Guest User!

You are not Sophos Staff.

Thread Info
  • State Suggested Answer
  • Locked Locked
  • Replies 29 replies
  • Answers 3 answers
  • Subscribers 4 subscribers
  • Views 25528 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Cannot access ADSL modem setup with additional address via specific devices

ChriZathens

Hi guys!

I am facing a strange issue...

I have an ASDL modem/router in bridge mode with IP 192.168.2.1 and have setup an additional address (192.168.2.2) on my UTM in order to access the modem.

The WAN interface connected to the ADSL modem/router is using PPPoE and my LAN is on the 192.168.1.x range

This has been working great until recently. I could enter http://192.168.2.1 on my smartphone's browser and could normally access the modem's webui (I want to regularly check the speed my adsl router syncs, because I have isp issues)

About a month ago, I replaced both my smartphones (company and personal)

From those 2 devices I cannot connect to the http://192.168.2.1 address.

From my computer, the page loads normally. I tried from my tablet - loads normally, too.

BUT, I can access the http://192.168.2.1 address normally from either phone when I am connected to my house using VPN...

The only difference between the other devices and my phones is that I have put them in Skip Transparent Mode Source Hosts/Nets & Skip Transparent Mode Destination Hosts/Nets in filtering options. I thought that maybe that was the case and went ahead and removed them, but still the same.

The only other thing that has changed since I could access the address via the old phone's browser, is that - due to the fact that I was migrating stuff and a need for more addresses arose, I changed my DHCP internal range and added 10 more IPs (was until .20, now it is until 30). I think this is irrelevant, though, just thought I should mention it...

 

Any ideas on where to look? I am really lost, don't know what to check and this thing is puzzling me.

I mean I can always connect using VPN (even when I am at the house), but why on earth does it not connect normally?



This thread was automatically locked due to age.
Parents
  • 0

    Hi,

    I believe the mobile phones are connected through WiFi, I am interested in knowing what IP address is leased to the mobile devices(same subnet IP address on the other devices which can access the GUI?). Grep this IP address and post the packetfilter.log.

    Also, take a tcpdump on the source IP(x.x.x.x) and the destination IP(192.168.2.1), show us the dumps. Finally, show me a picture of WebAdmin settings from the management page.

    Thanks

    Sachin Gurung
    Team Lead | Sophos Technical Support
    Knowledge Base  |  @SophosSupport  |  Video tutorials
    Remember to like a post.  If a post (on a question thread) solves your question use the 'This helped me' link.

  • 0 in reply to sachingurung

    Hello, sachingurung, and thanks for trying to help

    Regarding your points:

    Yes, the mobiles are connected using wi-fi. My nexus has an address of .25, my iPhone of .19, both assigned by DHCP and made as reservations

    My network is 192.168.1.0/24. The UTM's address is 192.168.1.1

    The additional IP set on the UTM is 192.168.2.2 and the ADSL modem has an IP of 192.168.2.1

    The utm can ping the modem no problem :

    PING 192.168.2.1 (192.168.2.1) 56(84) bytes of data.

64 bytes from 192.168.2.1: icmp_seq=1 ttl=255 time=1.29 ms

     

    My tablet which can access the modem via wifi has an IP address of 192.168.1.4

    Regarding the packetfilter log:

    I go to Logging and reporting and enter those settings:

    thousands of lines are returned... I tried to search for 192.168.2.1 in there but had 0 hits. Do you need anything more specific?

    In order to take a tcpdump I will have to get home and try to access the modem with my mobile, then take a tcpdump I presume....

    Finally a picture of webadmin settings:

    Regarding tcpdump, for now I could only connect through VPN with my Nexus and access the modem (which works correctly)

    Don't know if it helps in any way, but this is the dump it created:

