Guest User!

You are not Sophos Staff.

Thread Info
  • State Verified Answer
  • Locked Locked
  • Replies 15 replies
  • Answers 1 answer
  • Subscribers 6 subscribers
  • Views 3410 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Problem with SMTP port 255 in Sophos UTM 9.602-3.1 Home

Javier Lasala

Good day to the whole community, first of all I want to tell you that I am very new to the topic and I am trying to implement the Sophos UTM 9.602 Home. I have everything installed and with some basic configurations and it works great, my problem is presented with the email accounts that I have configured in Microsoft Outlook (they are pop accounts) which use the SMTP port 255 and some of the firewall blocks it with which I can not send any mail. The strange thing is that the send / receive test that the outlook does when setting up the account does it well and does not give any error, but when I generate a new mail I can not get it to come out.
I have the SMTP Proxy deactivated, please if someone can help me, I am going to thank you very much since I have been working with this issue for a couple of days.

Thank you

Javier



This thread was automatically locked due to age.
Parents
  • 0

    Hi  

    Would you please check the Packetfilter.log(Firewall logs) when you're trying to send an Email out? Or you can go to Network Protection> Firewall > Rules | Open Live Log.

    Also, make sure that a Firewall rule is configured for your Internal Machine/Network to go out on the Internet to the SMTP server with service as Port255.

    Regards

    Jaydeep

  • 0 in reply to Jaydeep

    Hello Jaydeep, first of all thank you very much for your help. The "Firewall rule is configured for your Internal Machine/Network to go out on the Internet to the SMTP server with service as Port255" rule is created.
    The "Live Log: Firewall" when I try to send the mail is:

    14:50:57 Default DROP TCP
    192.168.5.199 : 51356

    192.168.195.1 : 445

    [SYN] len=52 ttl=127 tos=0x00 srcmac=60:a4:4c:b0:ae:ad dstmac=38:60:77:4e:1a:1a
    14:50:57 Default DROP TCP
    192.168.5.199 : 51357

    192.168.14.1 : 445

    [SYN] len=52 ttl=127 tos=0x00 srcmac=60:a4:4c:b0:ae:ad dstmac=38:60:77:4e:1a:1a
    14:50:57 Default DROP TCP
    192.168.5.199 : 51358

    192.168.56.1 : 445

    [SYN] len=52 ttl=127 tos=0x00 srcmac=60:a4:4c:b0:ae:ad dstmac=38:60:77:4e:1a:1a
    14:50:59 Default DROP TCP
    192.168.5.199 : 51363

    192.168.14.1 : 445

    [SYN] len=52 ttl=127 tos=0x00 srcmac=60:a4:4c:b0:ae:ad dstmac=38:60:77:4e:1a:1a
    14:50:59 Default DROP TCP
    192.168.5.199 : 51356

    192.168.195.1 : 445

    [SYN] len=52 ttl=127 tos=0x00 srcmac=60:a4:4c:b0:ae:ad dstmac=38:60:77:4e:1a:1a
    14:50:59 Default DROP TCP
    192.168.5.199 : 51357

    192.168.14.1 : 445

    [SYN] len=52 ttl=127 tos=0x00 srcmac=60:a4:4c:b0:ae:ad dstmac=38:60:77:4e:1a:1a
    14:50:59 Default DROP TCP
    192.168.5.199 : 51358

    192.168.56.1 : 445

    [SYN] len=52 ttl=127 tos=0x00 srcmac=60:a4:4c:b0:ae:ad dstmac=38:60:77:4e:1a:1a
    14:51:00 Default DROP TCP
    192.168.5.199 : 51367

    192.168.14.1 : 445

    [SYN] len=52 ttl=127 tos=0x00 srcmac=60:a4:4c:b0:ae:ad dstmac=38:60:77:4e:1a:1a
    14:51:01 Default DROP TCP
    192.168.5.199 : 51370

    192.168.195.1 : 445

    [SYN] len=52 ttl=127 tos=0x00 srcmac=60:a4:4c:b0:ae:ad dstmac=38:60:77:4e:1a:1a
    14:51:02 Default DROP TCP
    192.168.5.199 : 51371

    192.168.14.1 : 445

    [SYN] len=52 ttl=127 tos=0x00 srcmac=60:a4:4c:b0:ae:ad dstmac=38:60:77:4e:1a:1a
    14:51:02 Default DROP TCP
    192.168.5.199 : 51374

