This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Sophos UTM 9.3 and Samsung SmartTV

Hi.
These last few weeks have been very stressful, since I'm desperately trying to solve a very annoying issue with my Samsung SmartTV.
I have a Samsung UE55F7000 SmartTV, bought on Nov2013 and perfectly working and communicating to Internet with several type of routers, hotspot wifi smartphone, etc, but has a lot of problem using my Astaro/Sophos UTM rel.9.3 virtual firewall appliance.
In fact the SmartTV gives me back several errors concerning the Internet connection (connection to local networks via DCHP - and IP reservation - works immediately and correctly), so that I cannot use any sort on SmartTV service any more (like You Tube Samsung Apps, etc), or check/update TV firmware upgrades (I performed the last TV upgrade using a USB key).
On the Sophos I checked everything came in my mind, I applied exceptions on Web filtering, IPS, firewalling, etc; I also disabled all these UTM services, but STILL NO SOLUTION!!
The problem is the Sophos for sure, since I've tried to connect the TV to a Hotspot wifi using my smartphone and all the stuff works without any problem...
I have the possibility to connect the TV via cable or wireless but the problem persists in both ways.
Does anyone have any sort of idea?
Thanks

This thread was automatically locked due to age.

0 aza2001 over 10 years ago

Sounds like you don't have the required ports open or your TV needs a firmware update
Cancel
Vote Up 0 Vote Down

Cancel
0 AzRoN over 10 years ago in reply to aza2001

Post some Web Protection and Firewall logs showing your TV trying to do stuff. Should be fairly easy to spot the issue.

Have a 'Smart TV' here, it ain't that smart...
Cancel
Vote Up 0 Vote Down

Cancel
0 arecchilongo over 10 years ago in reply to aza2001

Sounds like you don't have the required ports open or your TV needs a firmware update

Actually I didn't know the SmartTV needed to have special ports opened. Why? Its firmware is the latest 1125.1 (and unfortunately Samsung doesn't allow to roll back the firmware release...!!).
[:O]
Cancel
Vote Up 0 Vote Down

Cancel
0 arecchilongo over 10 years ago in reply to AzRoN

Post some Web Protection and Firewall logs showing your TV trying to do stuff.  Should be fairly easy to spot the issue.

Have a 'Smart TV' here, it ain't that smart...

Here following the requested logs (SmartTV is 192.168.20.70 but I can't see it...!).

