Guest User!

You are not Sophos Staff.

Thread Info
  • State Suggested Answer
  • Locked Locked
  • Replies 29 replies
  • Answers 3 answers
  • Subscribers 4 subscribers
  • Views 25528 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Cannot access ADSL modem setup with additional address via specific devices

ChriZathens

Hi guys!

I am facing a strange issue...

I have an ASDL modem/router in bridge mode with IP 192.168.2.1 and have setup an additional address (192.168.2.2) on my UTM in order to access the modem.

The WAN interface connected to the ADSL modem/router is using PPPoE and my LAN is on the 192.168.1.x range

This has been working great until recently. I could enter http://192.168.2.1 on my smartphone's browser and could normally access the modem's webui (I want to regularly check the speed my adsl router syncs, because I have isp issues)

About a month ago, I replaced both my smartphones (company and personal)

From those 2 devices I cannot connect to the http://192.168.2.1 address.

From my computer, the page loads normally. I tried from my tablet - loads normally, too.

BUT, I can access the http://192.168.2.1 address normally from either phone when I am connected to my house using VPN...

The only difference between the other devices and my phones is that I have put them in Skip Transparent Mode Source Hosts/Nets & Skip Transparent Mode Destination Hosts/Nets in filtering options. I thought that maybe that was the case and went ahead and removed them, but still the same.

The only other thing that has changed since I could access the address via the old phone's browser, is that - due to the fact that I was migrating stuff and a need for more addresses arose, I changed my DHCP internal range and added 10 more IPs (was until .20, now it is until 30). I think this is irrelevant, though, just thought I should mention it...

 

Any ideas on where to look? I am really lost, don't know what to check and this thing is puzzling me.

I mean I can always connect using VPN (even when I am at the house), but why on earth does it not connect normally?



This thread was automatically locked due to age.
Parents
  • 0

    Hi,

    I believe the mobile phones are connected through WiFi, I am interested in knowing what IP address is leased to the mobile devices(same subnet IP address on the other devices which can access the GUI?). Grep this IP address and post the packetfilter.log.

    Also, take a tcpdump on the source IP(x.x.x.x) and the destination IP(192.168.2.1), show us the dumps. Finally, show me a picture of WebAdmin settings from the management page.

    Thanks

    Sachin Gurung
    Team Lead | Sophos Technical Support
    Knowledge Base  |  @SophosSupport  |  Video tutorials
    Remember to like a post.  If a post (on a question thread) solves your question use the 'This helped me' link.

  • 0 in reply to sachingurung

    Hello, sachingurung, and thanks for trying to help

    Regarding your points:

    Yes, the mobiles are connected using wi-fi. My nexus has an address of .25, my iPhone of .19, both assigned by DHCP and made as reservations

    My network is 192.168.1.0/24. The UTM's address is 192.168.1.1

    The additional IP set on the UTM is 192.168.2.2 and the ADSL modem has an IP of 192.168.2.1

    The utm can ping the modem no problem :

    PING 192.168.2.1 (192.168.2.1) 56(84) bytes of data.

64 bytes from 192.168.2.1: icmp_seq=1 ttl=255 time=1.29 ms

     

    My tablet which can access the modem via wifi has an IP address of 192.168.1.4

    Regarding the packetfilter log:

    I go to Logging and reporting and enter those settings:

    thousands of lines are returned... I tried to search for 192.168.2.1 in there but had 0 hits. Do you need anything more specific?

    In order to take a tcpdump I will have to get home and try to access the modem with my mobile, then take a tcpdump I presume....

    Finally a picture of webadmin settings:

    Regarding tcpdump, for now I could only connect through VPN with my Nexus and access the modem (which works correctly)

    Don't know if it helps in any way, but this is the dump it created:

