Thread Info
  • State Suggested Answer
  • Locked Locked
  • Replies 3 replies
  • Answers 1 answer
  • Subscribers 26 subscribers
  • Views 2414 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Strato Highdriveeinstellungen für Firewall

ChristianBy

 

Hallo liebe Community,

ich nutze STRATO als Webspaceanbieter. Dafür habe ich das Programm (HiDrive für den Desktop) von der Stratohomepage heruntergeladen und installiert (Version 5.0.1.0). Mein lokaler Ordner wird auch einwandfrei Synchronisiert, solange mein Rechner direkt am Router angeschlossen ist. Wenn ich meinen Rechner aber hinter die Firewall bringe, dann kann das Strato Sync Programm keine Verbindung zum Server herstellen. Im Log hatte ich folgende Aussage:

11:31:25 Standard-VERWERFEN TCP  

85.214.3.77 : 443 → 10.168.70.20 : 60901   [RST] len=40 ttl=64 tos=0x00 srcmac=00:e0:4c:69:35:a4

Laut Whois ist die IP 85.214.3.77 von Strato. An welcher Stelle der UTM Muss ich ansetzen um es dem Tool zu ermöglichen meine Ordner zu Synchonisieren?

Die Dienst sind:

Strato: 443

Strato FTP: 21

Strato SFTP: 22

Macht diese Regel Sinn oder muss ich die Regel andersherum aufnehmen?



This thread was automatically locked due to age.
Parents
  • 0

    Hallo Christian,

    (Sorry, my German-speaking brain isn't creating thoughts at the moment. [:(])

    That picture is too small to see what you have configured.

    Alone among the logs, the Firewall Live Log presents abbreviated information in a format easier to read quickly.  Usually, you can't troubleshoot without looking at the corresponding line from the full Firewall log file.  Please post the line corresponding to the one above.

    My guess is that you have Web Filtering in Transparent Mode with Decrypt and Scan selected for HTTPS traffic.  The RST packet from the Strato server is possibly an indication that their server doesn't like dealing with a Proxy.  If my guess seems on target, you can first try an Exception for 'Antivirus' and 'SSL Scanning'.  If that doesn't work, then you will need to skip the Proxy (Skiplist on the 'Misc' tab of 'Filtering Options').

    MfG - Bob (Bitte auf Deutsch weiterhin.)

Reply
  • 0

    Hallo Christian,

    (Sorry, my German-speaking brain isn't creating thoughts at the moment. [:(])

    That picture is too small to see what you have configured.

    Alone among the logs, the Firewall Live Log presents abbreviated information in a format easier to read quickly.  Usually, you can't troubleshoot without looking at the corresponding line from the full Firewall log file.  Please post the line corresponding to the one above.

    My guess is that you have Web Filtering in Transparent Mode with Decrypt and Scan selected for HTTPS traffic.  The RST packet from the Strato server is possibly an indication that their server doesn't like dealing with a Proxy.  If my guess seems on target, you can first try an Exception for 'Antivirus' and 'SSL Scanning'.  If that doesn't work, then you will need to skip the Proxy (Skiplist on the 'Misc' tab of 'Filtering Options').

    MfG - Bob (Bitte auf Deutsch weiterhin.)

Children
  • 0 in reply to BAlfson

    Danke für die Antwort folgende Informationen habe ich aus dem Log:

    2018:12:29-13:55:59 sophosutm ulogd[4872]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60003" outitf="eth0" srcmac="00:e0:4c:69:35:a4" srcip="85.214.3.77" dstip="10.168.70.20" proto="6" length="40" tos="0x00" prec="0x00" ttl="64" srcport="443" dstport="50391" tcpflags="RST"

     

    Hier nochmals meine bisherigen erfolglosen Versuche:

     

     

     

     

     

  • 0 in reply to ChristianBy

    All the drop of the RST packet tells us is that the UTM's connection tracker thinks the connection has been terminated, so the answer is elsewhere.

    Please show a picture of the Edit of the "Strato" definition with 'Erweitert' open. 

    Open the Web Filtering Live Log and see if the Strato traffic appears there - it should not.

    MfG - Bob (Bitte auf Deutsch weiterhin.)