I'm a newbie to Sophos UTM and to networking in general, but I have 9.3 up and running on an i5 mini-ITX PC.
I have an Amazon Echo in the network. One thing I noticed immediately was about 100 K per day UDP drops in the firewall log for Port 123 (NTP?) for the Amazon Echo. I've searched the internet but cannot find any recommended exceptions. The UDP drops for the Amazon Echo have many different IP addresses, so I'm not sure what to specify in terms of a firewall rule. For now, I created a firewall rule that allows port 123 for just the Amazon Echo with any destination. I'm concerned that this rule is overly permissive and will cause troubles down the road.
I also noticed many UDP drops for port 58030 with two destinations: 23.23.78.19 and 23.23.78.25. I put in place a firewall rule allowing 58030 for those two destinations.
I also noticed dropped ICMP requests to the Sophos UTM Gateway as well as to Google DNS 8.8.8.8 and OpenDNS 208.67.220.220, (I have enabled DNS forwarders for OpenDNS and Google). I'm not sure what to do about this.
So, my questions are: What is the best way to configure exceptions for the Amazon Echo? Am I on the right track, or would you suggest some other set of exceptions for either the Firewall or in Web Protection?
Thank you
This thread was automatically locked due to age.