    Fullscreen dump.txt Download 
    utm:/root # tcpdump -n dst host 192.168.2.1
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on eth0, link-type EN10MB (Ethernet), capture size 65535 bytes
12:32:27.714269 IP 192.168.2.2.38640 > 192.168.2.1.80: Flags [S], seq 2933662736, win 29200, options [mss 1460,sackOK,TS val 101687927 ecr 0,nop,wscale 7], length 0
12:32:27.714903 IP 192.168.2.2.38640 > 192.168.2.1.80: Flags [.], ack 1571784725, win 229, options [nop,nop,TS val 101687927 ecr 93924283], length 0
12:32:27.714963 IP 192.168.2.2.38640 > 192.168.2.1.80: Flags [P.], seq 0:449, ack 1, win 229, options [nop,nop,TS val 101687927 ecr 93924283], length 449
12:32:27.755099 IP 192.168.2.2.38640 > 192.168.2.1.80: Flags [.], ack 18, win 229, options [nop,nop,TS val 101687937 ecr 93924287], length 0
12:32:27.755862 IP 192.168.2.2.38640 > 192.168.2.1.80: Flags [.], ack 274, win 237, options [nop,nop,TS val 101687938 ecr 93924287], length 0
12:32:27.756451 IP 192.168.2.2.38640 > 192.168.2.1.80: Flags [.], ack 1722, win 260, options [nop,nop,TS val 101687938 ecr 93924287], length 0
12:32:27.756480 IP 192.168.2.2.38640 > 192.168.2.1.80: Flags [.], ack 1855, win 282, options [nop,nop,TS val 101687938 ecr 93924287], length 0
12:32:27.760158 IP 192.168.2.2.38640 > 192.168.2.1.80: Flags [F.], seq 449, ack 1856, win 282, options [nop,nop,TS val 101687939 ecr 93924288], length 0
12:32:27.946851 IP 192.168.2.2.38641 > 192.168.2.1.80: Flags [S], seq 4159346203, win 29200, options [mss 1460,sackOK,TS val 101687985 ecr 0,nop,wscale 7], length 0
12:32:27.947621 IP 192.168.2.2.38641 > 192.168.2.1.80: Flags [.], ack 1560422445, win 229, options [nop,nop,TS val 101687986 ecr 93924306], length 0
12:32:27.947713 IP 192.168.2.2.38641 > 192.168.2.1.80: Flags [P.], seq 0:436, ack 1, win 229, options [nop,nop,TS val 101687986 ecr 93924306], length 436
12:32:27.959270 IP 192.168.2.2.38641 > 192.168.2.1.80: Flags [.], ack 195, win 237, options [nop,nop,TS val 101687989 ecr 93924307], length 0
12:32:27.959797 IP 192.168.2.2.38641 > 192.168.2.1.80: Flags [.], ack 1643, win 260, options [nop,nop,TS val 101687989 ecr 93924307], length 0
12:32:27.960183 IP 192.168.2.2.38641 > 192.168.2.1.80: Flags [.], ack 3091, win 282, options [nop,nop,TS val 101687989 ecr 93924308], length 0
12:32:27.960609 IP 192.168.2.2.38641 > 192.168.2.1.80: Flags [.], ack 4291, win 305, options [nop,nop,TS val 101687989 ecr 93924308], length 0
12:32:27.961449 IP 192.168.2.2.38641 > 192.168.2.1.80: Flags [.], ack 5739, win 327, options [nop,nop,TS val 101687989 ecr 93924308], length 0
12:32:27.961564 IP 192.168.2.2.38641 > 192.168.2.1.80: Flags [.], ack 7187, win 338, options [nop,nop,TS val 101687989 ecr 93924308], length 0
12:32:27.961794 IP 192.168.2.2.38641 > 192.168.2.1.80: Flags [.], ack 8387, win 338, options [nop,nop,TS val 101687989 ecr 93924308], length 0
12:32:27.962715 IP 192.168.2.2.38641 > 192.168.2.1.80: Flags [.], ack 9835, win 338, options [nop,nop,TS val 101687989 ecr 93924308], length 0
12:32:27.962896 IP 192.168.2.2.38641 > 192.168.2.1.80: Flags [.], ack 11283, win 338, options [nop,nop,TS val 101687989 ecr 93924308], length 0
12:32:27.963169 IP 192.168.2.2.38641 > 192.168.2.1.80: Flags [.], ack 12483, win 338, options [nop,nop,TS val 101687989 ecr 93924308], length 0