    Fullscreen dump.txt Download 
    utm:/root # tcpdump -n dst host 192.168.2.1
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on eth0, link-type EN10MB (Ethernet), capture size 65535 bytes
12:32:27.714269 IP 192.168.2.2.38640 > 192.168.2.1.80: Flags [S], seq 2933662736, win 29200, options [mss 1460,sackOK,TS val 101687927 ecr 0,nop,wscale 7], length 0
12:32:27.714903 IP 192.168.2.2.38640 > 192.168.2.1.80: Flags [.], ack 1571784725, win 229, options [nop,nop,TS val 101687927 ecr 93924283], length 0
12:32:27.714963 IP 192.168.2.2.38640 > 192.168.2.1.80: Flags [P.], seq 0:449, ack 1, win 229, options [nop,nop,TS val 101687927 ecr 93924283], length 449
12:32:27.755099 IP 192.168.2.2.38640 > 192.168.2.1.80: Flags [.], ack 18, win 229, options [nop,nop,TS val 101687937 ecr 93924287], length 0
12:32:27.755862 IP 192.168.2.2.38640 > 192.168.2.1.80: Flags [.], ack 274, win 237, options [nop,nop,TS val 101687938 ecr 93924287], length 0
12:32:27.756451 IP 192.168.2.2.38640 > 192.168.2.1.80: Flags [.], ack 1722, win 260, options [nop,nop,TS val 101687938 ecr 93924287], length 0
12:32:27.756480 IP 192.168.2.2.38640 > 192.168.2.1.80: Flags [.], ack 1855, win 282, options [nop,nop,TS val 101687938 ecr 93924287], length 0
12:32:27.760158 IP 192.168.2.2.38640 > 192.168.2.1.80: Flags [F.], seq 449, ack 1856, win 282, options [nop,nop,TS val 101687939 ecr 93924288], length 0
12:32:27.946851 IP 192.168.2.2.38641 > 192.168.2.1.80: Flags [S], seq 4159346203, win 29200, options [mss 1460,sackOK,TS val 101687985 ecr 0,nop,wscale 7], length 0
12:32:27.947621 IP 192.168.2.2.38641 > 192.168.2.1.80: Flags [.], ack 1560422445, win 229, options [nop,nop,TS val 101687986 ecr 93924306], length 0
12:32:27.947713 IP 192.168.2.2.38641 > 192.168.2.1.80: Flags [P.], seq 0:436, ack 1, win 229, options [nop,nop,TS val 101687986 ecr 93924306], length 436
12:32:27.959270 IP 192.168.2.2.38641 > 192.168.2.1.80: Flags [.], ack 195, win 237, options [nop,nop,TS val 101687989 ecr 93924307], length 0
12:32:27.959797 IP 192.168.2.2.38641 > 192.168.2.1.80: Flags [.], ack 1643, win 260, options [nop,nop,TS val 101687989 ecr 93924307], length 0
12:32:27.960183 IP 192.168.2.2.38641 > 192.168.2.1.80: Flags [.], ack 3091, win 282, options [nop,nop,TS val 101687989 ecr 93924308], length 0
12:32:27.960609 IP 192.168.2.2.38641 > 192.168.2.1.80: Flags [.], ack 4291, win 305, options [nop,nop,TS val 101687989 ecr 93924308], length 0
12:32:27.961449 IP 192.168.2.2.38641 > 192.168.2.1.80: Flags [.], ack 5739, win 327, options [nop,nop,TS val 101687989 ecr 93924308], length 0
12:32:27.961564 IP 192.168.2.2.38641 > 192.168.2.1.80: Flags [.], ack 7187, win 338, options [nop,nop,TS val 101687989 ecr 93924308], length 0
12:32:27.961794 IP 192.168.2.2.38641 > 192.168.2.1.80: Flags [.], ack 8387, win 338, options [nop,nop,TS val 101687989 ecr 93924308], length 0
12:32:27.962715 IP 192.168.2.2.38641 > 192.168.2.1.80: Flags [.], ack 9835, win 338, options [nop,nop,TS val 101687989 ecr 93924308], length 0
12:32:27.962896 IP 192.168.2.2.38641 > 192.168.2.1.80: Flags [.], ack 11283, win 338, options [nop,nop,TS val 101687989 ecr 93924308], length 0
12:32:27.963169 IP 192.168.2.2.38641 > 192.168.2.1.80: Flags [.], ack 12483, win 338, options [nop,nop,TS val 101687989 ecr 93924308], length 0
12:32:27.963947 IP 192.168.2.2.38641 > 192.168.2.1.80: Flags [.], ack 13931, win 338, options [nop,nop,TS val 101687990 ecr 93924308], length 0
12:32:27.964473 IP 192.168.2.2.38641 > 192.168.2.1.80: Flags [.], ack 15029, win 338, options [nop,nop,TS val 101687990 ecr 93924308], length 0
12:32:27.964487 IP 192.168.2.2.38641 > 192.168.2.1.80: Flags [F.], seq 436, ack 15029, win 338, options [nop,nop,TS val 101687990 ecr 93924308], length 0
12:32:27.968793 IP 192.168.2.2.38641 > 192.168.2.1.80: Flags [.], ack 15030, win 338, options [nop,nop,TS val 101687991 ecr 93924308], length 0
12:32:28.278043 IP 192.168.2.2.38642 > 192.168.2.1.80: Flags [S], seq 2064097097, win 29200, options [mss 1460,sackOK,TS val 101688068 ecr 0,nop,wscale 7], length 0
12:32:28.278699 IP 192.168.2.2.38642 > 192.168.2.1.80: Flags [.], ack 1558521725, win 229, options [nop,nop,TS val 101688068 ecr 93924339], length 0
12:32:28.278753 IP 192.168.2.2.38642 > 192.168.2.1.80: Flags [P.], seq 0:508, ack 1, win 229, options [nop,nop,TS val 101688068 ecr 93924339], length 508
12:32:28.324219 IP 192.168.2.2.38642 > 192.168.2.1.80: Flags [.], ack 18, win 229, options [nop,nop,TS val 101688080 ecr 93924344], length 0
12:32:28.324864 IP 192.168.2.2.38642 > 192.168.2.1.80: Flags [.], ack 274, win 237, options [nop,nop,TS val 101688080 ecr 93924344], length 0
12:32:28.325942 IP 192.168.2.2.38642 > 192.168.2.1.80: Flags [.], ack 1298, win 260, options [nop,nop,TS val 101688080 ecr 93924344], length 0
12:32:28.326235 IP 192.168.2.2.38642 > 192.168.2.1.80: Flags [.], ack 2746, win 282, options [nop,nop,TS val 101688080 ecr 93924344], length 0
12:32:28.326738 IP 192.168.2.2.38642 > 192.168.2.1.80: Flags [.], ack 4194, win 305, options [nop,nop,TS val 101688080 ecr 93924344], length 0
12:32:28.326886 IP 192.168.2.2.38642 > 192.168.2.1.80: Flags [.], ack 4370, win 327, options [nop,nop,TS val 101688080 ecr 93924344], length 0
12:32:28.328027 IP 192.168.2.2.38642 > 192.168.2.1.80: Flags [.], ack 5394, win 338, options [nop,nop,TS val 101688081 ecr 93924344], length 0
12:32:28.328439 IP 192.168.2.2.38642 > 192.168.2.1.80: Flags [.], ack 6842, win 338, options [nop,nop,TS val 101688081 ecr 93924344], length 0
12:32:28.328744 IP 192.168.2.2.38642 > 192.168.2.1.80: Flags [.], ack 7442, win 338, options [nop,nop,TS val 101688081 ecr 93924344], length 0
12:32:28.329922 IP 192.168.2.2.38642 > 192.168.2.1.80: Flags [.], ack 8466, win 338, options [nop,nop,TS val 101688081 ecr 93924344], length 0
12:32:28.330928 IP 192.168.2.2.38642 > 192.168.2.1.80: Flags [.], ack 9914, win 338, options [nop,nop,TS val 101688081 ecr 93924345], length 0
12:32:28.330955 IP 192.168.2.2.38642 > 192.168.2.1.80: Flags [.], ack 10514, win 338, options [nop,nop,TS val 101688081 ecr 93924345], length 0
12:32:28.331856 IP 192.168.2.2.38642 > 192.168.2.1.80: Flags [.], ack 11962, win 338, options [nop,nop,TS val 101688082 ecr 93924345], length 0
12:32:28.331865 IP 192.168.2.2.38642 > 192.168.2.1.80: Flags [.], ack 12562, win 338, options [nop,nop,TS val 101688082 ecr 93924345], length 0
12:32:28.332880 IP 192.168.2.2.38642 > 192.168.2.1.80: Flags [.], ack 13586, win 338, options [nop,nop,TS val 101688082 ecr 93924345], length 0
12:32:28.333675 IP 192.168.2.2.38642 > 192.168.2.1.80: Flags [.], ack 15034, win 338, options [nop,nop,TS val 101688082 ecr 93924345], length 0
12:32:28.333764 IP 192.168.2.2.38642 > 192.168.2.1.80: Flags [.], ack 15634, win 338, options [nop,nop,TS val 101688082 ecr 93924345], length 0
12:32:28.334892 IP 192.168.2.2.38642 > 192.168.2.1.80: Flags [.], ack 16658, win 338, options [nop,nop,TS val 101688082 ecr 93924345], length 0
12:32:28.335626 IP 192.168.2.2.38642 > 192.168.2.1.80: Flags [.], ack 17774, win 338, options [nop,nop,TS val 101688083 ecr 93924345], length 0
12:32:28.341046 IP 192.168.2.2.38642 > 192.168.2.1.80: Flags [.], ack 18030, win 338, options [nop,nop,TS val 101688084 ecr 93924346], length 0
12:32:28.347749 IP 192.168.2.2.38642 > 192.168.2.1.80: Flags [.], ack 18286, win 338, options [nop,nop,TS val 101688086 ecr 93924346], length 0
12:32:28.348707 IP 192.168.2.2.38642 > 192.168.2.1.80: Flags [.], ack 19310, win 338, options [nop,nop,TS val 101688086 ecr 93924346], length 0
12:32:28.349560 IP 192.168.2.2.38642 > 192.168.2.1.80: Flags [.], ack 22382, win 338, options [nop,nop,TS val 101688086 ecr 93924346], length 0
12:32:28.350291 IP 192.168.2.2.38642 > 192.168.2.1.80: Flags [.], ack 22625, win 338, options [nop,nop,TS val 101688086 ecr 93924347], length 0
12:32:28.355669 IP 192.168.2.2.38642 > 192.168.2.1.80: Flags [.], ack 22881, win 338, options [nop,nop,TS val 101688088 ecr 93924347], length 0
12:32:28.356429 IP 192.168.2.2.38642 > 192.168.2.1.80: Flags [.], ack 23234, win 338, options [nop,nop,TS val 101688088 ecr 93924347], length 0
12:32:28.362171 IP 192.168.2.2.38642 > 192.168.2.1.80: Flags [.], ack 23490, win 338, options [nop,nop,TS val 101688089 ecr 93924348], length 0
12:32:28.363072 IP 192.168.2.2.38642 > 192.168.2.1.80: Flags [.], ack 24514, win 338, options [nop,nop,TS val 101688089 ecr 93924348], length 0
12:32:28.363965 IP 192.168.2.2.38642 > 192.168.2.1.80: Flags [.], ack 26562, win 338, options [nop,nop,TS val 101688090 ecr 93924348], length 0
12:32:28.364812 IP 192.168.2.2.38642 > 192.168.2.1.80: Flags [.], ack 28358, win 338, options [nop,nop,TS val 101688090 ecr 93924348], length 0
12:32:28.367840 IP 192.168.2.2.38642 > 192.168.2.1.80: Flags [.], ack 28614, win 338, options [nop,nop,TS val 101688091 ecr 93924348], length 0
12:32:28.371233 IP 192.168.2.2.38642 > 192.168.2.1.80: Flags [.], ack 28870, win 338, options [nop,nop,TS val 101688092 ecr 93924349], length 0
12:32:28.372163 IP 192.168.2.2.38642 > 192.168.2.1.80: Flags [.], ack 29464, win 338, options [nop,nop,TS val 101688092 ecr 93924349], length 0
12:32:28.377386 IP 192.168.2.2.38642 > 192.168.2.1.80: Flags [.], ack 29720, win 338, options [nop,nop,TS val 101688093 ecr 93924349], length 0
12:32:28.380922 IP 192.168.2.2.38642 > 192.168.2.1.80: Flags [.], ack 29976, win 338, options [nop,nop,TS val 101688094 ecr 93924350], length 0
12:32:28.381823 IP 192.168.2.2.38642 > 192.168.2.1.80: Flags [.], ack 32024, win 338, options [nop,nop,TS val 101688094 ecr 93924350], length 0
12:32:28.382959 IP 192.168.2.2.38642 > 192.168.2.1.80: Flags [.], ack 32829, win 338, options [nop,nop,TS val 101688094 ecr 93924350], length 0
12:32:28.388215 IP 192.168.2.2.38642 > 192.168.2.1.80: Flags [.], ack 33085, win 338, options [nop,nop,TS val 101688096 ecr 93924350], length 0
12:32:28.394734 IP 192.168.2.2.38642 > 192.168.2.1.80: Flags [.], ack 33341, win 338, options [nop,nop,TS val 101688097 ecr 93924351], length 0
