This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

iOs not sending or receiving

Hi,

I work for a public library system (4 total).  We have all traffic going through a Sophos UTM SG330 on version 9.700-5.  Our license is just for network and web protection.  

I received this from a staff member out in the public area...

A customer was unable to send email from an iPhone using Mail.app (configured for an iCloud account) while using LibraryMain. Disabling wifi and relying on the cell network allowed for the mail to be sent.

I have had this problem on our business network wifi with the same combination (iPhone + Mail.app + iCloud) for several months. I have to disable wifi so that I can check mail on the cell network. I then re-enable wifi. I'm not sure when this issue began for me, but I feel like it's been in the last few months. Will do a bit more digging on my iPhone to see if other clients are affected while I'm on library wifi.

We have two networks, business and public, and the issue is on both networks.  I tried adding a firewall rule that any traffic using any and all email ports and various other iCloud ports.  It did not work.  Then I thought I would simplify things and just have any traffic going from any to any just using port 993.  Still nothing is working.

I looked at the exception for Apple Update, and set it to skip everything.   Nothing seems to work.  I know just enough to get myself in trouble and I tend to not be able to see the forest for the trees.  (I am all self taught and had a terrible teacher).

I have been researching this off and on for several months, and feel like I am just going around in circles.

TIA,

Vicky



This thread was automatically locked due to age.
Parents
  • Hi Vicky and welcome (back?) to the UTM Community!

    This is not a common problem, so I think we'll need to see what's happening in the logs when this occurs.  Check the Web Filtering, Firewall and Intrusion Prevention logs and show us any related lines.

    Cheers - Bob
    PS As a mod, I see the IP from which each post was made.  You're 160 miles north of here.  I was Heights High '68.

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • Web Filtering

    Firewall

    Intrusion Prevention

    2019:12:18-12:02:49 main snort[20384]: id="2101" severity="warn" sys="SecureNet" sub="ips" name="Intrusion protection alert" action="alert" reason="PROTOCOL-DNS TMG Firewall Client long host entry exploit attempt" group="241" srcip="68.230.242.25" dstip="10.1.1.87" proto="17" srcport="53" dstport="59833" sid="19187" class="Attempted User Privilege Gain" priority="1" generator="1" msgid="0"

     

    I am not seeing anything on our end......but every user is unable to get through.

     

    p.s.  Not sure where my IP shows me, but I am in Arkansas.  

Reply Children
No Data