So far today I have roughly 696 drops as seen below. Everything works as far as I can tell. Perhaps something doesn't work as well as it should?
Can you tell me what the exchange server is trying to do here?
Exchange: 10.10.0.16
Sophos Internal: 10.10.0.12
I presume I need to make a firewall rule, but not entirely sure as to what for.
Something like
10.10.0.16 -> 443 -> 10.10.0.12 (allow)
2015:10:15-13:05:30 sophos ulogd[3265]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60001" initf="eth0" srcmac="00:25:b5:1a:01:ff" dstmac="00:1a:8c:5f:24:58" srcip="10.10.0.16" dstip="10.10.0.12" proto="6" length="52" tos="0x00" prec="0x00" ttl="128" srcport="443" dstport="43720" tcpflags="ACK FIN"
This thread was automatically locked due to age.