FIREWALL (about 2mins during trying to surf the web using SmartTV):
15:01:06 Default DROP Bittorrent   39.44.226.149 : 26500  ? 79.49.180.230 : 6881 len=75 ttl=249 tos=0x00
15:01:09 Default DROP Bittorrent   14.204.168.191 : 16979  ? 79.49.180.230 : 6881 len=333 ttl=247 tos=0x00
15:01:09 Default DROP TCP   192.168.20.251 : 57497  ? 192.168.20.254 : 41952 [SYN] len=60 ttl=64 tos=0x00 srcmac=00:08:9b[:D]7:bc:3e dstmac=00:0c:29:15:81:72
15:01:10 Default DROP UDP   176.58.96.231 : 31431  ? 79.49.180.230 : 46986  len=44 ttl=250 tos=0x08
15:01:10 Default DROP UDP   74.207.241.132 : 31431  ? 79.49.180.230 : 46986 len=44 ttl=247 tos=0x00
15:01:10 Default DROP UDP   106.185.46.202 : 31431  ? 79.49.180.230 : 46986 len=44 ttl=248 tos=0x00
15:01:25 Default DROP Bittorrent 46.118.49.149  : 65379  ? 79.49.180.230 : 6881 len=143 ttl=250 tos=0x08
15:01:25 Default DROP TCP   192.168.20.251 : 57497 ? 192.168.20.254 : 41952 [SYN] len=60 ttl=64 tos=0x00 srcmac=00:08:9b[:D]7:bc:3e dstmac=00:0c:29:15:81:72
15:01:26 Default DROP Bittorrent   185.21.217.5 : 58417  ? 79.49.180.230 : 6881 len=105 ttl=250 tos=0x08
15:01:37 Default DROP Bittorrent   208.54.5.190 : 44490  ? 79.49.180.230 : 6881 len=129 ttl=247 tos=0x00
15:01:42 Default DROP Bittorrent   112.198.79.209 : 31235  ? 79.49.180.230 : 6881 len=132 ttl=249 tos=0x00
15:01:47 Default DROP Bittorrent   14.204.168.191 : 16979  ? 79.49.180.230 : 6881 len=152 ttl=247 tos=0x00
15:01:49 Default DROP Bittorrent   115.236.24.211 : 48365  ? 79.49.180.230 : 6881 len=129 ttl=247 tos=0x00
15:01:49 Default DROP UDP   176.58.96.231 : 31431  ? 79.49.180.230 : 46986 len=44 ttl=250 tos=0x08
15:01:49 Default DROP UDP   74.207.241.132 : 31431  ? 79.49.180.230 : 46986 len=44 ttl=247 tos=0x00
15:01:50 Default DROP UDP   106.185.46.202 : 31431  ? 79.49.180.230 : 46986 len=44 ttl=248 tos=0x00
15:01:50 Default DROP UDP   219.234.3.134 : 31431  ? 79.49.180.230 : 46986 len=44 ttl=248 tos=0x00
15:01:53 Default DROP Bittorrent   154.45.216.171 : 1098  ? 79.49.180.230 : 6881 len=122 ttl=250 tos=0x08
15:01:58 Default DROP TCP   60.191.18.46 : 16001  ? 79.49.180.230 : 6881 [RST] len=40 ttl=246 tos=0x00
15:01:58 Default DROP TCP   115.236.24.210 : 16001  ? 79.49.180.230 : 6881 [RST] len=40 ttl=247 tos=0x00
15:01:58 Default DROP MS Outlook   157.56.194.24 : 443  ? 192.168.20.76 : 50274  [ACK FIN] len=40 ttl=64 tos=0x00 srcmac=00:0c:29:15:81:72
15:02:00 SSH connection attempt TCP   121.34.159.189 : 43724  ? 79.49.180.230 : 22 [SYN] len=60 ttl=248 tos=0x00
15:02:02 Default DROP TCP   94.39.78.85 : 51413  ? 79.49.180.230 : 57663 [RST] len=40 ttl=54 tos=0x00
15:02:03 SSH connection attempt TCP   121.34.159.189 : 43724  ? 79.49.180.230 : 22 [SYN] len=60 ttl=248 tos=0x00
