This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Unknown port blocking in SFOS 18.0.4 MR-4

Hi there,

I have updated from SFOS 18.0.3 MR-3 to SFOS 18.0.4 MR-4 last week. Im running the XG Home version on a zotax zbox ci327 nano.

Since updating I cannot access two specific destination ports: TCP 4443 and UDP 443, which are required. Browser, client and telnet/portqry (udp) - no response.

I have added additional FW rules but still no luck. Nothing in the logs, the connections are not even listed. I have checked all available log systems in the log viewer.

I have checked the policy tester, which provides positive results and mentions the specifically added fw rules. I have used telnet for the TCP Port via advanced shell: this works.

Now I have reverted to SFOS 18.0.3 MR-3 and right after booting and bringing up all services both connections work like a charm, without any change on my side. 

I could not find any associated topics in the release note of SFOS 18.0.4 MR-4. I have searched the web and this community, but could not find anything regarding this topic or similar to it either.

Any suggestions?

thx & br

s1s3



This thread was automatically locked due to age.
  • You  should start with a tcpdump / Packet capture on XG to see, if those packets actually hit the firewall.

    If so, you need to start to see, if XG blocks those ports or not. 

    __________________________________________________________________________________________________________________

  • If everything is running when tcpdump is running this might be an issue with FastPath ... I think the default value for FastPath (firewall-accelaration) has changed in MR-4.

    To disable the firewall-acceleration, SSH into the XG firewall and from the main menu run the following command: 
    system firewall-acceleration disable

    Use system firewall-acceleration show to show the current status.

  • Hi s1s3at, I can not answer your question, but I see that your are running xg on the same device (CI327 nano) like I do, but I can't make the device boot after the ISO installation. I is installing from USB without any issue until the Beethoven is playing. If I then try to boot (i tried Legacy, UEFI...) it never finds the xg boot partition.

    Did you experience something similar and how did you fix it?

    Thx

    Matt