12:32:27.963947 IP 192.168.2.2.38641 > 192.168.2.1.80: Flags [.], ack 13931, win 338, options [nop,nop,TS val 101687990 ecr 93924308], length 0
12:32:27.964473 IP 192.168.2.2.38641 > 192.168.2.1.80: Flags [.], ack 15029, win 338, options [nop,nop,TS val 101687990 ecr 93924308], length 0
12:32:27.964487 IP 192.168.2.2.38641 > 192.168.2.1.80: Flags [F.], seq 436, ack 15029, win 338, options [nop,nop,TS val 101687990 ecr 93924308], length 0
12:32:27.968793 IP 192.168.2.2.38641 > 192.168.2.1.80: Flags [.], ack 15030, win 338, options [nop,nop,TS val 101687991 ecr 93924308], length 0
12:32:28.278043 IP 192.168.2.2.38642 > 192.168.2.1.80: Flags [S], seq 2064097097, win 29200, options [mss 1460,sackOK,TS val 101688068 ecr 0,nop,wscale 7], length 0
12:32:28.278699 IP 192.168.2.2.38642 > 192.168.2.1.80: Flags [.], ack 1558521725, win 229, options [nop,nop,TS val 101688068 ecr 93924339], length 0
12:32:28.278753 IP 192.168.2.2.38642 > 192.168.2.1.80: Flags [P.], seq 0:508, ack 1, win 229, options [nop,nop,TS val 101688068 ecr 93924339], length 508
12:32:28.324219 IP 192.168.2.2.38642 > 192.168.2.1.80: Flags [.], ack 18, win 229, options [nop,nop,TS val 101688080 ecr 93924344], length 0
12:32:28.324864 IP 192.168.2.2.38642 > 192.168.2.1.80: Flags [.], ack 274, win 237, options [nop,nop,TS val 101688080 ecr 93924344], length 0
12:32:28.325942 IP 192.168.2.2.38642 > 192.168.2.1.80: Flags [.], ack 1298, win 260, options [nop,nop,TS val 101688080 ecr 93924344], length 0
12:32:28.326235 IP 192.168.2.2.38642 > 192.168.2.1.80: Flags [.], ack 2746, win 282, options [nop,nop,TS val 101688080 ecr 93924344], length 0
12:32:28.326738 IP 192.168.2.2.38642 > 192.168.2.1.80: Flags [.], ack 4194, win 305, options [nop,nop,TS val 101688080 ecr 93924344], length 0
12:32:28.326886 IP 192.168.2.2.38642 > 192.168.2.1.80: Flags [.], ack 4370, win 327, options [nop,nop,TS val 101688080 ecr 93924344], length 0
12:32:28.328027 IP 192.168.2.2.38642 > 192.168.2.1.80: Flags [.], ack 5394, win 338, options [nop,nop,TS val 101688081 ecr 93924344], length 0
12:32:28.328439 IP 192.168.2.2.38642 > 192.168.2.1.80: Flags [.], ack 6842, win 338, options [nop,nop,TS val 101688081 ecr 93924344], length 0
12:32:28.328744 IP 192.168.2.2.38642 > 192.168.2.1.80: Flags [.], ack 7442, win 338, options [nop,nop,TS val 101688081 ecr 93924344], length 0
12:32:28.329922 IP 192.168.2.2.38642 > 192.168.2.1.80: Flags [.], ack 8466, win 338, options [nop,nop,TS val 101688081 ecr 93924344], length 0
12:32:28.330928 IP 192.168.2.2.38642 > 192.168.2.1.80: Flags [.], ack 9914, win 338, options [nop,nop,TS val 101688081 ecr 93924345], length 0
12:32:28.330955 IP 192.168.2.2.38642 > 192.168.2.1.80: Flags [.], ack 10514, win 338, options [nop,nop,TS val 101688081 ecr 93924345], length 0
12:32:28.331856 IP 192.168.2.2.38642 > 192.168.2.1.80: Flags [.], ack 11962, win 338, options [nop,nop,TS val 101688082 ecr 93924345], length 0
12:32:28.331865 IP 192.168.2.2.38642 > 192.168.2.1.80: Flags [.], ack 12562, win 338, options [nop,nop,TS val 101688082 ecr 93924345], length 0
12:32:28.332880 IP 192.168.2.2.38642 > 192.168.2.1.80: Flags [.], ack 13586, win 338, options [nop,nop,TS val 101688082 ecr 93924345], length 0