15:02:05 Default DROP TCP   192.168.20.251 : 57854  ? 192.168.20.254 : 41952 [SYN] len=60 ttl=64 tos=0x00 srcmac=00:08:9b[:D]7:bc:3e dstmac=00:0c:29:15:81:72
15:02:05 Default DROP TCP   192.168.20.251 : 57854  ? 192.168.20.254 : 41952 [SYN] len=60 ttl=64 tos=0x00 srcmac=00:08:9b[:D]7:bc:3e dstmac=00:0c:29:15:81:72
15:02:06 Default DROP Bittorrent   84.29.109.127 : 50321  ? 79.49.180.230 : 6881 len=129 ttl=250 tos=0x00
15:02:08 Default DROP TCP   192.168.20.251 : 57854  ? 192.168.20.254 : 41952 [SYN] len=60 ttl=64 tos=0x00 srcmac=00:08:9b[:D]7:bc:3e dstmac=00:0c:29:15:81:72
15:02:11 Default DROP TCP   192.168.20.251 : 57854  ? 192.168.20.254 : 41952 [SYN] len=60 ttl=64 tos=0x00 srcmac=00:08:9b[:D]7:bc:3e dstmac=00:0c:29:15:81:72
15:02:11 Default DROP IGMP  192.168.100.1   ? 224.0.0.1     len=36 ttl=1 tos=0x00
15:02:19 Default DROP TCP   192.168.20.251 : 57854  ? 192.168.20.254 : 41952 [SYN] len=60 ttl=64 tos=0x00 srcmac=00:08:9b[:D]7:bc:3e dstmac=00:0c:29:15:81:72
15:02:25 Default DROP Bittorrent   197.211.53.3 : 57501  ? 79.49.180.230 : 6881 len=129 ttl=250 tos=0x00
15:02:26 Default DROP Bittorrent   78.132.150.145 : 64080  ? 79.49.180.230 : 6881  len=131 ttl=249 tos=0x00
15:02:35 Default DROP Bittorrent   5.107.24.27 : 42091  ? 79.49.180.230 : 6881 len=134 ttl=249 tos=0x00
15:02:35 Default DROP TCP   192.168.20.251 : 57854  ? 192.168.20.254 : 41952 [SYN] len=60 ttl=64 tos=0x00 srcmac=00:08:9b[:D]7:bc:3f dstmac=00:0c:29:15:81:72
15:02:38 Default DROP TCP   94.39.78.85 : 51413  ? 79.49.180.230 : 35241   [RST] len=40 ttl=54 tos=0x00
15:02:41 Default DROP TCP   87.15.63.108 : 33433  ? 79.49.180.230 : 60348 [RST] len=40 ttl=55 tos=0x00
15:02:43 Default DROP Bittorrent   5.251.201.165 : 6882  ? 79.49.180.230 : 6881 len=129 ttl=249 tos=0x00
15:02:44 Default DROP Bittorrent   154.45.216.164 : 1028  ? 79.49.180.230 : 6881 len=122 ttl=250 tos=0x08
15:02:50 Default DROP UDP   192.168.20.251 : 44575  ? 192.168.20.254 : 5351 len=30 ttl=64 tos=0x00 srcmac=00:08:9b[:D]7:bc:3e dstmac=00:0c:29:15:81:72
15:02:50 Default DROP UDP   192.168.20.251 : 44575  ? 192.168.20.254 : 5351 len=30 ttl=64 tos=0x00 srcmac=00:08:9b[:D]7:bc:3e dstmac=00:0c:29:15:81:72
15:02:50 Default DROP UDP   192.168.20.251 : 44575  ? 192.168.20.254 : 5351 len=30 ttl=64 tos=0x00 srcmac=00:08:9b[:D]7:bc:3e dstmac=00:0c:29:15:81:72
15:02:51 Default DROP IGMP   192.168.20.1      ? 224.0.0.1     len=36 ttl=1 tos=0x00 srcmac=a4:b1:e9:87:35:7e dstmac=00:0c:29:15:81:72
15:02:51 Default DROP IGMP   192.168.20.1      ? 224.0.0.1     len=36 ttl=1 tos=0x00 srcmac=a4:b1:e9:87:35:7e dstmac=00:0c:29:15:81:7c
15:02:53 Default DROP Bittorrent   110.10.137.247 : 1029  ? 79.49.180.230 : 6881 len=131 ttl=247 tos=0x00
15:03:02 Default DROP Bittorrent   94.20.224.90 : 10954  ? 79.49.180.230 : 6881 len=129 ttl=249 tos=0x00

