Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 1 reply
  • Subscribers 3 subscribers
  • Views 2015 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

New to Sophos UTM Home - Got some questions

Joel Taylor

Just installed the UTM 9.509-3 on a home box with more than sufficient resources.  It is working very well at performing the filtering and IPS that I was hoping for and more than meets my needs.  I am a bit disappointed that I have had to static 1/2 of my network to exclude certain devices from https scanning for streaming services.  UTM has ETH0 going into a cloud managed switch, ETH1 goes direct into my DSL modem.  DSL modem has firewalls, etc turned off.  I have 4 total managed switches (3 cloud managed, 1 local) all running a single VLAN.  I also have 3 cloud managed APs plugged into various switches.

 

1. Wireless devices connect to the APs fine and have internet access however, the wireless statuses all show as "limited" or "Internet May Not Be Available".  They do have actual connectivity but report back oddly and some apps do not appear to be working correctly.  For instance...Skype works on my laptop fine when I am docked but won't work at all when I'm on the wireless.

 

2. Netflix - I have done all the changes in Rulz and Netflix works well on most devices but seems to have some lag and infrequent drops (2 an hour) when streaming HDR or 4k.  I can restart it immediately and it works fine again but still pretty inconvenient.

The only error that I see is in the firewall log:

14:32:09 Default DROP TCP  
192.168.5.203 : 37728
169.254.9.21 : 63444
 
[SYN] len=60 ttl=63 tos=0x00 srcmac=e4:3e:d7:aa:24:67 dstmac=c8:9c:dc:27:10:42

the last 2 octets change but the destination ports are always 63444 or 49152.  The destination MAC is the ETH0 gateway interface.

Got any ideas?



This thread was automatically locked due to age.
  • 0

    Hi Joel and welcome to the UTM Community!

    1. Do you see anything in the logs related to this - Intrusion Prevention, Firewall or Web Filtering?

    Is the line from the Firewall Live Log related to this?  Alone among the logs, the Firewall Live Log presents abbreviated information in a format easier to read quickly.  Usually, you can't troubleshoot without looking at the corresponding line from the full Firewall log file.  Please post one line corresponding to the one above.

    This could be a hardware issue.  Does #7 in Rulz help?

    2. One of the unwritten rules here is "one topic per thread" - that's to make it easier for future members to find an answer to a question that's already been answered without starting a new thread.  Using an appropriate title, please ask your second question in the Web Filtering or other appropriate forum.  If one of the mods sees that there's a better forum, we can move the thread for you.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Unfiltered HTML