12:32:28.333675 IP 192.168.2.2.38642 > 192.168.2.1.80: Flags [.], ack 15034, win 338, options [nop,nop,TS val 101688082 ecr 93924345], length 0
12:32:28.333764 IP 192.168.2.2.38642 > 192.168.2.1.80: Flags [.], ack 15634, win 338, options [nop,nop,TS val 101688082 ecr 93924345], length 0
12:32:28.334892 IP 192.168.2.2.38642 > 192.168.2.1.80: Flags [.], ack 16658, win 338, options [nop,nop,TS val 101688082 ecr 93924345], length 0
12:32:28.335626 IP 192.168.2.2.38642 > 192.168.2.1.80: Flags [.], ack 17774, win 338, options [nop,nop,TS val 101688083 ecr 93924345], length 0
12:32:28.341046 IP 192.168.2.2.38642 > 192.168.2.1.80: Flags [.], ack 18030, win 338, options [nop,nop,TS val 101688084 ecr 93924346], length 0
12:32:28.347749 IP 192.168.2.2.38642 > 192.168.2.1.80: Flags [.], ack 18286, win 338, options [nop,nop,TS val 101688086 ecr 93924346], length 0
12:32:28.348707 IP 192.168.2.2.38642 > 192.168.2.1.80: Flags [.], ack 19310, win 338, options [nop,nop,TS val 101688086 ecr 93924346], length 0
12:32:28.349560 IP 192.168.2.2.38642 > 192.168.2.1.80: Flags [.], ack 22382, win 338, options [nop,nop,TS val 101688086 ecr 93924346], length 0
12:32:28.350291 IP 192.168.2.2.38642 > 192.168.2.1.80: Flags [.], ack 22625, win 338, options [nop,nop,TS val 101688086 ecr 93924347], length 0
12:32:28.355669 IP 192.168.2.2.38642 > 192.168.2.1.80: Flags [.], ack 22881, win 338, options [nop,nop,TS val 101688088 ecr 93924347], length 0
12:32:28.356429 IP 192.168.2.2.38642 > 192.168.2.1.80: Flags [.], ack 23234, win 338, options [nop,nop,TS val 101688088 ecr 93924347], length 0
12:32:28.362171 IP 192.168.2.2.38642 > 192.168.2.1.80: Flags [.], ack 23490, win 338, options [nop,nop,TS val 101688089 ecr 93924348], length 0
12:32:28.363072 IP 192.168.2.2.38642 > 192.168.2.1.80: Flags [.], ack 24514, win 338, options [nop,nop,TS val 101688089 ecr 93924348], length 0
12:32:28.363965 IP 192.168.2.2.38642 > 192.168.2.1.80: Flags [.], ack 26562, win 338, options [nop,nop,TS val 101688090 ecr 93924348], length 0
12:32:28.364812 IP 192.168.2.2.38642 > 192.168.2.1.80: Flags [.], ack 28358, win 338, options [nop,nop,TS val 101688090 ecr 93924348], length 0
12:32:28.367840 IP 192.168.2.2.38642 > 192.168.2.1.80: Flags [.], ack 28614, win 338, options [nop,nop,TS val 101688091 ecr 93924348], length 0
12:32:28.371233 IP 192.168.2.2.38642 > 192.168.2.1.80: Flags [.], ack 28870, win 338, options [nop,nop,TS val 101688092 ecr 93924349], length 0
12:32:28.372163 IP 192.168.2.2.38642 > 192.168.2.1.80: Flags [.], ack 29464, win 338, options [nop,nop,TS val 101688092 ecr 93924349], length 0
12:32:28.377386 IP 192.168.2.2.38642 > 192.168.2.1.80: Flags [.], ack 29720, win 338, options [nop,nop,TS val 101688093 ecr 93924349], length 0
12:32:28.380922 IP 192.168.2.2.38642 > 192.168.2.1.80: Flags [.], ack 29976, win 338, options [nop,nop,TS val 101688094 ecr 93924350], length 0
12:32:28.381823 IP 192.168.2.2.38642 > 192.168.2.1.80: Flags [.], ack 32024, win 338, options [nop,nop,TS val 101688094 ecr 93924350], length 0
12:32:28.382959 IP 192.168.2.2.38642 > 192.168.2.1.80: Flags [.], ack 32829, win 338, options [nop,nop,TS val 101688094 ecr 93924350], length 0
