I rencently replaced my UTM device with Sophos UTM software installed on a desktop. Since then, I've noticed that two items I use on a regular basis are loosing their connections very frequently.
The first is Radmin which is a remote desktop software. I use this with both internal IP's (when I'm home and behind the UTM) and with public IP's (when I'm abroad).
Here is the odd part... The connection is lost only when I connect locally (not going through the UTM). The connections are not dropped when I access from outside of the LAN and go through the UTM. I know the problem IS somehow related to Sophos or the computer running it because when I unhook it from the switch, I do not have this problem. How can Sophos interfere with traffic that does not pass through it? For testing purposes, I turned off the DNAT rule in Sophos but that did not stop the problem.
The way I have it setup is a simple DNAT with auto firewall rule for one port that Radmin uses.
The second problem I encounter is when I use Putty to connect to a web proxy server for secured web browsing. It constantly loses connection.
Neither problem exists when I remove the Sophos box and replace it with my previous UTM device.
Currently, the only services I'm running on Sophos are the Firewall and IPS. I can't find anything in the logs.
Anyone have any ideas?
This thread was automatically locked due to age.
