated to firmware 18.5-MR1, so the fix is at the moment not avaiable for me.
Thank you for taking the time to update the community.
For 18.5 this will be resolved on 18.5.2
Regards,
When will the 18.5.2 released?
I will need to double-check with PM if they already have an ETA,
Hi,
we have exactly same issue with same printer, but on gmail account. This is very problematic, since we have to turn OFF SSL inspection.
When can we expect solution?
Thanks
Hello to all,
we have exaclty the same problem with HP 477dw printer and scan to email to our internal exchange server (2016).
it takes about 5 minutes in status "connecting" in the printers display, since the scan 2 mail is finally through the exchange and in the inbox at outlook at the user.
we also take the workaround and tunred off ssl inspection and it works fine now.
our firmware at the xg is SFOS 18.5.1 MR-1 Build 326
Hope this is going to be fast fixed with a new firmware update of the xg.
Marc
we have used same solution, but with that we have highly limited funciionality of FW and increase security risks!!!!
Don't you thinks so? Question is when will that function OK?
Emmanuel,
Do you have a date when it will be released? We have the same problem here