This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

All outbound traffic from LAN blocked

Hello,

I'm using Sophos UTM Home Edition v9.3. I've installed this on a PC with two network cards. The WAN interface is connected directly to a fiber modem. The LAN interface is connected to a switch along with my PC etc.

The problem I have is that I cannot reach internet. Both interfaces are up, the WAN-interface has an IP from my ISP. I've created a firewall rule allowing the Local Network to reach Internet on any protocol. See images.

Firewall rule: PS: Even though the image below says WAN I've tried to put in Internet IPv4 & Internet IPv6 but it makes no difference
http://3.ii.gl/B6JlIUe6W.jpg

Interfaces:
http://3.ii.gl/jN8riLN81.jpg

I've not created a DHCP server. The PC I'm testing from has a static IP of 192.168.55.3 and I use either Googles public DNS or OpenDNS. I've set 192.168.55.1 as gateway since that is the LAN-IP of my Sophos.

I did NOT use the wizard. What am I missing here?

This thread was automatically locked due to age.

Parents

0 FrankBarmentlo over 10 years ago

SvenDavid,
can you provide a part of the firewall full(not live) log, that shows traffic being dropped?
Kind regards,
Frank
Cancel
Vote Up 0 Vote Down

Cancel
0 svendavid over 10 years ago in reply to FrankBarmentlo

SvenDavid,
can you provide a part of the firewall full(not live) log, that shows traffic being dropped?
Kind regards,
Frank

Hi Frank, I'm not totally sure if I provide what you ask for, but I went to log files and found the archived log from yesterday. Here's a part of it:

2015:01:07-21:19:34 host ulogd[4609]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60001" initf="eth0" srcmac="80:e6:50:22:94:96" dstmac="68:05:ca:2b:32:78" srcip="0.0.0.0" dstip="255.255.255.255" proto="17" length="328" tos="0x00" prec="0x00" ttl="255" srcport="68" dstport="67"

2015:01:07-21:19:36 host ulogd[4609]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60001" initf="eth0" srcmac="00:1a:4d:5f:76:00" dstmac="68:05:ca:2b:32:78" srcip="192.168.55.3" dstip="192.168.55.255" proto="17" length="78" tos="0x00" prec="0x00" ttl="128" srcport="137" dstport="137"

2015:01:07-21:28:04 router ulogd[4546]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60001" initf="eth0" srcmac="00:1a:4d:5f:76:00" dstmac="68:05:ca:2b:32:78" srcip="192.168.55.3" dstip="192.168.55.100" proto="6" length="48" tos="0x00" prec="0x00" ttl="128" srcport="55606" dstport="4444" tcpflags="SYN"

2015:01:07-21:28:04 router ulogd[4546]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60001" initf="eth0" srcmac="00:1a:4d:5f:76:00" dstmac="68:05:ca:2b:32:78" srcip="192.168.55.3" dstip="192.168.55.100" proto="6" length="48" tos="0x00" prec="0x00" ttl="128" srcport="55612" dstport="4444" tcpflags="SYN"

2015:01:07-21:28:07 router ulogd[4546]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60001" initf="eth0" srcmac="00:1a:4d:5f:76:00" dstmac="68:05:ca:2b:32:78" srcip="192.168.55.3" dstip="255.255.255.255" proto="17" length="152" tos="0x00" prec="0x00" ttl="128" srcport="17500" dstport="17500"

2015:01:07-21:28:07 router ulogd[4546]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60001" initf="eth0" srcmac="00:1a:4d:5f:76:00" dstmac="68:05:ca:2b:32:78" srcip="192.168.55.3" dstip="192.168.55.255" proto="17" length="152" tos="0x00" prec="0x00" ttl="128" srcport="17500" dstport="17500"

2015:01:07-21:28:07 router ulogd[4546]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60001" initf="eth0" srcmac="00:1a:4d:5f:76:00" dstmac="68:05:ca:2b:32:78" srcip="192.168.55.3" dstip="192.168.55.100" proto="1" length="60" tos="0x00" prec="0x00" ttl="128" type="8" code="0"

2015:01:07-21:28:07 router ulogd[4546]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60001" initf="eth0" srcmac="80[:D]2:1d:17:b6:b4" dstmac="68:05:ca:2b:32:78" srcip="0.0.0.0" dstip="255.255.255.255" proto="17" length="351" tos="0x00" prec="0x00" ttl="64" srcport="68" dstport="67"

2015:01:07-21:28:07 router ulogd[4546]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60001" initf="eth0" srcmac="00:1a:4d:5f:76:00" dstmac="68:05:ca:2b:32:78" srcip="192.168.55.3" dstip="192.168.55.255" proto="17" length="78" tos="0x00" prec="0x00" ttl="128" srcport="137" dstport="137"

2015:01:07-21:28:09 router ulogd[4546]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60001" initf="eth0" srcmac="00:1a:4d:5f:76:00" dstmac="68:05:ca:2b:32:78" srcip="192.168.55.3" dstip="192.168.55.255" proto="17" length="78" tos="0x00" prec="0x00" ttl="128" srcport="137" dstport="137"

2015:01:07-21:28:09 router ulogd[4546]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60001" initf="eth0" srcmac="00:1a:4d:5f:76:00" dstmac="68:05:ca:2b:32:78" srcip="192.168.55.3" dstip="192.168.55.255" proto="17" length="78" tos="0x00" prec="0x00" ttl="128" srcport="137" dstport="137"

2015:01:07-21:28:11 router ulogd[4546]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60001" initf="eth0" srcmac="00:1a:4d:5f:76:00" dstmac="68:05:ca:2b:32:78" srcip="192.168.55.3" dstip="192.168.55.255" proto="17" length="78" tos="0x00" prec="0x00" ttl="128" srcport="137" dstport="137"

