I want to add a layer of security so I installed Sophos UTM Home on a standalone box with two Ethernet ports. I set it up in bridge mode and installed it between my existing router and switch.
My hardware router log is filling up like crazy with the following entries and the Sophos box is working its rear off dropping legitimate traffic and I don’t know what I’m doing wrong.
Log entries from the hardware router:
…
Jun 15 19:26:11 snort: [119:4:1] (http_inspect) BARE BYTE UNICODE ENCODING {TCP} 192.168.0.206:55123 -> 74.200.200.122:80
…
Entries from the Sophos live firewall log:
…
20:03:27 Default DROP TCP 192.168.0.199:80 →192.168.0.1:56912 [ACK FIN] len=52 ttl=64 tos=0x00 srcmac=0:10:5a:1b:16:8e
…
I’m getting several of both entries, per second, in each log. The CPU and memory usage on the Sophos box is maxing out.
I know I don’t have something set correctly because I previously set up Untangle on this box and it worked fine.
Can someone please help me?
This thread was automatically locked due to age.