12:32:28.395676 IP 192.168.2.2.38642 > 192.168.2.1.80: Flags [.], ack 34365, win 338, options [nop,nop,TS val 101688098 ecr 93924351], length 0
12:32:28.396447 IP 192.168.2.2.38642 > 192.168.2.1.80: Flags [.], ack 36413, win 338, options [nop,nop,TS val 101688098 ecr 93924351], length 0
12:32:28.397338 IP 192.168.2.2.38642 > 192.168.2.1.80: Flags [.], ack 37437, win 338, options [nop,nop,TS val 101688098 ecr 93924351], length 0
12:32:28.398135 IP 192.168.2.2.38642 > 192.168.2.1.80: Flags [.], ack 39485, win 338, options [nop,nop,TS val 101688098 ecr 93924351], length 0
12:32:28.398963 IP 192.168.2.2.38642 > 192.168.2.1.80: Flags [.], ack 40664, win 338, options [nop,nop,TS val 101688098 ecr 93924351], length 0
12:32:28.402182 IP 192.168.2.2.38642 > 192.168.2.1.80: Flags [.], ack 40920, win 338, options [nop,nop,TS val 101688099 ecr 93924352], length 0
12:32:28.403118 IP 192.168.2.2.38642 > 192.168.2.1.80: Flags [.], ack 42013, win 338, options [nop,nop,TS val 101688099 ecr 93924352], length 0
12:32:28.417596 IP 192.168.2.2.38642 > 192.168.2.1.80: Flags [.], ack 42269, win 338, options [nop,nop,TS val 101688103 ecr 93924353], length 0
12:32:28.427927 IP 192.168.2.2.38642 > 192.168.2.1.80: Flags [.], ack 42525, win 338, options [nop,nop,TS val 101688106 ecr 93924354], length 0
12:32:28.437671 IP 192.168.2.2.38642 > 192.168.2.1.80: Flags [.], ack 42781, win 338, options [nop,nop,TS val 101688108 ecr 93924355], length 0
12:32:28.449803 IP 192.168.2.2.38642 > 192.168.2.1.80: Flags [.], ack 43037, win 338, options [nop,nop,TS val 101688111 ecr 93924356], length 0
12:32:28.459598 IP 192.168.2.2.38642 > 192.168.2.1.80: Flags [.], ack 43293, win 338, options [nop,nop,TS val 101688114 ecr 93924357], length 0
12:32:28.471679 IP 192.168.2.2.38642 > 192.168.2.1.80: Flags [.], ack 43549, win 338, options [nop,nop,TS val 101688117 ecr 93924359], length 0
12:32:28.477499 IP 192.168.2.2.38642 > 192.168.2.1.80: Flags [.], ack 43805, win 338, options [nop,nop,TS val 101688118 ecr 93924359], length 0
12:32:28.481096 IP 192.168.2.2.38642 > 192.168.2.1.80: Flags [.], ack 43889, win 338, options [nop,nop,TS val 101688119 ecr 93924360], length 0
12:32:28.484136 IP 192.168.2.2.38642 > 192.168.2.1.80: Flags [F.], seq 508, ack 43890, win 338, options [nop,nop,TS val 101688120 ecr 93924360], length 0
12:32:28.762427 IP 192.168.2.2.38643 > 192.168.2.1.80: Flags [S], seq 910838176, win 29200, options [mss 1460,sackOK,TS val 101688189 ecr 0,nop,wscale 7], length 0
12:32:28.762513 IP 192.168.2.2.38644 > 192.168.2.1.80: Flags [S], seq 4273221150, win 29200, options [mss 1460,sackOK,TS val 101688189 ecr 0,nop,wscale 7], length 0
12:32:28.762628 IP 192.168.2.2.38645 > 192.168.2.1.80: Flags [S], seq 1595695184, win 29200, options [mss 1460,sackOK,TS val 101688189 ecr 0,nop,wscale 7], length 0
12:32:28.763048 IP 192.168.2.2.38643 > 192.168.2.1.80: Flags [.], ack 1570207630, win 229, options [nop,nop,TS val 101688189 ecr 93924388], length 0
12:32:28.763099 IP 192.168.2.2.38643 > 192.168.2.1.80: Flags [P.], seq 0:481, ack 1, win 229, options [nop,nop,TS val 101688189 ecr 93924388], length 481
12:32:28.763621 IP 192.168.2.2.38644 > 192.168.2.1.80: Flags [.], ack 1556446008, win 229, options [nop,nop,TS val 101688190 ecr 93924388], length 0
12:32:28.763654 IP 192.168.2.2.38644 > 192.168.2.1.80: Flags [P.], seq 0:463, ack 1, win 229, options [nop,nop,TS val 101688190 ecr 93924388], length 463
12:32:28.763940 IP 192.168.2.2.38645 > 192.168.2.1.80: Flags [.], ack 1571214058, win 229, options [nop,nop,TS val 101688190 ecr 93924388], length 0
12:32:28.763968 IP 192.168.2.2.38645 > 192.168.2.1.80: Flags [P.], seq 0:464, ack 1, win 229, options [nop,nop,TS val 101688190 ecr 93924388], length 464
12:32:28.776795 IP 192.168.2.2.38643 > 192.168.2.1.80: Flags [.], ack 178, win 237, options [nop,nop,TS val 101688193 ecr 93924389], length 0
12:32:28.777410 IP 192.168.2.2.38643 > 192.168.2.1.80: Flags [.], ack 1626, win 260, options [nop,nop,TS val 101688193 ecr 93924389], length 0
12:32:28.777734 IP 192.168.2.2.38643 > 192.168.2.1.80: Flags [.], ack 3074, win 282, options [nop,nop,TS val 101688193 ecr 93924389], length 0
12:32:28.777964 IP 192.168.2.2.38643 > 192.168.2.1.80: Flags [.], ack 4274, win 305, options [nop,nop,TS val 101688193 ecr 93924389], length 0
12:32:28.778823 IP 192.168.2.2.38643 > 192.168.2.1.80: Flags [.], ack 4731, win 327, options [nop,nop,TS val 101688193 ecr 93924389], length 0
12:32:28.778838 IP 192.168.2.2.38643 > 192.168.2.1.80: Flags [F.], seq 481, ack 4731, win 327, options [nop,nop,TS val 101688193 ecr 93924389], length 0
12:32:28.782770 IP 192.168.2.2.38643 > 192.168.2.1.80: Flags [.], ack 4732, win 327, options [nop,nop,TS val 101688194 ecr 93924390], length 0
12:32:28.796858 IP 192.168.2.2.38644 > 192.168.2.1.80: Flags [.], ack 194, win 237, options [nop,nop,TS val 101688198 ecr 93924391], length 0
12:32:28.797664 IP 192.168.2.2.38644 > 192.168.2.1.80: Flags [.], ack 1642, win 260, options [nop,nop,TS val 101688198 ecr 93924391], length 0
12:32:28.797910 IP 192.168.2.2.38644 > 192.168.2.1.80: Flags [.], ack 3090, win 282, options [nop,nop,TS val 101688198 ecr 93924391], length 0
12:32:28.798152 IP 192.168.2.2.38644 > 192.168.2.1.80: Flags [.], ack 4290, win 305, options [nop,nop,TS val 101688198 ecr 93924391], length 0
12:32:28.799362 IP 192.168.2.2.38644 > 192.168.2.1.80: Flags [.], ack 5738, win 327, options [nop,nop,TS val 101688199 ecr 93924391], length 0
12:32:28.799717 IP 192.168.2.2.38644 > 192.168.2.1.80: Flags [.], ack 7186, win 338, options [nop,nop,TS val 101688199 ecr 93924391], length 0
12:32:28.800266 IP 192.168.2.2.38644 > 192.168.2.1.80: Flags [.], ack 8386, win 338, options [nop,nop,TS val 101688199 ecr 93924392], length 0
12:32:28.801271 IP 192.168.2.2.38644 > 192.168.2.1.80: Flags [.], ack 8962, win 338, options [nop,nop,TS val 101688199 ecr 93924392], length 0
12:32:28.801283 IP 192.168.2.2.38644 > 192.168.2.1.80: Flags [F.], seq 463, ack 8962, win 338, options [nop,nop,TS val 101688199 ecr 93924392], length 0
12:32:28.805401 IP 192.168.2.2.38644 > 192.168.2.1.80: Flags [.], ack 8963, win 338, options [nop,nop,TS val 101688200 ecr 93924392], length 0
12:32:28.813954 IP 192.168.2.2.38645 > 192.168.2.1.80: Flags [.], ack 195, win 237, options [nop,nop,TS val 101688202 ecr 93924393], length 0
12:32:28.814420 IP 192.168.2.2.38645 > 192.168.2.1.80: Flags [.], ack 1643, win 260, options [nop,nop,TS val 101688202 ecr 93924393], length 0
12:32:28.814778 IP 192.168.2.2.38645 > 192.168.2.1.80: Flags [.], ack 3091, win 282, options [nop,nop,TS val 101688202 ecr 93924393], length 0
12:32:28.815203 IP 192.168.2.2.38645 > 192.168.2.1.80: Flags [.], ack 4291, win 305, options [nop,nop,TS val 101688203 ecr 93924393], length 0
12:32:28.815825 IP 192.168.2.2.38645 > 192.168.2.1.80: Flags [.], ack 5739, win 327, options [nop,nop,TS val 101688203 ecr 93924393], length 0
12:32:28.816218 IP 192.168.2.2.38645 > 192.168.2.1.80: Flags [.], ack 7187, win 338, options [nop,nop,TS val 101688203 ecr 93924393], length 0
12:32:28.816454 IP 192.168.2.2.38645 > 192.168.2.1.80: Flags [.], ack 8387, win 338, options [nop,nop,TS val 101688203 ecr 93924393], length 0
12:32:28.817214 IP 192.168.2.2.38645 > 192.168.2.1.80: Flags [.], ack 9835, win 338, options [nop,nop,TS val 101688203 ecr 93924393], length 0
12:32:28.817725 IP 192.168.2.2.38645 > 192.168.2.1.80: Flags [.], ack 11283, win 338, options [nop,nop,TS val 101688203 ecr 93924393], length 0
12:32:28.818270 IP 192.168.2.2.38645 > 192.168.2.1.80: Flags [.], ack 12063, win 338, options [nop,nop,TS val 101688203 ecr 93924393], length 0
12:32:28.818285 IP 192.168.2.2.38645 > 192.168.2.1.80: Flags [F.], seq 464, ack 12063, win 338, options [nop,nop,TS val 101688203 ecr 93924393], length 0
12:32:28.822507 IP 192.168.2.2.38645 > 192.168.2.1.80: Flags [.], ack 12064, win 338, options [nop,nop,TS val 101688204 ecr 93924394], length 0
12:32:29.361417 IP 192.168.2.2.38646 > 192.168.2.1.80: Flags [S], seq 1020857781, win 29200, options [mss 1460,sackOK,TS val 101688339 ecr 0,nop,wscale 7], length 0
12:32:29.362067 IP 192.168.2.2.38646 > 192.168.2.1.80: Flags [.], ack 1563288624, win 229, options [nop,nop,TS val 101688339 ecr 93924448], length 0
12:32:29.362132 IP 192.168.2.2.38646 > 192.168.2.1.80: Flags [P.], seq 0:465, ack 1, win 229, options [nop,nop,TS val 101688339 ecr 93924448], length 465
12:32:29.373350 IP 192.168.2.2.38646 > 192.168.2.1.80: Flags [.], ack 195, win 237, options [nop,nop,TS val 101688342 ecr 93924449], length 0
12:32:29.373847 IP 192.168.2.2.38646 > 192.168.2.1.80: Flags [.], ack 1643, win 260, options [nop,nop,TS val 101688342 ecr 93924449], length 0
12:32:29.374231 IP 192.168.2.2.38646 > 192.168.2.1.80: Flags [.], ack 3091, win 282, options [nop,nop,TS val 101688342 ecr 93924449], length 0
12:32:29.374654 IP 192.168.2.2.38646 > 192.168.2.1.80: Flags [.], ack 4291, win 305, options [nop,nop,TS val 101688342 ecr 93924449], length 0
12:32:29.375205 IP 192.168.2.2.38646 > 192.168.2.1.80: Flags [.], ack 5739, win 327, options [nop,nop,TS val 101688343 ecr 93924449], length 0
12:32:29.375606 IP 192.168.2.2.38646 > 192.168.2.1.80: Flags [.], ack 7187, win 338, options [nop,nop,TS val 101688343 ecr 93924449], length 0
12:32:29.375823 IP 192.168.2.2.38646 > 192.168.2.1.80: Flags [.], ack 8387, win 338, options [nop,nop,TS val 101688343 ecr 93924449], length 0
12:32:29.376783 IP 192.168.2.2.38646 > 192.168.2.1.80: Flags [.], ack 9835, win 338, options [nop,nop,TS val 101688343 ecr 93924449], length 0
12:32:29.377190 IP 192.168.2.2.38646 > 192.168.2.1.80: Flags [.], ack 11283, win 338, options [nop,nop,TS val 101688343 ecr 93924449], length 0
12:32:29.377724 IP 192.168.2.2.38646 > 192.168.2.1.80: Flags [.], ack 12483, win 338, options [nop,nop,TS val 101688343 ecr 93924449], length 0
12:32:29.378275 IP 192.168.2.2.38646 > 192.168.2.1.80: Flags [.], ack 13931, win 338, options [nop,nop,TS val 101688343 ecr 93924449], length 0