2015:01:07-21:28:11 router ulogd[4546]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60001" initf="eth0" srcmac="80[:D]2:1d:17:b6:b4" dstmac="68:05:ca:2b:32:78" srcip="0.0.0.0" dstip="255.255.255.255" proto="17" length="351" tos="0x00" prec="0x00" ttl="64" srcport="68" dstport="67"
Cancel
Vote Up 0 Vote Down

Cancel

Reply

0 svendavid over 10 years ago in reply to FrankBarmentlo

SvenDavid,
can you provide a part of the firewall full(not live) log, that shows traffic being dropped?
Kind regards,
Frank

Hi Frank, I'm not totally sure if I provide what you ask for, but I went to log files and found the archived log from yesterday. Here's a part of it:

2015:01:07-21:19:34 host ulogd[4609]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60001" initf="eth0" srcmac="80:e6:50:22:94:96" dstmac="68:05:ca:2b:32:78" srcip="0.0.0.0" dstip="255.255.255.255" proto="17" length="328" tos="0x00" prec="0x00" ttl="255" srcport="68" dstport="67"

2015:01:07-21:19:36 host ulogd[4609]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60001" initf="eth0" srcmac="00:1a:4d:5f:76:00" dstmac="68:05:ca:2b:32:78" srcip="192.168.55.3" dstip="192.168.55.255" proto="17" length="78" tos="0x00" prec="0x00" ttl="128" srcport="137" dstport="137"

2015:01:07-21:28:04 router ulogd[4546]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60001" initf="eth0" srcmac="00:1a:4d:5f:76:00" dstmac="68:05:ca:2b:32:78" srcip="192.168.55.3" dstip="192.168.55.100" proto="6" length="48" tos="0x00" prec="0x00" ttl="128" srcport="55606" dstport="4444" tcpflags="SYN"

2015:01:07-21:28:04 router ulogd[4546]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60001" initf="eth0" srcmac="00:1a:4d:5f:76:00" dstmac="68:05:ca:2b:32:78" srcip="192.168.55.3" dstip="192.168.55.100" proto="6" length="48" tos="0x00" prec="0x00" ttl="128" srcport="55612" dstport="4444" tcpflags="SYN"

2015:01:07-21:28:07 router ulogd[4546]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60001" initf="eth0" srcmac="00:1a:4d:5f:76:00" dstmac="68:05:ca:2b:32:78" srcip="192.168.55.3" dstip="255.255.255.255" proto="17" length="152" tos="0x00" prec="0x00" ttl="128" srcport="17500" dstport="17500"

2015:01:07-21:28:07 router ulogd[4546]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60001" initf="eth0" srcmac="00:1a:4d:5f:76:00" dstmac="68:05:ca:2b:32:78" srcip="192.168.55.3" dstip="192.168.55.255" proto="17" length="152" tos="0x00" prec="0x00" ttl="128" srcport="17500" dstport="17500"

2015:01:07-21:28:07 router ulogd[4546]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60001" initf="eth0" srcmac="00:1a:4d:5f:76:00" dstmac="68:05:ca:2b:32:78" srcip="192.168.55.3" dstip="192.168.55.100" proto="1" length="60" tos="0x00" prec="0x00" ttl="128" type="8" code="0"

2015:01:07-21:28:07 router ulogd[4546]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60001" initf="eth0" srcmac="80[:D]2:1d:17:b6:b4" dstmac="68:05:ca:2b:32:78" srcip="0.0.0.0" dstip="255.255.255.255" proto="17" length="351" tos="0x00" prec="0x00" ttl="64" srcport="68" dstport="67"

2015:01:07-21:28:07 router ulogd[4546]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60001" initf="eth0" srcmac="00:1a:4d:5f:76:00" dstmac="68:05:ca:2b:32:78" srcip="192.168.55.3" dstip="192.168.55.255" proto="17" length="78" tos="0x00" prec="0x00" ttl="128" srcport="137" dstport="137"

2015:01:07-21:28:09 router ulogd[4546]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60001" initf="eth0" srcmac="00:1a:4d:5f:76:00" dstmac="68:05:ca:2b:32:78" srcip="192.168.55.3" dstip="192.168.55.255" proto="17" length="78" tos="0x00" prec="0x00" ttl="128" srcport="137" dstport="137"

2015:01:07-21:28:09 router ulogd[4546]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60001" initf="eth0" srcmac="00:1a:4d:5f:76:00" dstmac="68:05:ca:2b:32:78" srcip="192.168.55.3" dstip="192.168.55.255" proto="17" length="78" tos="0x00" prec="0x00" ttl="128" srcport="137" dstport="137"

2015:01:07-21:28:11 router ulogd[4546]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60001" initf="eth0" srcmac="00:1a:4d:5f:76:00" dstmac="68:05:ca:2b:32:78" srcip="192.168.55.3" dstip="192.168.55.255" proto="17" length="78" tos="0x00" prec="0x00" ttl="128" srcport="137" dstport="137"

2015:01:07-21:28:11 router ulogd[4546]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60001" initf="eth0" srcmac="80[:D]2:1d:17:b6:b4" dstmac="68:05:ca:2b:32:78" srcip="0.0.0.0" dstip="255.255.255.255" proto="17" length="351" tos="0x00" prec="0x00" ttl="64" srcport="68" dstport="67"
Cancel
Vote Up 0 Vote Down

Cancel

Children

No Data

All outbound traffic from LAN blocked

Submitted a Tech Support Case lately from the Support Portal?