Hi Community,
We have a rule "LAN -> LAN" which allows all LAN to LAN traffic and has no web/app/ips features enabled. When browsing on port 80 from a server on subnet A (VLAN 20) to a server on subnet B (VLAN 10), the connection freezes.
I see the TCP connection get established, numerous HTTP GET requests and responses on that TCP connection, then server A sends another HTTP GET request (on the same TCP connection) and the Sophos just never forwards it. Server A retransmits the packet and the Sophos still doesn't forward it. "drop-packet-capture" doesn't log it as a dropped packet.
The connection is only open for a few seconds before this happens so I don't think it's timing out or anything
If I do set advanced-firewall bypass-stateful-firewall-config with the IP addresses of server A and server B it works perfectly.
Sophos is 18MR1, and I'm pretty sure that this issue didn't happen on 18MR1
I haven't yet inspected the conntrack data while connections are stuck
Has anyone else seen this before?
I haven't logged a ticket yet, still gathering info.
James
This thread was automatically locked due to age.