12:32:29.378894 IP 192.168.2.2.38646 > 192.168.2.1.80: Flags [.], ack 15029, win 338, options [nop,nop,TS val 101688343 ecr 93924449], length 0
12:32:29.378909 IP 192.168.2.2.38646 > 192.168.2.1.80: Flags [F.], seq 465, ack 15029, win 338, options [nop,nop,TS val 101688343 ecr 93924449], length 0
12:32:29.383607 IP 192.168.2.2.38646 > 192.168.2.1.80: Flags [.], ack 15030, win 338, options [nop,nop,TS val 101688345 ecr 93924450], length 0
12:32:29.502053 IP 192.168.2.2.38647 > 192.168.2.1.80: Flags [S], seq 3445878485, win 29200, options [mss 1460,sackOK,TS val 101688374 ecr 0,nop,wscale 7], length 0
12:32:29.502679 IP 192.168.2.2.38647 > 192.168.2.1.80: Flags [.], ack 1559067984, win 229, options [nop,nop,TS val 101688374 ecr 93924462], length 0
12:32:29.502762 IP 192.168.2.2.38647 > 192.168.2.1.80: Flags [P.], seq 0:496, ack 1, win 229, options [nop,nop,TS val 101688374 ecr 93924462], length 496
12:32:29.514519 IP 192.168.2.2.38647 > 192.168.2.1.80: Flags [.], ack 178, win 237, options [nop,nop,TS val 101688377 ecr 93924463], length 0
12:32:29.515483 IP 192.168.2.2.38647 > 192.168.2.1.80: Flags [.], ack 1036, win 260, options [nop,nop,TS val 101688378 ecr 93924463], length 0
12:32:29.515497 IP 192.168.2.2.38647 > 192.168.2.1.80: Flags [F.], seq 496, ack 1036, win 260, options [nop,nop,TS val 101688378 ecr 93924463], length 0
12:32:29.519301 IP 192.168.2.2.38647 > 192.168.2.1.80: Flags [.], ack 1037, win 260, options [nop,nop,TS val 101688379 ecr 93924463], length 0
12:32:29.798614 IP 192.168.2.2.38648 > 192.168.2.1.80: Flags [S], seq 2521644494, win 29200, options [mss 1460,sackOK,TS val 101688448 ecr 0,nop,wscale 7], length 0
12:32:29.799280 IP 192.168.2.2.38648 > 192.168.2.1.80: Flags [.], ack 1563505569, win 229, options [nop,nop,TS val 101688449 ecr 93924491], length 0
12:32:29.799335 IP 192.168.2.2.38648 > 192.168.2.1.80: Flags [P.], seq 0:491, ack 1, win 229, options [nop,nop,TS val 101688449 ecr 93924491], length 491
12:32:29.801267 IP 192.168.2.2.38650 > 192.168.2.1.80: Flags [S], seq 2741826038, win 29200, options [mss 1460,sackOK,TS val 101688449 ecr 0,nop,wscale 7], length 0
12:32:29.801276 IP 192.168.2.2.38649 > 192.168.2.1.80: Flags [S], seq 3497588920, win 29200, options [mss 1460,sackOK,TS val 101688449 ecr 0,nop,wscale 7], length 0
12:32:29.801904 IP 192.168.2.2.38650 > 192.168.2.1.80: Flags [.], ack 1571907393, win 229, options [nop,nop,TS val 101688449 ecr 93924492], length 0
12:32:29.801957 IP 192.168.2.2.38650 > 192.168.2.1.80: Flags [P.], seq 0:491, ack 1, win 229, options [nop,nop,TS val 101688449 ecr 93924492], length 491
12:32:29.802394 IP 192.168.2.2.38649 > 192.168.2.1.80: Flags [.], ack 1565291009, win 229, options [nop,nop,TS val 101688449 ecr 93924492], length 0
12:32:29.802421 IP 192.168.2.2.38649 > 192.168.2.1.80: Flags [P.], seq 0:491, ack 1, win 229, options [nop,nop,TS val 101688449 ecr 93924492], length 491
12:32:29.815852 IP 192.168.2.2.38648 > 192.168.2.1.80: Flags [.], ack 177, win 237, options [nop,nop,TS val 101688453 ecr 93924493], length 0
12:32:29.816533 IP 192.168.2.2.38648 > 192.168.2.1.80: Flags [.], ack 262, win 237, options [nop,nop,TS val 101688453 ecr 93924493], length 0
12:32:29.816566 IP 192.168.2.2.38648 > 192.168.2.1.80: Flags [F.], seq 491, ack 262, win 237, options [nop,nop,TS val 101688453 ecr 93924493], length 0
12:32:29.820603 IP 192.168.2.2.38648 > 192.168.2.1.80: Flags [.], ack 263, win 237, options [nop,nop,TS val 101688454 ecr 93924494], length 0
12:32:29.829546 IP 192.168.2.2.38650 > 192.168.2.1.80: Flags [.], ack 178, win 237, options [nop,nop,TS val 101688456 ecr 93924494], length 0
12:32:29.830441 IP 192.168.2.2.38650 > 192.168.2.1.80: Flags [.], ack 693, win 245, options [nop,nop,TS val 101688456 ecr 93924495], length 0
12:32:29.830454 IP 192.168.2.2.38650 > 192.168.2.1.80: Flags [F.], seq 491, ack 693, win 245, options [nop,nop,TS val 101688456 ecr 93924495], length 0
12:32:29.835004 IP 192.168.2.2.38650 > 192.168.2.1.80: Flags [.], ack 694, win 245, options [nop,nop,TS val 101688457 ecr 93924495], length 0
12:32:29.846045 IP 192.168.2.2.38649 > 192.168.2.1.80: Flags [.], ack 178, win 237, options [nop,nop,TS val 101688460 ecr 93924496], length 0
12:32:29.846882 IP 192.168.2.2.38649 > 192.168.2.1.80: Flags [.], ack 1027, win 260, options [nop,nop,TS val 101688460 ecr 93924496], length 0
12:32:29.846894 IP 192.168.2.2.38649 > 192.168.2.1.80: Flags [F.], seq 491, ack 1027, win 260, options [nop,nop,TS val 101688460 ecr 93924496], length 0
12:32:29.850092 IP 192.168.2.2.38653 > 192.168.2.1.80: Flags [S], seq 3816031802, win 29200, options [mss 1460,sackOK,TS val 101688461 ecr 0,nop,wscale 7], length 0
12:32:29.850102 IP 192.168.2.2.38652 > 192.168.2.1.80: Flags [S], seq 2156941015, win 29200, options [mss 1460,sackOK,TS val 101688461 ecr 0,nop,wscale 7], length 0
12:32:29.850141 IP 192.168.2.2.38655 > 192.168.2.1.80: Flags [S], seq 2432380451, win 29200, options [mss 1460,sackOK,TS val 101688461 ecr 0,nop,wscale 7], length 0
12:32:29.850783 IP 192.168.2.2.38653 > 192.168.2.1.80: Flags [.], ack 1561902509, win 229, options [nop,nop,TS val 101688461 ecr 93924497], length 0
12:32:29.850834 IP 192.168.2.2.38653 > 192.168.2.1.80: Flags [P.], seq 0:494, ack 1, win 229, options [nop,nop,TS val 101688461 ecr 93924497], length 494
12:32:29.851185 IP 192.168.2.2.38652 > 192.168.2.1.80: Flags [.], ack 1566531302, win 229, options [nop,nop,TS val 101688462 ecr 93924497], length 0
12:32:29.851213 IP 192.168.2.2.38652 > 192.168.2.1.80: Flags [P.], seq 0:491, ack 1, win 229, options [nop,nop,TS val 101688462 ecr 93924497], length 491
12:32:29.851585 IP 192.168.2.2.38655 > 192.168.2.1.80: Flags [.], ack 1561481019, win 229, options [nop,nop,TS val 101688462 ecr 93924497], length 0
12:32:29.851612 IP 192.168.2.2.38655 > 192.168.2.1.80: Flags [P.], seq 0:491, ack 1, win 229, options [nop,nop,TS val 101688462 ecr 93924497], length 491
12:32:29.854359 IP 192.168.2.2.38649 > 192.168.2.1.80: Flags [.], ack 1028, win 260, options [nop,nop,TS val 101688462 ecr 93924497], length 0
12:32:29.873364 IP 192.168.2.2.38653 > 192.168.2.1.80: Flags [.], ack 179, win 237, options [nop,nop,TS val 101688467 ecr 93924499], length 0
12:32:29.873859 IP 192.168.2.2.38653 > 192.168.2.1.80: Flags [.], ack 1627, win 260, options [nop,nop,TS val 101688467 ecr 93924499], length 0
12:32:29.874297 IP 192.168.2.2.38653 > 192.168.2.1.80: Flags [.], ack 2360, win 282, options [nop,nop,TS val 101688467 ecr 93924499], length 0
12:32:29.874309 IP 192.168.2.2.38653 > 192.168.2.1.80: Flags [F.], seq 494, ack 2360, win 282, options [nop,nop,TS val 101688467 ecr 93924499], length 0
12:32:29.878587 IP 192.168.2.2.38653 > 192.168.2.1.80: Flags [.], ack 2361, win 282, options [nop,nop,TS val 101688468 ecr 93924499], length 0
12:32:29.885697 IP 192.168.2.2.38652 > 192.168.2.1.80: Flags [.], ack 178, win 237, options [nop,nop,TS val 101688470 ecr 93924500], length 0
12:32:29.886363 IP 192.168.2.2.38652 > 192.168.2.1.80: Flags [.], ack 360, win 245, options [nop,nop,TS val 101688470 ecr 93924500], length 0
12:32:29.886395 IP 192.168.2.2.38652 > 192.168.2.1.80: Flags [F.], seq 491, ack 360, win 245, options [nop,nop,TS val 101688470 ecr 93924500], length 0
12:32:29.890837 IP 192.168.2.2.38652 > 192.168.2.1.80: Flags [.], ack 361, win 245, options [nop,nop,TS val 101688471 ecr 93924501], length 0
12:32:29.898836 IP 192.168.2.2.38655 > 192.168.2.1.80: Flags [.], ack 178, win 237, options [nop,nop,TS val 101688473 ecr 93924501], length 0
12:32:29.899798 IP 192.168.2.2.38655 > 192.168.2.1.80: Flags [.], ack 964, win 260, options [nop,nop,TS val 101688474 ecr 93924501], length 0
12:32:29.899810 IP 192.168.2.2.38655 > 192.168.2.1.80: Flags [F.], seq 491, ack 964, win 260, options [nop,nop,TS val 101688474 ecr 93924501], length 0
12:32:29.903842 IP 192.168.2.2.38655 > 192.168.2.1.80: Flags [.], ack 965, win 260, options [nop,nop,TS val 101688475 ecr 93924502], length 0
12:32:30.080754 IP 192.168.2.2.38656 > 192.168.2.1.80: Flags [S], seq 737056678, win 29200, options [mss 1460,sackOK,TS val 101688519 ecr 0,nop,wscale 7], length 0
12:32:30.081409 IP 192.168.2.2.38656 > 192.168.2.1.80: Flags [.], ack 1574125611, win 229, options [nop,nop,TS val 101688519 ecr 93924520], length 0
12:32:30.081466 IP 192.168.2.2.38656 > 192.168.2.1.80: Flags [P.], seq 0:491, ack 1, win 229, options [nop,nop,TS val 101688519 ecr 93924520], length 491
12:32:30.092543 IP 192.168.2.2.38656 > 192.168.2.1.80: Flags [.], ack 178, win 237, options [nop,nop,TS val 101688522 ecr 93924521], length 0
12:32:30.093279 IP 192.168.2.2.38656 > 192.168.2.1.80: Flags [.], ack 297, win 237, options [nop,nop,TS val 101688522 ecr 93924521], length 0
12:32:30.093292 IP 192.168.2.2.38656 > 192.168.2.1.80: Flags [F.], seq 491, ack 297, win 237, options [nop,nop,TS val 101688522 ecr 93924521], length 0
12:32:30.097248 IP 192.168.2.2.38656 > 192.168.2.1.80: Flags [.], ack 298, win 237, options [nop,nop,TS val 101688523 ecr 93924521], length 0
12:32:30.123253 IP 192.168.2.2.38657 > 192.168.2.1.80: Flags [S], seq 2342123056, win 29200, options [mss 1460,sackOK,TS val 101688530 ecr 0,nop,wscale 7], length 0
12:32:30.123875 IP 192.168.2.2.38657 > 192.168.2.1.80: Flags [.], ack 1564086123, win 229, options [nop,nop,TS val 101688530 ecr 93924524], length 0
12:32:30.123945 IP 192.168.2.2.38657 > 192.168.2.1.80: Flags [P.], seq 0:491, ack 1, win 229, options [nop,nop,TS val 101688530 ecr 93924524], length 491
12:32:30.135663 IP 192.168.2.2.38657 > 192.168.2.1.80: Flags [.], ack 178, win 237, options [nop,nop,TS val 101688533 ecr 93924525], length 0
12:32:30.136311 IP 192.168.2.2.38657 > 192.168.2.1.80: Flags [.], ack 317, win 245, options [nop,nop,TS val 101688533 ecr 93924525], length 0
12:32:30.136320 IP 192.168.2.2.38657 > 192.168.2.1.80: Flags [F.], seq 491, ack 317, win 245, options [nop,nop,TS val 101688533 ecr 93924525], length 0
12:32:30.140167 IP 192.168.2.2.38657 > 192.168.2.1.80: Flags [.], ack 318, win 245, options [nop,nop,TS val 101688534 ecr 93924526], length 0
     