12:32:28.388215 IP 192.168.2.2.38642 > 192.168.2.1.80: Flags [.], ack 33085, win 338, options [nop,nop,TS val 101688096 ecr 93924350], length 0
12:32:28.394734 IP 192.168.2.2.38642 > 192.168.2.1.80: Flags [.], ack 33341, win 338, options [nop,nop,TS val 101688097 ecr 93924351], length 0
12:32:28.395676 IP 192.168.2.2.38642 > 192.168.2.1.80: Flags [.], ack 34365, win 338, options [nop,nop,TS val 101688098 ecr 93924351], length 0
12:32:28.396447 IP 192.168.2.2.38642 > 192.168.2.1.80: Flags [.], ack 36413, win 338, options [nop,nop,TS val 101688098 ecr 93924351], length 0
12:32:28.397338 IP 192.168.2.2.38642 > 192.168.2.1.80: Flags [.], ack 37437, win 338, options [nop,nop,TS val 101688098 ecr 93924351], length 0
12:32:28.398135 IP 192.168.2.2.38642 > 192.168.2.1.80: Flags [.], ack 39485, win 338, options [nop,nop,TS val 101688098 ecr 93924351], length 0
12:32:28.398963 IP 192.168.2.2.38642 > 192.168.2.1.80: Flags [.], ack 40664, win 338, options [nop,nop,TS val 101688098 ecr 93924351], length 0
12:32:28.402182 IP 192.168.2.2.38642 > 192.168.2.1.80: Flags [.], ack 40920, win 338, options [nop,nop,TS val 101688099 ecr 93924352], length 0
12:32:28.403118 IP 192.168.2.2.38642 > 192.168.2.1.80: Flags [.], ack 42013, win 338, options [nop,nop,TS val 101688099 ecr 93924352], length 0
12:32:28.417596 IP 192.168.2.2.38642 > 192.168.2.1.80: Flags [.], ack 42269, win 338, options [nop,nop,TS val 101688103 ecr 93924353], length 0
12:32:28.427927 IP 192.168.2.2.38642 > 192.168.2.1.80: Flags [.], ack 42525, win 338, options [nop,nop,TS val 101688106 ecr 93924354], length 0
12:32:28.437671 IP 192.168.2.2.38642 > 192.168.2.1.80: Flags [.], ack 42781, win 338, options [nop,nop,TS val 101688108 ecr 93924355], length 0
12:32:28.449803 IP 192.168.2.2.38642 > 192.168.2.1.80: Flags [.], ack 43037, win 338, options [nop,nop,TS val 101688111 ecr 93924356], length 0
12:32:28.459598 IP 192.168.2.2.38642 > 192.168.2.1.80: Flags [.], ack 43293, win 338, options [nop,nop,TS val 101688114 ecr 93924357], length 0
12:32:28.471679 IP 192.168.2.2.38642 > 192.168.2.1.80: Flags [.], ack 43549, win 338, options [nop,nop,TS val 101688117 ecr 93924359], length 0
12:32:28.477499 IP 192.168.2.2.38642 > 192.168.2.1.80: Flags [.], ack 43805, win 338, options [nop,nop,TS val 101688118 ecr 93924359], length 0
12:32:28.481096 IP 192.168.2.2.38642 > 192.168.2.1.80: Flags [.], ack 43889, win 338, options [nop,nop,TS val 101688119 ecr 93924360], length 0
12:32:28.484136 IP 192.168.2.2.38642 > 192.168.2.1.80: Flags [F.], seq 508, ack 43890, win 338, options [nop,nop,TS val 101688120 ecr 93924360], length 0
12:32:28.762427 IP 192.168.2.2.38643 > 192.168.2.1.80: Flags [S], seq 910838176, win 29200, options [mss 1460,sackOK,TS val 101688189 ecr 0,nop,wscale 7], length 0
12:32:28.762513 IP 192.168.2.2.38644 > 192.168.2.1.80: Flags [S], seq 4273221150, win 29200, options [mss 1460,sackOK,TS val 101688189 ecr 0,nop,wscale 7], length 0
12:32:28.762628 IP 192.168.2.2.38645 > 192.168.2.1.80: Flags [S], seq 1595695184, win 29200, options [mss 1460,sackOK,TS val 101688189 ecr 0,nop,wscale 7], length 0
12:32:28.763048 IP 192.168.2.2.38643 > 192.168.2.1.80: Flags [.], ack 1570207630, win 229, options [nop,nop,TS val 101688189 ecr 93924388], length 0
