Sophos UTM: Decommissioning of obsolete URL categorization services CFFS.Click here for important info.

This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Firewall rule blocking QUIC (port 443) also blocks NTP (port 123)

I have a firewall rule to block the QUIC protocol. However when a device on my network attempts to synchronize it's clock using NTP, is is blocked by the firewall rule.

The firewall rule is ANY--->QUIC--->ANY----->Block (rule #6)

When my devices try to synchronize it's clock, is is blocked by the firewall rule which shows the destination port 123, which is obviously not QUIC

What is causing this? I had to create a firewall rule to allow NTP port 123 and place it above the "Block QUIC" rule, but still. Why would this be happening?

2022:10:23-12:55:32 xxxxxxxx ulogd[11415]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="6" initf="eth1" outitf="eth0" srcmac="d8:5e:d3:86:22:3f" dstmac="68:05:ca:58:20:d0" srcip="" dstip="" proto="17" length="76" tos="0x00" prec="0x00" ttl="127" srcport="123" dstport="123"

This thread was automatically locked due to age.
  • I found what the problem was. When I created the Service definition for the QUIC protocol ports, I accidently entered the port range of 80:443 instead of creating a group with seperate ports 80 and 443, which ended up blocking NTP on port 123.