This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Sophos XG Firewalls Printer Delay or Not Printing at all

We have serval offices (Well over 30 locations) that experience printing issues when going through our Sophos XG (115/125) Firewalls. 

When printing, the printer can take up to 5 to 30 minutes before it will print. If we remove the Sophos Devices, printing returns to normal, less then a second to print.

We noticed It mostly effect the Epson TM- Receipt printers on Port 9100 but other printers are reported to experience problems from time to time.

The communication for which the print job is received can very, it's not specific to the media, such as standard ethernet, VPN, MPLS.

Firmware is up to date and all advance features is turned off. Doing a packet captures show the print job hitting the correct firewall rules with not type of inspection or

filtering turned on. If we bypass or even replace the firewall with an ASA, Sonic Wall, FortiGate then the issues no longer happens.

Any advise ??? Thanks, Keith 



This thread was automatically locked due to age.
Parents
  • Hello,

    Keith, what is you XG firmware version ?

    I am the same problem with a fresh installed XGS 18.5.1 :

     - Printing is good for Xeros

     - Printing is KO for Toshiba

    File is transferring the printer, but never full sent.

    I have a lot of dropped traffic "Invalid_Traffic ".

    XGS3100_RL01_SFOS 18.5.1 MR-1-Build326# drppkt host 10.10.0.42

    Date=2021-11-25 Time=11:06:37 log_id=010202123 log_type=Firewall log_component=Invalid_Traffic log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev= out_dev= inzone_id=1 outzone_id=1 source_mac= dest_mac= bridge_name= l3_protocol=IPv4 source_ip=10.10.240.164 dest_ip=10.10.0.42 l4_protocol=TCP source_port=53705 dest_port=9100 fw_rule_id=99 policytype=1 live_userid=751 userid=24 user_gp=1 ips_id=0 sslvpn_id=0 web_filter_id=0 hotspot_id=0 hotspotuser_id=0 hb_src=0 hb_dst=0 dnat_done=0 icap_id=0 app_filter_id=0 app_category_id=0 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 nat_id=0 cluster_node=0 inmark=0x0 nfqueue=2 gateway_offset=0 connid=1271163072 masterid=0 status=392 state=1, flag0=10997265858600 flags1=1099520016384 pbdid_dir0=0 pbrid_dir1=0

    2021-11-25 11:06:38 010202123 IP 10.10.240.164.53705 > 10.10.0.42.9100 : proto TCP:  4086485693:4086485693(0) ack 1069613387 win 1026 checksum : 34001
    0x0000:  4500 0034 508c 4000 8006 3818 c0a8 f0a4  E..4P.@...8.....
    0x0010:  c0a8 002a d1c9 238c f392 d2bd 3fc1 014b  ...*..#.....?..K
    0x0020:  8010 0402 84d1 0000 0101 050a 3fc1 014a  ............?..J
    0x0030:  3fc1 014b                                ?..K
    Date=2021-11-25 Time=11:06:38 log_id=010202123 log_type=Firewall log_component=Invalid_Traffic log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev= out_dev= inzone_id=1 outzone_id=1 source_mac= dest_mac= bridge_name= l3_protocol=IPv4 source_ip=10.10.240.164 dest_ip=10.10.0.42 l4_protocol=TCP source_port=53705 dest_port=9100 fw_rule_id=99 policytype=1 live_userid=751 userid=24 user_gp=1 ips_id=0 sslvpn_id=0 web_filter_id=0 hotspot_id=0 hotspotuser_id=0 hb_src=0 hb_dst=0 dnat_done=0 icap_id=0 app_filter_id=0 app_category_id=0 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 nat_id=0 cluster_node=0 inmark=0x0 nfqueue=2 gateway_offset=0 connid=1271163072 masterid=0 status=392 state=1, flag0=10997265858600 flags1=1099520016384 pbdid_dir0=0 pbrid_dir1=0

    My rule is very simple :

    • LAN > LAN Printers Port 9100
    • Log : ON
    • No IPS, No App Control, No Shape, ...

    I will open a case.

    Is XGS version 18.5MR1 stable ?

  • Thanks Thomas. Sound like we have the same problem. My larger printers (konica minolta, xerox) also doesn't seem to have the issue. Its the smaller ones, especial our Epson receipt printers. At first I thought it was the VPN but I also have devices have trouble  running mpls and just ethernet. Some devices are also in transparent mode and experience the problem as well. All my devices are currently running 18.5.1, but we had this problem for over a year now, so I assume it was an issue on prior versions. Thanks

  • I do that, and it seems to be better now :

    Add bypass statefull Firewall :

    console> set advanced-firewall bypass-stateful-firewall-config add source_network 10.10.240.0 source_netmask 255.255.255.0 dest_host 10.10.0.42

    Check settings :

    console> show advanced-firewall

    I am waiting for support to know if that is the good way to resolve.

    Source : https://docs.sophos.com/nsg/sophos-firewall/18.5/Help/en-us/webhelp/onlinehelp/AdministratorHelp/Logs/LogViewer/InvalidTrafficEvents/index.html#managing-invalid-traffic-events

Reply Children