     

     

    Thanks again!!!

     
    Sophos XG Home Licence.

    Machine: Barracuda F12 appliance (Intel Celeron N3350 CPU, 6GB Ram, 80GB sata SSD)
  • 0 in reply to ChriZathens

    I have an update regarding tcpdump:

    Inside my home network, now, started TCPdump and tried to access the modem (192.168.2.1) using my Nexus' (192.168.1.25) web browser.

    I get this and hangs there:

    Fullscreen 3113.tcpdump.txt Download 
    utm:/root # tcpdump -n dst host 192.168.2.1
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on eth0, link-type EN10MB (Ethernet), capture size 65535 bytes
20:20:40.510666 IP 192.168.1.25.41844 > 192.168.2.1.80: Flags [S], seq 51990498, win 65535, options [mss 1460,sackOK,TS val 36262272 ecr 0,nop,wscale 8], length 0
20:20:40.510678 IP 192.168.1.25.41848 > 192.168.2.1.80: Flags [S], seq 1290693950, win 65535, options [mss 1460,sackOK,TS val 36262272 ecr 0,nop,wscale 8], length 0
20:20:40.513538 IP 192.168.1.25.41847 > 192.168.2.1.80: Flags [S], seq 3474324114, win 65535, options [mss 1460,sackOK,TS val 36262272 ecr 0,nop,wscale 8], length 0
20:20:40.513549 IP 192.168.1.25.41845 > 192.168.2.1.80: Flags [S], seq 4232341149, win 65535, options [mss 1460,sackOK,TS val 36262272 ecr 0,nop,wscale 8], length 0
20:20:40.513555 IP 192.168.1.25.41846 > 192.168.2.1.80: Flags [S], seq 1874858709, win 65535, options [mss 1460,sackOK,TS val 36262272 ecr 0,nop,wscale 8], length 0
20:20:40.514735 IP 192.168.1.25.41849 > 192.168.2.1.80: Flags [S], seq 1037893966, win 65535, options [mss 1460,sackOK,TS val 36262272 ecr 0,nop,wscale 8], length 0
20:20:45.523294 ARP, Request who-has 192.168.2.1 tell 192.168.2.2, length 28

     With verbose output enabled:

    Fullscreen tcpdump_verbose.txt Download 
    utm:/root # tcpdump -nv dst host 192.168.2.1
tcpdump: listening on eth0, link-type EN10MB (Ethernet), capture size 65535 bytes
20:25:22.936919 IP (tos 0x0, ttl 63, id 22480, offset 0, flags [DF], proto TCP (6), length 60)
    192.168.1.25.41879 > 192.168.2.1.80: Flags [S], cksum 0xeb3c (correct), seq 2316942318, win 65535, options [mss 1460,sackOK,TS val 36301886 ecr 0,nop,wscale 8], length 0
20:25:22.938718 IP (tos 0x0, ttl 63, id 57103, offset 0, flags [DF], proto TCP (6), length 60)
    192.168.1.25.41880 > 192.168.2.1.80: Flags [S], cksum 0x8716 (correct), seq 1996239664, win 65535, options [mss 1460,sackOK,TS val 36301887 ecr 0,nop,wscale 8], length 0
20:25:22.941494 IP (tos 0x0, ttl 63, id 18067, offset 0, flags [DF], proto TCP (6), length 60)
    192.168.1.25.41881 > 192.168.2.1.80: Flags [S], cksum 0x8a0a (correct), seq 4236946092, win 65535, options [mss 1460,sackOK,TS val 36301887 ecr 0,nop,wscale 8], length 0
20:25:22.941510 IP (tos 0x0, ttl 63, id 49255, offset 0, flags [DF], proto TCP (6), length 60)
    192.168.1.25.41882 > 192.168.2.1.80: Flags [S], cksum 0xa7c8 (correct), seq 1565535270, win 65535, options [mss 1460,sackOK,TS val 36301889 ecr 0,nop,wscale 8], length 0
20:25:23.183038 IP (tos 0x0, ttl 63, id 1798, offset 0, flags [DF], proto TCP (6), length 60)
    192.168.1.25.41883 > 192.168.2.1.80: Flags [S], cksum 0x45c0 (correct), seq 4289063823, win 65535, options [mss 1460,sackOK,TS val 36301961 ecr 0,nop,wscale 8], length 0
20:25:23.934326 IP (tos 0x0, ttl 63, id 22481, offset 0, flags [DF], proto TCP (6), length 60)
    192.168.1.25.41879 > 192.168.2.1.80: Flags [S], cksum 0xea0f (correct), seq 2316942318, win 65535, options [mss 1460,sackOK,TS val 36302187 ecr 0,nop,wscale 8], length 0
20:25:23.934336 IP (tos 0x0, ttl 63, id 57104, offset 0, flags [DF], proto TCP (6), length 60)
    192.168.1.25.41880 > 192.168.2.1.80: Flags [S], cksum 0x85e9 (correct), seq 1996239664, win 65535, options [mss 1460,sackOK,TS val 36302188 ecr 0,nop,wscale 8], length 0
20:25:23.934342 IP (tos 0x0, ttl 63, id 18068, offset 0, flags [DF], proto TCP (6), length 60)
    192.168.1.25.41881 > 192.168.2.1.80: Flags [S], cksum 0x88dd (correct), seq 4236946092, win 65535, options [mss 1460,sackOK,TS val 36302188 ecr 0,nop,wscale 8], length 0
20:25:23.941593 IP (tos 0x0, ttl 63, id 49256, offset 0, flags [DF], proto TCP (6), length 60)
    192.168.1.25.41882 > 192.168.2.1.80: Flags [S], cksum 0xa69b (correct), seq 1565535270, win 65535, options [mss 1460,sackOK,TS val 36302190 ecr 0,nop,wscale 8], length 0
20:25:24.186116 IP (tos 0x0, ttl 63, id 1799, offset 0, flags [DF], proto TCP (6), length 60)
    192.168.1.25.41883 > 192.168.2.1.80: Flags [S], cksum 0x4493 (correct), seq 4289063823, win 65535, options [mss 1460,sackOK,TS val 36302262 ecr 0,nop,wscale 8], length 0
20:25:25.971736 IP (tos 0x0, ttl 63, id 22482, offset 0, flags [DF], proto TCP (6), length 60)
    192.168.1.25.41879 > 192.168.2.1.80: Flags [S], cksum 0xe7b6 (correct), seq 2316942318, win 65535, options [mss 1460,sackOK,TS val 36302788 ecr 0,nop,wscale 8], length 0
20:25:25.980243 IP (tos 0x0, ttl 63, id 57105, offset 0, flags [DF], proto TCP (6), length 60)
    192.168.1.25.41880 > 192.168.2.1.80: Flags [S], cksum 0x838f (correct), seq 1996239664, win 65535, options [mss 1460,sackOK,TS val 36302790 ecr 0,nop,wscale 8], length 0
20:25:25.980253 IP (tos 0x0, ttl 63, id 49257, offset 0, flags [DF], proto TCP (6), length 60)
    192.168.1.25.41882 > 192.168.2.1.80: Flags [S], cksum 0xa441 (correct), seq 1565535270, win 65535, options [mss 1460,sackOK,TS val 36302792 ecr 0,nop,wscale 8], length 0
20:25:25.980259 IP (tos 0x0, ttl 63, id 18069, offset 0, flags [DF], proto TCP (6), length 60)
    192.168.1.25.41881 > 192.168.2.1.80: Flags [S], cksum 0x8683 (correct), seq 4236946092, win 65535, options [mss 1460,sackOK,TS val 36302790 ecr 0,nop,wscale 8], length 0
20:25:26.192222 IP (tos 0x0, ttl 63, id 1800, offset 0, flags [DF], proto TCP (6), length 60)
    192.168.1.25.41883 > 192.168.2.1.80: Flags [S], cksum 0x4239 (correct), seq 4289063823, win 65535, options [mss 1460,sackOK,TS val 36302864 ecr 0,nop,wscale 8], length 0
20:25:27.939268 ARP, Ethernet (len 6), IPv4 (len 4), Request who-has 192.168.2.1 tell 192.168.2.2, length 28
20:25:29.993022 IP (tos 0x0, ttl 63, id 22483, offset 0, flags [DF], proto TCP (6), length 60)
    192.168.1.25.41879 > 192.168.2.1.80: Flags [S], cksum 0xe302 (correct), seq 2316942318, win 65535, options [mss 1460,sackOK,TS val 36303992 ecr 0,nop,wscale 8], length 0
20:25:29.993035 IP (tos 0x0, ttl 63, id 57106, offset 0, flags [DF], proto TCP (6), length 60)
    192.168.1.25.41880 > 192.168.2.1.80: Flags [S], cksum 0x7edd (correct), seq 1996239664, win 65535, options [mss 1460,sackOK,TS val 36303992 ecr 0,nop,wscale 8], length 0
20:25:29.993042 IP (tos 0x0, ttl 63, id 18070, offset 0, flags [DF], proto TCP (6), length 60)
    192.168.1.25.41881 > 192.168.2.1.80: Flags [S], cksum 0x81d1 (correct), seq 4236946092, win 65535, options [mss 1460,sackOK,TS val 36303992 ecr 0,nop,wscale 8], length 0
20:25:29.993064 IP (tos 0x0, ttl 63, id 49258, offset 0, flags [DF], proto TCP (6), length 60)
    192.168.1.25.41882 > 192.168.2.1.80: Flags [S], cksum 0x9f8d (correct), seq 1565535270, win 65535, options [mss 1460,sackOK,TS val 36303996 ecr 0,nop,wscale 8], length 0
20:25:30.204968 IP (tos 0x0, ttl 63, id 1801, offset 0, flags [DF], proto TCP (6), length 60)
    192.168.1.25.41883 > 192.168.2.1.80: Flags [S], cksum 0x3d85 (correct), seq 4289063823, win 65535, options [mss 1460,sackOK,TS val 36304068 ecr 0,nop,wscale 8], length 0
20:25:37.978049 IP (tos 0x0, ttl 63, id 22484, offset 0, flags [DF], proto TCP (6), length 60)
    192.168.1.25.41879 > 192.168.2.1.80: Flags [S], cksum 0xd99a (correct), seq 2316942318, win 65535, options [mss 1460,sackOK,TS val 36306400 ecr 0,nop,wscale 8], length 0
20:25:37.978058 IP (tos 0x0, ttl 63, id 49259, offset 0, flags [DF], proto TCP (6), length 60)
    192.168.1.25.41882 > 192.168.2.1.80: Flags [S], cksum 0x9628 (correct), seq 1565535270, win 65535, options [mss 1460,sackOK,TS val 36306401 ecr 0,nop,wscale 8], length 0
20:25:37.978062 IP (tos 0x0, ttl 63, id 57107, offset 0, flags [DF], proto TCP (6), length 60)
    192.168.1.25.41880 > 192.168.2.1.80: Flags [S], cksum 0x7574 (correct), seq 1996239664, win 65535, options [mss 1460,sackOK,TS val 36306401 ecr 0,nop,wscale 8], length 0
20:25:37.978066 IP (tos 0x0, ttl 63, id 18071, offset 0, flags [DF], proto TCP (6), length 60)
    192.168.1.25.41881 > 192.168.2.1.80: Flags [S], cksum 0x7868 (correct), seq 4236946092, win 65535, options [mss 1460,sackOK,TS val 36306401 ecr 0,nop,wscale 8], length 0
20:25:38.217809 IP (tos 0x0, ttl 63, id 1802, offset 0, flags [DF], proto TCP (6), length 60)
    192.168.1.25.41883 > 192.168.2.1.80: Flags [S], cksum 0x3421 (correct), seq 4289063823, win 65535, options [mss 1460,sackOK,TS val 36306472 ecr 0,nop,wscale 8], length 0
20:25:54.030512 IP (tos 0x0, ttl 63, id 22485, offset 0, flags [DF], proto TCP (6), length 60)
    192.168.1.25.41879 > 192.168.2.1.80: Flags [S], cksum 0xc6ca (correct), seq 2316942318, win 65535, options [mss 1460,sackOK,TS val 36311216 ecr 0,nop,wscale 8], length 0
20:25:54.030522 IP (tos 0x0, ttl 63, id 57108, offset 0, flags [DF], proto TCP (6), length 60)
    192.168.1.25.41880 > 192.168.2.1.80: Flags [S], cksum 0x62a5 (correct), seq 1996239664, win 65535, options [mss 1460,sackOK,TS val 36311216 ecr 0,nop,wscale 8], length 0
20:25:54.030528 IP (tos 0x0, ttl 63, id 18072, offset 0, flags [DF], proto TCP (6), length 60)
    192.168.1.25.41881 > 192.168.2.1.80: Flags [S], cksum 0x6598 (correct), seq 4236946092, win 65535, options [mss 1460,sackOK,TS val 36311217 ecr 0,nop,wscale 8], length 0
20:25:54.030744 IP (tos 0x0, ttl 63, id 49260, offset 0, flags [DF], proto TCP (6), length 60)
    192.168.1.25.41882 > 192.168.2.1.80: Flags [S], cksum 0x8358 (correct), seq 1565535270, win 65535, options [mss 1460,sackOK,TS val 36311217 ecr 0,nop,wscale 8], length 0
20:25:57.894325 IP (tos 0x0, ttl 63, id 1803, offset 0, flags [DF], proto TCP (6), length 60)
    192.168.1.25.41883 > 192.168.2.1.80: Flags [S], cksum 0x2159 (correct), seq 4289063823, win 65535, options [mss 1460,sackOK,TS val 36311280 ecr 0,nop,wscale 8], length 0
20:25:59.043297 ARP, Ethernet (len 6), IPv4 (len 4), Request who-has 192.168.2.1 tell 192.168.2.2, length 28

    Any insight welcome.

     
    Sophos XG Home Licence.

    Machine: Barracuda F12 appliance (Intel Celeron N3350 CPU, 6GB Ram, 80GB sata SSD)
  • 0 in reply to ChriZathens

    Hi Chris,

    Looking at the dumps '20:20:45.523294 ARP, Request who-has 192.168.2.1 tell 192.168.2.2, length 28'

    UTM has no ARP entry for 192.168.2.2 i.e., the ADSL router. I am sure that the issue is simply a basic routing at your local end.

    Thanks

    Sachin Gurung
    Team Lead | Sophos Technical Support
    Knowledge Base  |  @SophosSupport  |  Video tutorials
    Remember to like a post.  If a post (on a question thread) solves your question use the 'This helped me' link.

  • 0 in reply to sachingurung

    Hello again and once more thanks for trying to help!!![:)]

     

    UTM has no ARP entry for 192.168.2.2 i.e., the ADSL router ---> My ADSL router's IP address is 192.168.2.1, BTW and if it was a routing issue, wouldn't it affect all devices trying to access that IP?

    As mentioned, all other devices, wired or wireless, can access the modem's IP without any issues.

    Only on my own two smartphones the connection times out...[:O]

     I even tried from my wife's smartphone (which is my previous personal phone, after a factory reset). No issues from there, either...[:(]

     
    Sophos XG Home Licence.

    Machine: Barracuda F12 appliance (Intel Celeron N3350 CPU, 6GB Ram, 80GB sata SSD)
  • 0 in reply to ChriZathens

    Are there any specific settings/configurations for the phones on UTM? Like a DNAT, static routing and do you have any other Web Browser installed on any of the phones to check if the modem's UI is accessible.

    Thanks

    Sachin Gurung
    Team Lead | Sophos Technical Support
    Knowledge Base  |  @SophosSupport  |  Video tutorials
    Remember to like a post.  If a post (on a question thread) solves your question use the 'This helped me' link.

  • 0 in reply to sachingurung

    No, no DNAT, or anything like that for those two phones

    No static routes, either.

    From the iPhone I have tried both chrome and safari with the same results... both time out...

    [:(]

     
    Sophos XG Home Licence.

    Machine: Barracuda F12 appliance (Intel Celeron N3350 CPU, 6GB Ram, 80GB sata SSD)
  • 0 in reply to ChriZathens

    Chriz, do you have any luck with the following NAT rule?

    SNAT : {192.168.1.0/24} -> Any -> {192.168.2.1} : from {192.168.2.2}

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Reply
  • 0 in reply to ChriZathens

    Chriz, do you have any luck with the following NAT rule?

    SNAT : {192.168.1.0/24} -> Any -> {192.168.2.1} : from {192.168.2.2}

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Children
  • 0 in reply to BAlfson

    Hi Bob!

    Thanks for your help.

    Can you please explain how to create the rule?

    I entered traffic from Internal network (192.168.1.0/24)

    Using service HTTP

    Going to 192.168.2.1

    Change source to 192.168.2.2

    and service to HTTP

    Not working

     

    Tried to follow exactly your advice 

    I entered traffic from Internal network (192.168.1.0/24)

    Using service Any

    Going to 192.168.2.1

     

    But then what do I enter in the other two fields (blonde moment here...)

     
    Sophos XG Home Licence.

    Machine: Barracuda F12 appliance (Intel Celeron N3350 CPU, 6GB Ram, 80GB sata SSD)
  • 0 in reply to ChriZathens

    In NAT rules, when the Service isn't to be changed, leave that empty (see #5 in Rulz).  Use {192.168.2.2}.

    If that doesn't work, there's something else going on here that's causing a routing conflict.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • 0 in reply to BAlfson

    So, you mean like this?

    Internal Network -->192.168.1.0/24

    Service -->Any

    Insomniamodem -->192.168.2.1

    Additional address -->192.168.2.2

    (sorry for being thick...[:$])

     

    What I cannot understand is what would cause only my two phones to not have access to that address, while any other network device has no issues... [:(]

     
    Sophos XG Home Licence.

