Thread Info
  • State Verified Answer
  • Locked Locked
  • Replies 3 replies
  • Subscribers 2 subscribers
  • Views 11765 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

UTM Home blocking IM programs

JamesNewman

Hey all,

New UTM Home user.  Most things are working as expected.  IM programs will not login however.  Am I correct in assuming that if I create a firewall rule that is ANY-ANY-ANY that I have bypassed the firewall for testing purposes?  Even with this rule IM programs still will not connect.

Thanks,

James



This thread was automatically locked due to age.
Parents
  • 0
    Technically, a better firewall rule would be "Internal Network (Sources) -> Any (Services) -> Internet IPv4 (Destinations)" This way, any traffic from your Internal Network using any service/protocol, going out to the Internet, will be allowed. Also, you will want to place it in a higher order than the others.

    By default, I believe, the UTM's rules are pretty restrictive on allowing traffic. Unless you've specifically put rules in for ports used by your IM programs, the unit will typically only allow HTTP, HTTPS, DNS outbound.
Reply
  • 0
    Technically, a better firewall rule would be "Internal Network (Sources) -> Any (Services) -> Internet IPv4 (Destinations)" This way, any traffic from your Internal Network using any service/protocol, going out to the Internet, will be allowed. Also, you will want to place it in a higher order than the others.

    By default, I believe, the UTM's rules are pretty restrictive on allowing traffic. Unless you've specifically put rules in for ports used by your IM programs, the unit will typically only allow HTTP, HTTPS, DNS outbound.
Children
  • 0 in reply to Euphrates

    Firewall rules are what you set. You are confusing web proxy and firewall rules.
    If you your IM programs are not using web proxy values port 80, depending on your configuration.
    If you disable the web proxy and just use your internal->allow-->any-> external rule everything should go out.

    IanM

    This assumes you have a MASQ rule in  place.

  • 0 in reply to rfcat_vk
    rfcat_vk

    Thanks for the reply. I made a MASQ rule and the IM programs are now working!
    After the MASQ rule was adopted I have many fewer DEFAULT DROPS in my log as well.

    I still do have a few persistant DEFAULT DROPS on UDP in my log but I dont know how to troubleshoot them.
    Can you shed some light on where to look?

    Thanks,

    James