WEB FILTERING (few lines - but I don't think this is the problem, since if I perform a Web filtering test using the Sophos internal utility and the SmartTV IP address, it's successful):

2015:08:20-14:49:19 sophos httpproxy[30751]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="CONNECT" srcip="192.168.20.65" dstip="204.79.197.200" user="" ad_domain="" statuscode="200" cached="0" profile="REF_DefaultHTTPProfile (Default Web Filter Profile)" filteraction="REF_DefaultHTTPCFFAction (HAL content filter action)" size="10093" request="0x128e8800" url="https://www.bing.com/" referer="" error="" authtime="0" dnstime="57531" cattime="682" avscantime="0" fullreqtime="62287352" device="0" auth="0" ua="" exceptions="" category="145" reputation="trusted" categoryname="Search Engines" application="bing" app-id="59"
2015:08:20-14:49:19 sophos httpproxy[30751]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="CONNECT" srcip="192.168.20.65" dstip="204.79.197.200" user="" ad_domain="" statuscode="200" cached="0" profile="REF_DefaultHTTPProfile (Default Web Filter Profile)" filteraction="REF_DefaultHTTPCFFAction (HAL content filter action)" size="6398" request="0x128e8000" url="https://www.bing.com/" referer="" error="" authtime="0" dnstime="55884" cattime="913" avscantime="0" fullreqtime="62285494" device="0" auth="0" ua="" exceptions="" category="145" reputation="trusted" categoryname="Search Engines" application="bing" app-id="59"
2015:08:20-14:49:19 sophos httpproxy[30751]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="CONNECT" srcip="192.168.20.65" dstip="204.79.197.200" user="" ad_domain="" statuscode="200" cached="0" profile="REF_DefaultHTTPProfile (Default Web Filter Profile)" filteraction="REF_DefaultHTTPCFFAction (HAL content filter action)" size="6398" request="0x12595000" url="https://www.bing.com/" referer="" error="" authtime="0" dnstime="55786" cattime="1188" avscantime="0" fullreqtime="62285750" device="0" auth="0" ua="" exceptions="" category="145" reputation="trusted" categoryname="Search Engines" application="bing" app-id="59"
2015:08:20-14:49:19 sophos httpproxy[30751]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="CONNECT" srcip="192.168.20.65" dstip="104.47.153.35" user="" ad_domain="" statuscode="200" cached="0" profile="REF_DefaultHTTPProfile (Default Web Filter Profile)" filteraction="REF_DefaultHTTPCFFAction (HAL content filter action)" size="9417" request="0x12094000" url="https://otf.msn.com/" referer="" error="" authtime="0" dnstime="12" cattime="873421" avscantime="0" fullreqtime="67650933" device="0" auth="0" ua="" exceptions="" category="141" reputation="neutral" categoryname="Portal Sites" application="msn" app-id="311"
2015:08:20-14:49:21 sophos httpproxy[30751]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="GET" srcip="192.168.20.251" dstip="198.41.185.159" user="" ad_domain="" statuscode="200" cached="8" profile="REF_DefaultHTTPProfile (Default Web Filter Profile)" filteraction="REF_DefaultHTTPCFFAction (HAL content filter action)" size="10748" request="0x8825000" url="http://image.tmdb.org/t/p/w154/aWyQm6ujF6XSYFH4N9bnM5NXmH9.jpg" referer="" error="" authtime="0" dnstime="2022" cattime="15846" avscantime="0" fullreqtime="2051020" device="0" auth="0" ua="Mozilla/5.0 (Macintosh; Intel Mac OS X 10_9_2) AppleWebKit/537.74.9 (KHTML, like Gecko) Version/7.0.2 Safari/537.74.9" exceptions="" category="112" reputation="neutral" categoryname="Entertainment" content-type="image/jpeg"
2015:08:20-14:49:21 sophos httpproxy[30751]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="GET" srcip="192.168.20.251" dstip="198.41.185.159" user="" ad_domain="" statuscode="200" cached="8" profile="REF_DefaultHTTPProfile (Default Web Filter Profile)" filteraction="REF_DefaultHTTPCFFAction (HAL content filter action)" size="7152" request="0x12094800" url="http://image.tmdb.org/t/p/w154/1Tw2Xopj2NTl1QzCcToqXYfMZro.jpg" referer="" error="" authtime="0" dnstime="1105" cattime="13497" avscantime="0" fullreqtime="2093325" device="0" auth="0" ua="Mozilla/5.0 (Macintosh; Intel Mac OS X 10_9_2) AppleWebKit/537.74.9 (KHTML, like Gecko) Version/7.0.2 Safari/537.74.9" exceptions="" category="112" reputation="neutral" categoryname="Entertainment" content-type="image/jpeg"
2015:08:20-14:49:22 sophos httpproxy[30751]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="CONNECT" srcip="192.168.20.65" dstip="185.3.45.219" user="" ad_domain="" statuscode="200" cached="0" profile="REF_DefaultHTTPProfile (Default Web Filter Profile)" filteraction="REF_DefaultHTTPCFFAction (HAL content filter action)" size="1436" request="0x1206d800" url="https://irb05.asuswebstorage.com/" referer="" error="" authtime="0" dnstime="8" cattime="266" avscantime="0" fullreqtime="3972786" device="0" auth="0" ua="" exceptions="" category="170" reputation="trusted" categoryname="Personal Network Storage"
