This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Need help reading firewall logs to check specific traffic

Hi, I'm trying to pass through mobile 4G cell spot through my Sophos SG135 firewall. It's running 9.707-5 firmware.

I've created 4 host definitions for each cell spot with static IP by MAC address, let's call them #1 and #2 and #3 and #4. I Then created 2 firewall rules:

1st rule is Source=Any, Services=Any, Destinations= all 4 booster host entries, Action=Allow

2nd rule is Source= all 4 booster host entries, Services=Any, Destinations=Any, Action=Allow

Originally, I only added the specific UDP ports asked by the manual. After speaking to customer service of the provider, they said other ports might need to get through so I just changed it to Services=Any.

I'm getting strange results. Sometimes none connect, sometimes 1 of them connects. I've restarted the firewall and now 1 fully establishes the connection(all lights are green), 2 have Internet connection but won't reach provider network and 1 establish Internet connection at all. This is based on activity LEDs on the front of them.

Looking at live firewall log and it only shows me entries in red(default drop). I saw a few red entries of packets dropped for one cell spot on the port that was opened. After changing services=Any it went away. I don't see any green packets.

What am I doing wrong and where should I start looking?

Thank you.

This thread was automatically locked due to age.