This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Need help reading firewall logs to check specific traffic

Hi, I'm trying to pass through mobile 4G cell spot through my Sophos SG135 firewall. It's running 9.707-5 firmware.

I've created 4 host definitions for each cell spot with static IP by MAC address, let's call them #1 and #2 and #3 and #4. I Then created 2 firewall rules:

1st rule is Source=Any, Services=Any, Destinations= all 4 booster host entries, Action=Allow

2nd rule is Source= all 4 booster host entries, Services=Any, Destinations=Any, Action=Allow

Originally, I only added the specific UDP ports asked by the manual. After speaking to customer service of the provider, they said other ports might need to get through so I just changed it to Services=Any.

I'm getting strange results. Sometimes none connect, sometimes 1 of them connects. I've restarted the firewall and now 1 fully establishes the connection(all lights are green), 2 have Internet connection but won't reach provider network and 1 establish Internet connection at all. This is based on activity LEDs on the front of them.

Looking at live firewall log and it only shows me entries in red(default drop). I saw a few red entries of packets dropped for one cell spot on the port that was opened. After changing services=Any it went away. I don't see any green packets.

What am I doing wrong and where should I start looking?

Thank you.



This thread was automatically locked due to age.
Parents
  • And I would suggest you update to the most recent UTM firmware version which is 9.716-2

    Mit freundlichem Gruß, best regards from Germany,

    Philipp Rusch

    New Vision GmbH, Germany
    Sophos Silver-Partner

    If a post solves your question please use the 'Verify Answer' button.

Reply
  • And I would suggest you update to the most recent UTM firmware version which is 9.716-2

    Mit freundlichem Gruß, best regards from Germany,

    Philipp Rusch

    New Vision GmbH, Germany
    Sophos Silver-Partner

    If a post solves your question please use the 'Verify Answer' button.

Children
No Data