Thread Info
  • State Suggested Answer
  • Locked Locked
  • Replies 19 replies
  • Answers 1 answer
  • Subscribers 30 subscribers
  • Views 34570 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

MTU and iRobot Roomba

Nonamegame

After some research, it seems the UTM version of Sophos has a fix for this as explained here https://community.sophos.com/products/unified-threat-management/f/general-discussion/93981/sophos-utm-9-and-irobot-roomba-980-port-8883/360479#360479

 

However, for the XG version, I am unable to SU to root and make changes as described above. Are there other instructions to make Roomba's communicate successfully with Sophos XG?



This thread was automatically locked due to age.
Parents
  • 0

    Hi,

    1/. you don't SU to root on XG, you use the console CLI.

    2/. the maximum MTU on the current version of XG is 1500. I believe there is patch for which you will need to search XG forum for. The patch needs to be applied every time there is an upgrade until a feature request is implemented. What is the use of having a device limited to 1500 in a network capable of using 9000?

  • 0 in reply to Ian Morehouse

    Thank you Ian. The only issue is the Roomba communication. From my research, this has been an issue with MTU settings. I assumed it would be the case for XG as well. I see the MTU in the GUI as 1500. 

    For now, Roomba can't communicate out to the Internet and we can't control it through its app. In UTM, changing the MTU made things work. 

  • 0 in reply to Nonamegame

    Hi.

    I have looked at the roomba site and not found anyway of controlling the devices via wifi.

    What mtu size are you looking for and if need be you could I think create a new SSID with a smaller MTU?

    Ian

  • 0 in reply to rfcat_vk

    I found this https://homesupport.irobot.com/app/answers/detail/a_id/9025/~/optimal-firewall-configurations.

    I am no expert but not sure how to set this up in Sophos. Anybody willing to assist with screenshots would be much appreciated. I am sure other Roomba owners will benefit as well. 

  • 0 in reply to Nonamegame

    Hi,

    the quickest and easiest way is as follows.

    1/. Assign you irobot a static IP address

    2/. create a new clientless group in authentication irobotgp

    3/. add the irobot to the clientless irobotgp and use a dummy email address eg ir@fred.me

    4/. create a new firewall rule above your general rules destination -> any network -> any  source -> LAN source network -> create a new identity using the irobot IP address -> any service

    5/. select match users -> select the irobotgp.

    6/. add at least the LAN to WAN IPS.

    7/. add MASQ and your outgoing interface.

    That should get you connected and as you learn more about the XG you can refine this rule.

    Ian

     

    There is nothing on that website about MTU size.

  • 0 in reply to rfcat_vk

    Ian. Thank you. I have completed these steps. I will have to wait for the robot to get the static IP. I will report back if this works. I really do appreciate your assistance. 

Reply Children
No Data