    Machine: Barracuda F12 appliance (Intel Celeron N3350 CPU, 6GB Ram, 80GB sata SSD)
  • 0 in reply to ChriZathens

    I just looked at the entire thread.  I was so sure it was something between the UTM and the modem, but I only now "saw" that the modem never responded to the ARP request from the UTM.  Strange that the UTM would ARP on the internal NIC rather than the external one.  That might be an unintended feature[;)], but let's see if we can outsmart it.  What happens if you change the Additional Address to a /30?

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • 0 in reply to BAlfson

    Hello again!

    Changed the additional address to /30, but still the same... Those two phones cannot access the modem   

    I also got a TCPdump while trying to access the modem from my tablet (192.168.1.4)

    Fullscreen tcpdumpfromtablet.txt Download 
    18:46:03.803127 IP (tos 0x0, ttl 64, id 40729, offset 0, flags [DF], proto TCP (6), length 60)
    192.168.2.2.35216 > 192.168.2.1.80: Flags [S], cksum 0x9281 (correct), seq 3269258036, win 29200, options [mss 1460,sackOK,TS val 301691949 ecr 0,nop,wscale 7], length 0
18:46:03.803937 IP (tos 0x0, ttl 64, id 40730, offset 0, flags [DF], proto TCP (6), length 52)
    192.168.2.2.35216 > 192.168.2.1.80: Flags [.], cksum 0x8895 (correct), ack 222145908, win 229, options [nop,nop,TS val 301691950 ecr 173925571], length 0
18:46:03.803990 IP (tos 0x0, ttl 64, id 40731, offset 0, flags [DF], proto TCP (6), length 522)
    192.168.2.2.35216 > 192.168.2.1.80: Flags [P.], cksum 0x417c (correct), seq 0:470, ack 1, win 229, options [nop,nop,TS val 301691950 ecr 173925571], length 470
18:46:03.844485 IP (tos 0x0, ttl 64, id 40732, offset 0, flags [DF], proto TCP (6), length 52)
    192.168.2.2.35216 > 192.168.2.1.80: Flags [.], cksum 0x86a0 (correct), ack 18, win 229, options [nop,nop,TS val 301691960 ecr 173925575], length 0
18:46:03.845239 IP (tos 0x0, ttl 64, id 40733, offset 0, flags [DF], proto TCP (6), length 52)
    192.168.2.2.35216 > 192.168.2.1.80: Flags [.], cksum 0x8598 (correct), ack 274, win 237, options [nop,nop,TS val 301691960 ecr 173925575], length 0
18:46:03.845776 IP (tos 0x0, ttl 64, id 40734, offset 0, flags [DF], proto TCP (6), length 52)
    192.168.2.2.35216 > 192.168.2.1.80: Flags [.], cksum 0x7fd9 (correct), ack 1722, win 260, options [nop,nop,TS val 301691960 ecr 173925575], length 0
18:46:03.845887 IP (tos 0x0, ttl 64, id 40735, offset 0, flags [DF], proto TCP (6), length 52)
    192.168.2.2.35216 > 192.168.2.1.80: Flags [.], cksum 0x7f3e (correct), ack 1855, win 282, options [nop,nop,TS val 301691960 ecr 173925575], length 0
18:46:03.849601 IP (tos 0x0, ttl 64, id 40736, offset 0, flags [DF], proto TCP (6), length 52)
    192.168.2.2.35216 > 192.168.2.1.80: Flags [F.], cksum 0x7f3a (correct), seq 470, ack 1856, win 282, options [nop,nop,TS val 301691961 ecr 173925576], length 0
18:46:03.964652 IP (tos 0x0, ttl 64, id 5595, offset 0, flags [DF], proto TCP (6), length 60)
    192.168.2.2.35217 > 192.168.2.1.80: Flags [S], cksum 0x0f5f (correct), seq 3481035149, win 29200, options [mss 1460,sackOK,TS val 301691990 ecr 0,nop,wscale 7], length 0
18:46:03.965375 IP (tos 0x0, ttl 64, id 5596, offset 0, flags [DF], proto TCP (6), length 52)
    192.168.2.2.35217 > 192.168.2.1.80: Flags [.], cksum 0xdb06 (correct), ack 237033198, win 229, options [nop,nop,TS val 301691990 ecr 173925587], length 0
18:46:03.965451 IP (tos 0x0, ttl 64, id 5597, offset 0, flags [DF], proto TCP (6), length 509)
    192.168.2.2.35217 > 192.168.2.1.80: Flags [P.], cksum 0xa38f (correct), seq 0:457, ack 1, win 229, options [nop,nop,TS val 301691990 ecr 173925587], length 457
18:46:03.976707 IP (tos 0x0, ttl 64, id 5598, offset 0, flags [DF], proto TCP (6), length 52)
    192.168.2.2.35217 > 192.168.2.1.80: Flags [.], cksum 0xd86f (correct), ack 195, win 237, options [nop,nop,TS val 301691993 ecr 173925588], length 0
18:46:03.977284 IP (tos 0x0, ttl 64, id 5599, offset 0, flags [DF], proto TCP (6), length 52)
    192.168.2.2.35217 > 192.168.2.1.80: Flags [.], cksum 0xd2b0 (correct), ack 1643, win 260, options [nop,nop,TS val 301691993 ecr 173925588], length 0
18:46:03.977556 IP (tos 0x0, ttl 64, id 5600, offset 0, flags [DF], proto TCP (6), length 52)
    192.168.2.2.35217 > 192.168.2.1.80: Flags [.], cksum 0xccf2 (correct), ack 3091, win 282, options [nop,nop,TS val 301691993 ecr 173925588], length 0
18:46:03.977742 IP (tos 0x0, ttl 64, id 5601, offset 0, flags [DF], proto TCP (6), length 52)
    192.168.2.2.35217 > 192.168.2.1.80: Flags [.], cksum 0xc82b (correct), ack 4291, win 305, options [nop,nop,TS val 301691993 ecr 173925588], length 0
18:46:03.978434 IP (tos 0x0, ttl 64, id 5602, offset 0, flags [DF], proto TCP (6), length 52)
    192.168.2.2.35217 > 192.168.2.1.80: Flags [.], cksum 0xc26d (correct), ack 5739, win 327, options [nop,nop,TS val 301691993 ecr 173925588], length 0
18:46:03.978842 IP (tos 0x0, ttl 64, id 5603, offset 0, flags [DF], proto TCP (6), length 52)
    192.168.2.2.35217 > 192.168.2.1.80: Flags [.], cksum 0xbcb9 (correct), ack 7187, win 338, options [nop,nop,TS val 301691993 ecr 173925589], length 0
18:46:03.979328 IP (tos 0x0, ttl 64, id 5604, offset 0, flags [DF], proto TCP (6), length 52)
    192.168.2.2.35217 > 192.168.2.1.80: Flags [.], cksum 0xb808 (correct), ack 8387, win 338, options [nop,nop,TS val 301691994 ecr 173925589], length 0
18:46:03.980202 IP (tos 0x0, ttl 64, id 5605, offset 0, flags [DF], proto TCP (6), length 52)
    192.168.2.2.35217 > 192.168.2.1.80: Flags [.], cksum 0xb260 (correct), ack 9835, win 338, options [nop,nop,TS val 301691994 ecr 173925589], length 0
18:46:03.980364 IP (tos 0x0, ttl 64, id 5606, offset 0, flags [DF], proto TCP (6), length 52)
    192.168.2.2.35217 > 192.168.2.1.80: Flags [.], cksum 0xacb8 (correct), ack 11283, win 338, options [nop,nop,TS val 301691994 ecr 173925589], length 0
18:46:03.980540 IP (tos 0x0, ttl 64, id 5607, offset 0, flags [DF], proto TCP (6), length 52)
    192.168.2.2.35217 > 192.168.2.1.80: Flags [.], cksum 0xa808 (correct), ack 12483, win 338, options [nop,nop,TS val 301691994 ecr 173925589], length 0
18:46:03.981449 IP (tos 0x0, ttl 64, id 5608, offset 0, flags [DF], proto TCP (6), length 52)
    192.168.2.2.35217 > 192.168.2.1.80: Flags [.], cksum 0xa260 (correct), ack 13931, win 338, options [nop,nop,TS val 301691994 ecr 173925589], length 0
18:46:03.981918 IP (tos 0x0, ttl 64, id 5609, offset 0, flags [DF], proto TCP (6), length 52)
    192.168.2.2.35217 > 192.168.2.1.80: Flags [.], cksum 0x9e16 (correct), ack 15029, win 338, options [nop,nop,TS val 301691994 ecr 173925589], length 0
18:46:03.981932 IP (tos 0x0, ttl 64, id 5610, offset 0, flags [DF], proto TCP (6), length 52)
    192.168.2.2.35217 > 192.168.2.1.80: Flags [F.], cksum 0x9e15 (correct), seq 457, ack 15029, win 338, options [nop,nop,TS val 301691994 ecr 173925589], length 0
18:46:03.985662 IP (tos 0x0, ttl 64, id 5611, offset 0, flags [DF], proto TCP (6), length 52)
    192.168.2.2.35217 > 192.168.2.1.80: Flags [.], cksum 0x9e13 (correct), ack 15030, win 338, options [nop,nop,TS val 301691995 ecr 173925589], length 0
18:46:04.100728 IP (tos 0x0, ttl 64, id 28408, offset 0, flags [DF], proto TCP (6), length 60)

    The tablet has no problem accessing the modem..