    192.168.195.1 : 445

    [SYN] len=52 ttl=127 tos=0x00 srcmac=60:a4:4c:b0:ae:ad dstmac=38:60:77:4e:1a:1a
    14:51:03 Default DROP TCP
    192.168.5.199 : 51375

    192.168.14.1 : 445

    [SYN] len=52 ttl=127 tos=0x00 srcmac=60:a4:4c:b0:ae:ad dstmac=38:60:77:4e:1a:1a
    14:51:06 Default DROP TCP
    192.168.5.199 : 51356

    192.168.195.1 : 445

    [SYN] len=52 ttl=127 tos=0x00 srcmac=60:a4:4c:b0:ae:ad dstmac=38:60:77:4e:1a:1a
    14:51:06 Default DROP TCP
    192.168.5.199 : 51357

    192.168.14.1 : 445

    [SYN] len=52 ttl=127 tos=0x00 srcmac=60:a4:4c:b0:ae:ad dstmac=38:60:77:4e:1a:1a
    14:51:06 Default DROP TCP
    192.168.5.199 : 51358

    192.168.56.1 : 445

    [SYN] len=52 ttl=127 tos=0x00 srcmac=60:a4:4c:b0:ae:ad dstmac=38:60:77:4e:1a:1a


    When I saw the log I opened port TCP445 and then the log was the following:

    14:56:59 Default DROP UDP
    192.168.5.199 : 57226

    172.217.30.131 : 443

    len=1378 ttl=127 tos=0x00 srcmac=60:a4:4c:b0:ae:ad dstmac=38:60:77:4e:1a:1a
    14:56:59 Default DROP UDP
    192.168.5.199 : 57226

    172.217.30.131 : 443

    len=1378 ttl=127 tos=0x00 srcmac=60:a4:4c:b0:ae:ad dstmac=38:60:77:4e:1a:1a
    14:57:00 Default DROP UDP
    192.168.5.199 : 57226

    172.217.30.131 : 443

    len=1378 ttl=127 tos=0x00 srcmac=60:a4:4c:b0:ae:ad dstmac=38:60:77:4e:1a:1a
    14:57:01 Default DROP UDP
    192.168.5.199 : 57226

    172.217.30.131 : 443

    len=1378 ttl=127 tos=0x00 srcmac=60:a4:4c:b0:ae:ad dstmac=38:60:77:4e:1a:1a
    14:57:03 Default DROP UDP
    192.168.5.199 : 57226

    172.217.30.131 : 443

    len=92 ttl=127 tos=0x00 srcmac=60:a4:4c:b0:ae:ad dstmac=38:60:77:4e:1a:1a
    14:57:08 Default DROP UDP
    192.168.5.199 : 49322

    172.217.162.3 : 443

    len=1378 ttl=127 tos=0x00 srcmac=60:a4:4c:b0:ae:ad dstmac=38:60:77:4e:1a:1a
    14:57:08 Default DROP UDP
    192.168.5.199 : 49322

    172.217.162.3 : 443

    len=1378 ttl=127 tos=0x00 srcmac=60:a4:4c:b0:ae:ad dstmac=38:60:77:4e:1a:1a
    14:57:09 Default DROP UDP
    192.168.5.199 : 52178

    216.58.202.35 : 443

    len=1378 ttl=127 tos=0x00 srcmac=60:a4:4c:b0:ae:ad dstmac=38:60:77:4e:1a:1a
    14:57:09 Default DROP UDP
    192.168.5.199 : 52178

    216.58.202.35 : 443

    len=1378 ttl=127 tos=0x00 srcmac=60:a4:4c:b0:ae:ad dstmac=38:60:77:4e:1a:1a
    14:57:10 Default DROP UDP
    192.168.5.199 : 49322

    172.217.162.3 : 443

    len=1378 ttl=127 tos=0x00 srcmac=60:a4:4c:b0:ae:ad dstmac=38:60:77:4e:1a:1a
    14:57:10 Default DROP UDP
    192.168.5.199 : 64437

    172.217.30.130 : 443

    len=110 ttl=127 tos=0x00 srcmac=60:a4:4c:b0:ae:ad dstmac=38:60:77:4e:1a:1a
    14:57:10 Default DROP UDP
    192.168.5.199 : 52178