2015:08:20-14:49:23 sophos httpproxy[30751]: id="0002" severity="info" sys="SecureWeb" sub="http" name="web request blocked" action="block" method="POST" srcip="192.168.20.65" dstip="168.63.76.220" user="" ad_domain="" statuscode="504" cached="0" profile="REF_DefaultHTTPProfile (Default Web Filter Profile)" filteraction="REF_DefaultHTTPCFFAction (HAL content filter action)" size="2748" request="0x1224a800" url="http://report.onetrueerror.com/report/f2f6310b-1714-4112-bd6d-ec9df98ade37/?sig=dbjBEncxldyJpYrhSekM/33lEZqXWHSq450r9/92xhs=&v=1.0" referer="" error="Timeout while reading response from Server" authtime="0" dnstime="0" cattime="303" avscantime="0" fullreqtime="62715540" device="0" auth="0" ua="" exceptions="" reputation="neutral" category="181" reputation="neutral" categoryname="Marketing/Merchandising"
2015:08:20-14:49:24 sophos httpproxy[30751]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="GET" srcip="192.168.20.251" dstip="198.41.185.159" user="" ad_domain="" statuscode="200" cached="8" profile="REF_DefaultHTTPProfile (Default Web Filter Profile)" filteraction="REF_DefaultHTTPCFFAction (HAL content filter action)" size="441493" request="0x1202e800" url="http://image.tmdb.org/t/p/original/pRcgYKQkx4W0h8wdPlV4o12KiuK.jpg" referer="" error="" authtime="0" dnstime="2827" cattime="4958" avscantime="0" fullreqtime="10593898" device="0" auth="0" ua="Mozilla/5.0 (Macintosh; Intel Mac OS X 10_9_2) AppleWebKit/537.74.9 (KHTML, like Gecko) Version/7.0.2 Safari/537.74.9" exceptions="" category="112" reputation="neutral" categoryname="Entertainment" content-type="image/jpeg"
2015:08:20-14:49:26 sophos httpproxy[30751]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="GET" srcip="192.168.20.251" dstip="198.41.185.159" user="" ad_domain="" statuscode="200" cached="8" profile="REF_DefaultHTTPProfile (Default Web Filter Profile)" filteraction="REF_DefaultHTTPCFFAction (HAL content filter action)" size="12658" request="0x12096800" url="http://image.tmdb.org/t/p/w154/laJur5G1kiXViopG5iLSSbNkJNf.jpg" referer="" error="" authtime="0" dnstime="442" cattime="27164" avscantime="0" fullreqtime="6424944" device="0" auth="0" ua="Mozilla/5.0 (Macintosh; Intel Mac OS X 10_9_2) AppleWebKit/537.74.9 (KHTML, like Gecko) Version/7.0.2 Safari/537.74.9" exceptions="" category="112" reputation="neutral" categoryname="Entertainment" content-type="image/jpeg"
2015:08:20-14:49:28 sophos httpproxy[30751]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="GET" srcip="192.168.20.251" dstip="198.41.185.159" user="" ad_domain="" statuscode="200" cached="8" profile="REF_DefaultHTTPProfile (Default Web Filter Profile)" filteraction="REF_DefaultHTTPCFFAction (HAL content filter action)" size="17567" request="0x8826000" url="http://image.tmdb.org/t/p/w154/k5CvvoEgYRcaf18pYTPxtHkWgM0.jpg" referer="" error="" authtime="0" dnstime="711" cattime="452" avscantime="0" fullreqtime="7024326" device="0" auth="0" ua="Mozilla/5.0 (Macintosh; Intel Mac OS X 10_9_2) AppleWebKit/537.74.9 (KHTML, like Gecko) Version/7.0.2 Safari/537.74.9" exceptions="" category="112" reputation="neutral" categoryname="Entertainment" content-type="image/jpeg"
2015:08:20-14:49:29 sophos httpproxy[30751]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="POST" srcip="192.168.20.65" dstip="168.63.76.220" user="" ad_domain="" statuscode="200" cached="0" profile="REF_DefaultHTTPProfile (Default Web Filter Profile)" filteraction="REF_DefaultHTTPCFFAction (HAL content filter action)" size="0" request="0x121c9000" url="http://report.onetrueerror.com/report/f2f6310b-1714-4112-bd6d-ec9df98ade37/?sig=dbjBEncxldyJpYrhSekM/33lEZqXWHSq450r9/92xhs=&v=1.0" referer="" error="" authtime="0" dnstime="3485" cattime="494" avscantime="0" fullreqtime="2390523" device="0" auth="0" ua="" exceptions="" reputation="neutral" category="181" reputation="neutral" categoryname="Marketing/Merchandising"
2015:08:20-14:49:30 sophos httpproxy[30751]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="GET" srcip="192.168.20.251" dstip="198.41.185.159" user="" ad_domain="" statuscode="200" cached="8" profile="REF_DefaultHTTPProfile (Default Web Filter Profile)" filteraction="REF_DefaultHTTPCFFAction (HAL content filter action)" size="13133" request="0x1209d800" url="http://image.tmdb.org/t/p/w154/xijDYtmtNcr34t7G2xi6yVtoDOk.jpg" referer="" error="" authtime="0" dnstime="721" cattime="850" avscantime="0" fullreqtime="7908143" device="0" auth="0" ua="Mozilla/5.0 (Macintosh; Intel Mac OS X 10_9_2) AppleWebKit/537.74.9 (KHTML, like Gecko) Version/7.0.2 Safari/537.74.9" exceptions="" category="112" reputation="neutral" categoryname="Entertainment" content-type="image/jpeg"

Thanks
Cancel
Vote Up 0 Vote Down

Cancel
0 BAlfson over 10 years ago

Hi, arecchilongo, and welcome to the User BB!

Please edit your post to remove the links to the big files and then add one or two relevant lines from each log file.

Cheers - Bob
Cancel
Vote Up 0 Vote Down

Cancel