     And this one is from my computer (which can also access the modem)

    Fullscreen tcpdumpfrompc.txt Download 
    18:50:34.057607 IP (tos 0x0, ttl 64, id 14963, offset 0, flags [DF], proto TCP (6), length 60)
    192.168.2.2.35281 > 192.168.2.1.80: Flags [S], cksum 0x1efa (correct), seq 3540010602, win 29200, options [mss 1460,sackOK,TS val 301759513 ecr 0,nop,wscale 7], length 0
18:50:34.058259 IP (tos 0x0, ttl 64, id 14964, offset 0, flags [DF], proto TCP (6), length 52)
    192.168.2.2.35281 > 192.168.2.1.80: Flags [.], cksum 0xda66 (correct), ack 507276684, win 229, options [nop,nop,TS val 301759513 ecr 173952596], length 0
18:50:34.058370 IP (tos 0x0, ttl 64, id 14965, offset 0, flags [DF], proto TCP (6), length 429)
    192.168.2.2.35281 > 192.168.2.1.80: Flags [P.], cksum 0xfd58 (correct), seq 0:377, ack 1, win 229, options [nop,nop,TS val 301759513 ecr 173952596], length 377
18:50:34.068875 IP (tos 0x0, ttl 64, id 14966, offset 0, flags [DF], proto TCP (6), length 52)
    192.168.2.2.35281 > 192.168.2.1.80: Flags [.], cksum 0xd78a (correct), ack 344, win 237, options [nop,nop,TS val 301759516 ecr 173952597], length 0
18:50:34.072997 IP (tos 0x0, ttl 64, id 14967, offset 0, flags [DF], proto TCP (6), length 52)
    192.168.2.2.35281 > 192.168.2.1.80: Flags [F.], cksum 0xd786 (correct), seq 377, ack 345, win 237, options [nop,nop,TS val 301759517 ecr 173952598], length 0
18:50:35.385202 IP (tos 0x0, ttl 64, id 54815, offset 0, flags [DF], proto TCP (6), length 60)
    192.168.2.2.35282 > 192.168.2.1.80: Flags [S], cksum 0xa244 (correct), seq 3914902394, win 29200, options [mss 1460,sackOK,TS val 301759845 ecr 0,nop,wscale 7], length 0
18:50:35.385829 IP (tos 0x0, ttl 64, id 54816, offset 0, flags [DF], proto TCP (6), length 52)
    192.168.2.2.35282 > 192.168.2.1.80: Flags [.], cksum 0x0cd5 (correct), ack 499498586, win 229, options [nop,nop,TS val 301759845 ecr 173952729], length 0
18:50:35.385887 IP (tos 0x0, ttl 64, id 54817, offset 0, flags [DF], proto TCP (6), length 429)
    192.168.2.2.35282 > 192.168.2.1.80: Flags [P.], cksum 0x2fc7 (correct), seq 0:377, ack 1, win 229, options [nop,nop,TS val 301759845 ecr 173952729], length 377
18:50:35.396387 IP (tos 0x0, ttl 64, id 54818, offset 0, flags [DF], proto TCP (6), length 52)
    192.168.2.2.35282 > 192.168.2.1.80: Flags [.], cksum 0x09f9 (correct), ack 344, win 237, options [nop,nop,TS val 301759848 ecr 173952730], length 0
18:50:35.400557 IP (tos 0x0, ttl 64, id 54819, offset 0, flags [DF], proto TCP (6), length 52)
    192.168.2.2.35282 > 192.168.2.1.80: Flags [F.], cksum 0x09f5 (correct), seq 377, ack 345, win 237, options [nop,nop,TS val 301759849 ecr 173952731], length 0
18:50:41.512161 IP (tos 0x0, ttl 64, id 3184, offset 0, flags [DF], proto TCP (6), length 60)
    192.168.2.2.35283 > 192.168.2.1.80: Flags [S], cksum 0xeef8 (correct), seq 3004206865, win 29200, options [mss 1460,sackOK,TS val 301761377 ecr 0,nop,wscale 7], length 0
18:50:41.512860 IP (tos 0x0, ttl 64, id 3185, offset 0, flags [DF], proto TCP (6), length 52)
    192.168.2.2.35283 > 192.168.2.1.80: Flags [.], cksum 0xe69f (correct), ack 513093135, win 229, options [nop,nop,TS val 301761377 ecr 173953342], length 0
18:50:41.512924 IP (tos 0x0, ttl 64, id 3186, offset 0, flags [DF], proto TCP (6), length 472)
    192.168.2.2.35283 > 192.168.2.1.80: Flags [P.], cksum 0xde08 (correct), seq 0:420, ack 1, win 229, options [nop,nop,TS val 301761377 ecr 173953342], length 420
18:50:41.570487 IP (tos 0x0, ttl 64, id 3187, offset 0, flags [DF], proto TCP (6), length 52)
    192.168.2.2.35283 > 192.168.2.1.80: Flags [.], cksum 0xe4d6 (correct), ack 18, win 229, options [nop,nop,TS val 301761391 ecr 173953348], length 0
18:50:41.571259 IP (tos 0x0, ttl 64, id 3188, offset 0, flags [DF], proto TCP (6), length 52)
    192.168.2.2.35283 > 192.168.2.1.80: Flags [.], cksum 0xe3cd (correct), ack 274, win 237, options [nop,nop,TS val 301761392 ecr 173953348], length 0
18:50:41.571826 IP (tos 0x0, ttl 64, id 3189, offset 0, flags [DF], proto TCP (6), length 52)
    192.168.2.2.35283 > 192.168.2.1.80: Flags [.], cksum 0xde0e (correct), ack 1722, win 260, options [nop,nop,TS val 301761392 ecr 173953348], length 0
18:50:41.571874 IP (tos 0x0, ttl 64, id 3190, offset 0, flags [DF], proto TCP (6), length 52)
    192.168.2.2.35283 > 192.168.2.1.80: Flags [.], cksum 0xdd73 (correct), ack 1855, win 282, options [nop,nop,TS val 301761392 ecr 173953348], length 0
18:50:41.575443 IP (tos 0x0, ttl 64, id 3191, offset 0, flags [DF], proto TCP (6), length 52)
    192.168.2.2.35283 > 192.168.2.1.80: Flags [F.], cksum 0xdd70 (correct), seq 420, ack 1856, win 282, options [nop,nop,TS val 301761393 ecr 173953348], length 0
18:50:41.599776 IP (tos 0x0, ttl 64, id 57478, offset 0, flags [DF], proto TCP (6), length 60)
    192.168.2.2.35284 > 192.168.2.1.80: Flags [S], cksum 0x4a64 (correct), seq 2192466929, win 29200, options [mss 1460,sackOK,TS val 301761399 ecr 0,nop,wscale 7], length 0
18:50:41.600496 IP (tos 0x0, ttl 64, id 57479, offset 0, flags [DF], proto TCP (6), length 52)
    192.168.2.2.35284 > 192.168.2.1.80: Flags [.], cksum 0x7c6e (correct), ack 500888669, win 229, options [nop,nop,TS val 301761399 ecr 173953351], length 0
18:50:41.600545 IP (tos 0x0, ttl 64, id 57480, offset 0, flags [DF], proto TCP (6), length 409)
    192.168.2.2.35284 > 192.168.2.1.80: Flags [P.], cksum 0x7e15 (correct), seq 0:357, ack 1, win 229, options [nop,nop,TS val 301761399 ecr 173953351], length 357
18:50:41.610913 IP (tos 0x0, ttl 64, id 57481, offset 0, flags [DF], proto TCP (6), length 52)
    192.168.2.2.35284 > 192.168.2.1.80: Flags [.], cksum 0x7a3c (correct), ack 195, win 237, options [nop,nop,TS val 301761401 ecr 173953352], length 0
18:50:41.611445 IP (tos 0x0, ttl 64, id 57482, offset 0, flags [DF], proto TCP (6), length 52)
    192.168.2.2.35284 > 192.168.2.1.80: Flags [.], cksum 0x747c (correct), ack 1643, win 260, options [nop,nop,TS val 301761402 ecr 173953352], length 0
18:50:41.611780 IP (tos 0x0, ttl 64, id 57483, offset 0, flags [DF], proto TCP (6), length 52)
    192.168.2.2.35284 > 192.168.2.1.80: Flags [.], cksum 0x6ebe (correct), ack 3091, win 282, options [nop,nop,TS val 301761402 ecr 173953352], length 0
18:50:41.612087 IP (tos 0x0, ttl 64, id 57484, offset 0, flags [DF], proto TCP (6), length 52)
    192.168.2.2.35284 > 192.168.2.1.80: Flags [.], cksum 0x69f7 (correct), ack 4291, win 305, options [nop,nop,TS val 301761402 ecr 173953352], length 0
18:50:41.612860 IP (tos 0x0, ttl 64, id 57485, offset 0, flags [DF], proto TCP (6), length 52)

     

    What the... is going on... I can't understand...

     
    Sophos XG Home Licence.

    Machine: Barracuda F12 appliance (Intel Celeron N3350 CPU, 6GB Ram, 80GB sata SSD)
  • 0 in reply to ChriZathens

    "Changed the additional address to /30, but still the same"

    Not the same!  We're now getting mostly ACKs in the tcpdump and not the outrageously high seq numbers.  Did you see any blocks in the Firewall or Intrusion Prevention logs at the time of this last test?

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • 0 in reply to BAlfson

    Did not check the first time, but gave it another try right now and nothing in firewall log, nor in IPS...

     
    Sophos XG Home Licence.

    Machine: Barracuda F12 appliance (Intel Celeron N3350 CPU, 6GB Ram, 80GB sata SSD)
  • 0 in reply to ChriZathens

    This is strange.  What do you see if you test while running tcpdump on the Internal NIC with src the IP of the modem and dst the IP of your phone - does the UTM see responses sent to your phone?

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • 0 in reply to BAlfson

    Hello again, Bob!

    Yes, it is strange... Every device but my personal smartphones can access the modem's WebGui..

    I will check the tcpdump once I am home...

    I think I will delete every and single trace of the phones from the UTM, delete any rules, associated with them and delete the WiFi from my phones.

    Then start over again, as if it is the first time they are accessing the home network and check their behavior...

     
    Sophos XG Home Licence.

    Machine: Barracuda F12 appliance (Intel Celeron N3350 CPU, 6GB Ram, 80GB sata SSD)
  • 0 in reply to ChriZathens

    Hi ,

    did I understand you right, that the only difference between the working and the non working devices is, that the devices, that can access the dsl modem´s webfrontend are handled by the transparent proxy and the non working devices are handled by firewall rules?

     

    If yes, then I think the problem can be be explained easily. For the working devices (using transparent webproxy) the utm automatically masquerades the request behind the address 192.168.2.2 (Proxy Service).

    For the non working devices, without the SNAT Configuration the clients will not be able to reach the dsl modem, even when firewalls rules are in place. Or did you configure a route for your internal network 192.168.1.0 on the dsl modem? 

     

    Did you configure the SNAT Rule mentioned by Bob? If not, do it. I believe your setup will then work again!

     

    Let me know ;)

     

    BR

    Sebastian

Share Feedback
×

Submitted a Tech Support Case lately from the Support Portal?

Unfiltered HTML