How to figure out what is blocking specific traffic.

Question

I am a new user to Sophos XG but have experience with other routing equipment, primarily SonicWall. I apologize if this is lengthy, I just want to get all the information out. I am attempting to figure out why specific traffic is getting blocked but the logs are proving to be useless. 
 I have a device on my network which is a HDHomerun Prime Tuner. Their software attempts to connect to it via my.hdhomerun.com from a PC on the local LAN. Using any other router, including Sophos UTM 9, I am able to see the device via this process, when using the XG it states that no device was detected. I can connect directly to the device using its IP but for their licensing practice it has to see it via the my.hdhomerun.com detection method. 
 I currently have IPS and Malware scanning disabled on the default lan to wan rule for testing this issue. 
 The logging shows nothing dropped, etc for the device IP. I attempted to do a packet capture but found no traffic going to that device IP. 
 Any suggestions on what to attempt next to get more info as to why something is getting blocked in this process? 
 Thanks in advance for any help!

sachingurung · Accepted Answer

Hi Nick, 
 Can this be tested through a different ISP connection ? Also, what happens when you configure a Plain FW-rule on TOP? A plain fw-rule is when all the filters are set to 'NONE'. 
 Thanks

sachingurung · Answer

Hi Nick, 
 Is XG able to resolve my.hdhomerun.com ? Check that in Network> DNS> Test Name Lookup. I took a look at the pcap attached and discover that the Server is sending spurious ACK. What happens when you disable sequence check and selective acknowledgement on XG? 
 Show me a picture of the output by executing the command, 
 show advanced-firewall 
 Try this in the console, 
 set advanced-firewall tcp-selective-acknowledgement off 
 If that doesn't help turned in ON. 
 Thanks