This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Isolated internet trouble through Sophos UTM Home router

Hey team, I have been working on this for a while and have come up with nothing, so I ask for your help. Here goes: 

  • New home network config with a Dell 7010 running Sophos UTM 9 Home. 3 NICs - (1) on-board Intel 82579LM 1G and (2) Broadcom NetXtreme BCM5709 1G. 
  • WAN (Intel) connected to cable modem and getting public IP
  • LAN 1 (Broadcom 1) connected to Cisco 3750 on home VLAN (personal network)
    • Various devices connect to the switch (APs, NAS) and the router is there to provide internet access. Pretty standard.
  • LAN 2 (Broadcom 2) connected to Cisco 3750 on work VLAN (workstation, IP phone for work)
    • Workstation and phone connect to corporate offices through IPSEC tunnels. Internet goes out local. Most everything works fine. 
  • Firewall rules are wide open. Internal networks are allowed to communicate out.
  • Masquerading rules are in place, both networks can get to the Internet. 
  • All filtering is off. IPS, App, Country blocking, advanced threats, etc.

The big problem I have is this: certain services won't connect. The two that I know about are: GoToMeeting video and Halflife 2 Deathmatch. I can connect to GoToMeetings, but when I try to share my webcam I get an error that says I have a slow connection and the other end only sees black. This has been consistent for the 2 weeks I have been setup here, and it happens from both my personal and work machines. Same problem on both subnets. The video works fine when I am plugged in directly to the modem however.

Also, HL2DM, which obviously I'm only testing from my personal machine, won't connect to servers. It gets as far as parsing game info and never any further. These are using the Valve anti-cheat system, but I never had trouble connecting to that before this setup. Also, just like GTM, the game works fine when I plug my PC directly into the modem. 

And that's where I am. Logs do not show packets being blocked, in fact they show them being allowed. My ISP has confirmed that no other configuration is required to use a router like this through their network (I am getting a public IP on the WAN interface). I will post any configs you would like to see, so I will go start working on those. Any help would be appreciated, I'm at the end of my knowledge of Sophos. Everything I have tried has made no change. Thanks!

Chris 



This thread was automatically locked due to age.
Parents
  • Hi Chris and welcome to the UTM Community!

    What happens if you do #1 in Rulz?

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • I check logs for hours on end trying to see the traffic get stopped, but it's not. It's allowed. There are no routes in place at this point, I have re-installed UTM 3 times since last night, testing both the 32 and 64 bit installs. I was reminded today that in the past there were certain flags in the BIOS that needed changed, like turning off TPM and the virtualization capabilities of the processor. I have done and and reinstalled and still no luck. The traffic is allowed through the router but something is interfering with it that UTM isn't logging. 

    The traffic works if I use VPN software on the PC. Because it is already encrypted, the router simply forwards the packets. That it doesn't show up in the logs is a big part of the problem. I think I'm close to an answer, because I remember having this trouble when I first started using UTM home years ago. I thought changing the BIOS settings was going to solve it, but as yet I haven't changed the correct setting. 

    The only config in the UTM is the outbound Any Any Allow rule. 

  • It's the code. Tonight I installed 9.506 (this version from above) on older hardware (that had worked fine at my old house) and had the same problem. Then I found an older ISO and installed it, put in the same basic config (outbound allow rule and masquerade NAT) and boom, working. Granted I haven't tested everything yet, but the one thing that was blocked on my personal machine (that I knew of) is now working as expected. I will try this code version on the new hardware and see if it works as well, that will confirm my suspicion. 

    Then my questions are, whom to tell about this and how far to update? Thanks for listening. =)

Reply
  • It's the code. Tonight I installed 9.506 (this version from above) on older hardware (that had worked fine at my old house) and had the same problem. Then I found an older ISO and installed it, put in the same basic config (outbound allow rule and masquerade NAT) and boom, working. Granted I haven't tested everything yet, but the one thing that was blocked on my personal machine (that I knew of) is now working as expected. I will try this code version on the new hardware and see if it works as well, that will confirm my suspicion. 

    Then my questions are, whom to tell about this and how far to update? Thanks for listening. =)

Children
No Data