    216.58.202.35 : 443

    len=1378 ttl=127 tos=0x00 srcmac=60:a4:4c:b0:ae:ad dstmac=38:60:77:4e:1a:1a
    14:57:11 Default DROP UDP
    192.168.5.199 : 49322

    172.217.162.3 : 443

    len=1378 ttl=127 tos=0x00 srcmac=60:a4:4c:b0:ae:ad dstmac=38:60:77:4e:1a:1a
    14:57:11 Default DROP UDP
    192.168.5.199 : 52178

    216.58.202.35 : 443

    len=1378 ttl=127 tos=0x00 srcmac=60:a4:4c:b0:ae:ad dstmac=38:60:77:4e:1a:1a
    14:57:13 Default DROP UDP
    192.168.5.199 : 49322

    172.217.162.3 : 443

    len=92 ttl=127 tos=0x00 srcmac=60:a4:4c:b0:ae:ad dstmac=38:60:77:4e:1a:1a
    14:57:13 Default DROP UDP
    192.168.5.199 : 52178

    216.58.202.35 : 443

    len=92 ttl=127 tos=0x00 srcmac=60:a4:4c:b0:ae:ad dstmac=38:60:77:4e:1a:1a
    14:57:47 Default DROP UDP
    192.168.5.199 : 62387

    172.217.30.138 : 443

    len=1378 ttl=127 tos=0x00 srcmac=60:a4:4c:b0:ae:ad dstmac=38:60:77:4e:1a:1a
    14:57:47 Default DROP UDP
    192.168.5.199 : 62387

    172.217.30.138 : 443

    len=1378 ttl=127 tos=0x00 srcmac=60:a4:4c:b0:ae:ad dstmac=38:60:77:4e:1a:1a
    14:57:48 Default DROP UDP
    192.168.5.199 : 62387

    172.217.30.138 : 443

    len=1378 ttl=127 tos=0x00 srcmac=60:a4:4c:b0:ae:ad dstmac=38:60:77:4e:1a:1a
    14:57:49 Default DROP UDP
    192.168.5.199 : 62387

    172.217.30.138 : 443

    len=1378 ttl=127 tos=0x00 srcmac=60:a4:4c:b0:ae:ad dstmac=38:60:77:4e:1a:1a
    14:57:51 Default DROP UDP
    192.168.5.199 : 62387

    172.217.30.138 : 443

    len=92 ttl=127 tos=0x00 srcmac=60:a4:4c:b0:ae:ad dstmac=38:60:77:4e:1a:1a

     

    with which I opened the port UDP443

    But the problem persists and now in the log nothing is reported.

    Again, thank you very much for your help.
    regards

  • 0 in reply to Javier Lasala

    Hi,

    I would question your port setup for outlook 2016? They are strange ports and not the standard outlook ports, are they provided by your ISP for a special mail setup?

    SMTP/s on outlook is port 25/465 ands POP3/s is 110/993.

    Please post a full log viewer error message when you try to send a mail message.

    Also default drop (firewall rule 0) is when the XG cannot find a valid rule to pass the traffic through.

    Ian

    XG115W - v19.5.1 mr-1 - Home

    If a post solves your question please use the 'Verify Answer' button.

Reply
  • 0 in reply to Javier Lasala

    Hi,

    I would question your port setup for outlook 2016? They are strange ports and not the standard outlook ports, are they provided by your ISP for a special mail setup?

    SMTP/s on outlook is port 25/465 ands POP3/s is 110/993.

    Please post a full log viewer error message when you try to send a mail message.

    Also default drop (firewall rule 0) is when the XG cannot find a valid rule to pass the traffic through.

    Ian

    XG115W - v19.5.1 mr-1 - Home

    If a post solves your question please use the 'Verify Answer' button.

Children
  • 0 in reply to rfcat_vk

    Hello, thank you very much for helping me.

    Verify and you are right, my ISP changed the configuration and now the port used is SMTP 465 SSL. I configured my email accounts with these values ​​but the problem persists, the Microsoft Outlook tries to send the message and after 2 minutes (which is the time I have configured) an error is reported informing that it could not connect to my ISP.

    Could you tell me how to do this that asks me to "Please post a full log viewer error message when you try to send a mail message." ? I'm very new to this and I do not know how to do it.

    I want to clarify that if I remove Sophos UTM and install a common router the outlook sends messages perfectly with this SMTP 465 SSL configuration.

    Thank you

Unfiltered HTML