I'm a SQL Server DBA by profession, although I have a basic knowledge of networking, so please bear with me.
I have Sophos UTM 9.308-16 Home Edition running at home on an old AMD 4450e dual core, 2GB RAM. One motherboard 1GB Realtek NIC, a 1GB PCIE Realtek NIC, and a 4-port 100MB Intel PCI NIC. Hardware seems ok (I've seen warnings about Realtek, so looking at acquiring some other NICs).
Very impressed with the product (although I keep getting lost in the interface).
I have a problem with incoming packets FROM port 80 or 443 coming into the network being dropped. This primarily manifests itself with BBC iPlayer not being able to play videos on the PS3. Works on the Amazon fireTV. However, I'm also seeing similar packet drops to PCs in the house. Here's an excerpt for a packet to the PS3:
2015:02:28-10:33:23 cousins ulogd[4359]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60003" outitf="eth0" srcmac="00:19[:D]b:cb:40:a0" srcip="62.253.3.137" dstip="192.168.1.20" proto="6" length="40" tos="0x00" prec="0x00" ttl="64" srcport="80" dstport="51145" tcpflags="RST"
I've trawled through the internet, and forum posts, and the only thing I've seen is that the Connection Tracker may be timing out, so the firewall can't remember where these packets originated from - but there was no suggested solution.
The destination ip is on the internal network, so the masquerade is working.
Anyone have any ideas on where to look next?
This thread was automatically locked due to age.
