Guest User!

You are not Sophos Staff.

Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 10 replies
  • Subscribers 4 subscribers
  • Views 23342 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

PS3 unable to connect to PSN

danodemano

Alright folks, this has been driving me crazy for the past 3 or 4 days now.  My PS4 can connect to the PSN without issue.  I had the EXACT same rules for my PS3 however it was unable to connect.  So tonight I nuked the network definition for the PS3 and recreated it leaving all the defaults (no bypass rules) however it STILL cannot connect.  This is the only block entry I can find but I'm a bit confused, it looks like it's trying to come back into the network on port 443?

2015:11:29-17:01:49 gateway ulogd[18487]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60003" outitf="eth0" srcmac="00:0c:29:6e:f9:0c" srcip="172.224.172.185" dstip="192.168.9.64" proto="6" length="40" tos="0x00" prec="0x00" ttl="64" srcport="443" dstport="61617" tcpflags="RST"
2015:11:29-17:11:27 gateway ulogd[18487]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60003" outitf="eth0" srcmac="00:0c:29:6e:f9:0c" srcip="23.196.24.237" dstip="192.168.9.64" proto="6" length="40" tos="0x00" prec="0x00" ttl="64" srcport="443" dstport="63060" tcpflags="RST"
2015:11:29-17:11:27 gateway ulogd[18487]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60003" outitf="eth0" srcmac="00:0c:29:6e:f9:0c" srcip="23.196.24.237" dstip="192.168.9.64" proto="6" length="40" tos="0x00" prec="0x00" ttl="64" srcport="443" dstport="63059" tcpflags="RST"
2015:11:29-17:12:11 gateway ulogd[18487]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60003" outitf="eth0" srcmac="00:0c:29:6e:f9:0c" srcip="198.107.131.100" dstip="192.168.9.64" proto="6" length="40" tos="0x00" prec="0x00" ttl="64" srcport="443" dstport="63048" tcpflags="RST"
2015:11:29-17:12:31 gateway ulogd[18487]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60003" outitf="eth0" srcmac="00:0c:29:6e:f9:0c" srcip="23.196.24.237" dstip="192.168.9.64" proto="6" length="40" tos="0x00" prec="0x00" ttl="64" srcport="443" dstport="63060" tcpflags="RST"
2015:11:29-17:12:31 gateway ulogd[18487]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60003" outitf="eth0" srcmac="00:0c:29:6e:f9:0c" srcip="23.196.24.237" dstip="192.168.9.64" proto="6" length="40" tos="0x00" prec="0x00" ttl="64" srcport="443" dstport="63059" tcpflags="RST"

The .64 address is my PS3.  The only "rule" I have that includes the PS3 is a wide-open allow all outgoing:

I had more restrictive rules but opened it way up for testing.  I'm a bit perplexed now as to why the above connection is being blocked and if it truly is what's the way around this?  Prior I had the PS3 bypassed from all scanning (IPS, web filtering, application control, advanced threat protection) and it was STILL getting blocked, there was just no log entry indicating the block.  Can anyone shed any light on this issue?  I really appreciate it!

Thanks,

Dan

EDIT: So just for fun I decided to port forward 443 into the PS3 and all the sudden it connects to the PSN!  I've never had to do this before, it's always connected without issue.  Is this a change on the PSN or has something changed in the Sophos UTM?



This thread was automatically locked due to age.
Parents
  • 0
    Do you have your PS3 configured statically or dynamically; DHCP reservation? Is the bypass rule you are referring to the Web Protection transparent bypass?

    If the IP address is changing due to DHCP lease renewal, that could be causing issues with any rules you have configured.
  • 0 in reply to Euphrates
    It has a statically assigned DHCP lease. And I had tried bypassing it from everything, web protection, application filtering, etc. And yes the IP on the PS3 matches what was setup for the rules. I keep coming back to the fact that a PORT FORWARD of 443 is required for it to connect to the PSN. I'm trying to track down if something in the UTM changed to cause this or if it's a change with Sony/PSN.
  • 0 in reply to danodemano

    Hi,

    I have the same issue - has this been resolved somehow?

    I'd rather not Portfw 443 (and 80) to the PS3 to get that working...

  • 0 in reply to ThomasRottig

    This resolved itself at some point.  I just double checked and my port forward rule is disabled and I've been able to connect to the PSN without issue.  I still don't have any explanation for the cause or solution and until now thought it was an issue isolated just to myself.  Sorry I wish I had a better answer for you but I honestly do not at this time.

  • 0 in reply to danodemano

    Hm OK.

    Could you describe your rules so I can compare to mine ?

    I have created an exception in web filter for the default hosts found here and additionally opened the fw for a couple of TCP/UDP ports (one way).

    The only thing I see in the logs are connection attempts from outside to 443/80 from akamai or instagram ips- not entirely sure those are related

  • 0 in reply to ThomasRottig

    Look in your firewall logs and see what's coming from the outside trying to talk to your PS3.

    At this point all I have are some generic bypass rules for my "media" network which includes the PS3.  I'm happy to post those if you like but I don't know if they are actually needed or not.

  • 0 in reply to danodemano

    Well the question is why those requests are initiated from outside  and are no part of the established session:(

    But will run some additional tests, thanks

  • 0 in reply to ThomasRottig

    That is exactly the question and why I was struggling with this a few months back.  There isn't any reason why a 443 port forward should be needed for it to work.

    Do let me you know what you find and if it seems similar to the log I posted above.  I'm really curious as to what exactly is going on.

Reply
  • 0 in reply to ThomasRottig

    That is exactly the question and why I was struggling with this a few months back.  There isn't any reason why a 443 port forward should be needed for it to work.

    Do let me you know what you find and if it seems similar to the log I posted above.  I'm really curious as to what exactly is going on.

Children
No Data