Guest User!

You are not Sophos Staff.

Thread Info
  • Locked Locked
  • Replies 3 replies
  • Subscribers 3 subscribers
  • Views 6610 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Does our firewall has capable for State packet Inspection?

JoseMendez

Hello Everyone,

I would like to know if someone know how to fix this Default DROP rules below.

Current setup:

WAN IP --- 192.168.1.230/24     UTM Outgoing Interfac

LAN IP ---- 172.20.147.250/24 - Local Gateway UTM

Test PC ---- 172.20.147.210

If you'd notice from LAN going to Internet is good but the return path must go to WAN IP Address first. The port number is the same 57253 which created by random source port. Kindly advise what is the best practice to fix this issue.

Thanks for your time.

-Joe



This thread was automatically locked due to age.

  • Firewall live log screenshot

    Screenshot above was not reflected..

  • in reply to JoseMendez

    If you still need help with this, Jose, please paste a line from the full Firewall log file, not from the Live Log.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA

  • Hi Joe,

    If you are seeing dropped return packets, check what the packet type is, if they are RST, FIN or ACK FIN packets then they UTM has already statefully detected that the communication was closed from the client end so any other packets received from the Webserver either because of out of order or otherwise then the UTM will just drop them because it knows the connection was shut off before these packets were received.

    Emile

Share Feedback
×

Submitted a Tech Support Case lately from the Support Portal?

Unfiltered HTML