12:32:28.763099 IP 192.168.2.2.38643 > 192.168.2.1.80: Flags [P.], seq 0:481, ack 1, win 229, options [nop,nop,TS val 101688189 ecr 93924388], length 481
12:32:28.763621 IP 192.168.2.2.38644 > 192.168.2.1.80: Flags [.], ack 1556446008, win 229, options [nop,nop,TS val 101688190 ecr 93924388], length 0
12:32:28.763654 IP 192.168.2.2.38644 > 192.168.2.1.80: Flags [P.], seq 0:463, ack 1, win 229, options [nop,nop,TS val 101688190 ecr 93924388], length 463
12:32:28.763940 IP 192.168.2.2.38645 > 192.168.2.1.80: Flags [.], ack 1571214058, win 229, options [nop,nop,TS val 101688190 ecr 93924388], length 0
12:32:28.763968 IP 192.168.2.2.38645 > 192.168.2.1.80: Flags [P.], seq 0:464, ack 1, win 229, options [nop,nop,TS val 101688190 ecr 93924388], length 464
12:32:28.776795 IP 192.168.2.2.38643 > 192.168.2.1.80: Flags [.], ack 178, win 237, options [nop,nop,TS val 101688193 ecr 93924389], length 0
12:32:28.777410 IP 192.168.2.2.38643 > 192.168.2.1.80: Flags [.], ack 1626, win 260, options [nop,nop,TS val 101688193 ecr 93924389], length 0
12:32:28.777734 IP 192.168.2.2.38643 > 192.168.2.1.80: Flags [.], ack 3074, win 282, options [nop,nop,TS val 101688193 ecr 93924389], length 0
12:32:28.777964 IP 192.168.2.2.38643 > 192.168.2.1.80: Flags [.], ack 4274, win 305, options [nop,nop,TS val 101688193 ecr 93924389], length 0
12:32:28.778823 IP 192.168.2.2.38643 > 192.168.2.1.80: Flags [.], ack 4731, win 327, options [nop,nop,TS val 101688193 ecr 93924389], length 0
12:32:28.778838 IP 192.168.2.2.38643 > 192.168.2.1.80: Flags [F.], seq 481, ack 4731, win 327, options [nop,nop,TS val 101688193 ecr 93924389], length 0
12:32:28.782770 IP 192.168.2.2.38643 > 192.168.2.1.80: Flags [.], ack 4732, win 327, options [nop,nop,TS val 101688194 ecr 93924390], length 0
12:32:28.796858 IP 192.168.2.2.38644 > 192.168.2.1.80: Flags [.], ack 194, win 237, options [nop,nop,TS val 101688198 ecr 93924391], length 0
12:32:28.797664 IP 192.168.2.2.38644 > 192.168.2.1.80: Flags [.], ack 1642, win 260, options [nop,nop,TS val 101688198 ecr 93924391], length 0
12:32:28.797910 IP 192.168.2.2.38644 > 192.168.2.1.80: Flags [.], ack 3090, win 282, options [nop,nop,TS val 101688198 ecr 93924391], length 0
12:32:28.798152 IP 192.168.2.2.38644 > 192.168.2.1.80: Flags [.], ack 4290, win 305, options [nop,nop,TS val 101688198 ecr 93924391], length 0
12:32:28.799362 IP 192.168.2.2.38644 > 192.168.2.1.80: Flags [.], ack 5738, win 327, options [nop,nop,TS val 101688199 ecr 93924391], length 0
12:32:28.799717 IP 192.168.2.2.38644 > 192.168.2.1.80: Flags [.], ack 7186, win 338, options [nop,nop,TS val 101688199 ecr 93924391], length 0
12:32:28.800266 IP 192.168.2.2.38644 > 192.168.2.1.80: Flags [.], ack 8386, win 338, options [nop,nop,TS val 101688199 ecr 93924392], length 0
12:32:28.801271 IP 192.168.2.2.38644 > 192.168.2.1.80: Flags [.], ack 8962, win 338, options [nop,nop,TS val 101688199 ecr 93924392], length 0
12:32:28.801283 IP 192.168.2.2.38644 > 192.168.2.1.80: Flags [F.], seq 463, ack 8962, win 338, options [nop,nop,TS val 101688199 ecr 93924392], length 0
12:32:28.805401 IP 192.168.2.2.38644 > 192.168.2.1.80: Flags [.], ack 8963, win 338, options [nop,nop,TS val 101688200 ecr 93924392], length 0
12:32:28.813954 IP 192.168.2.2.38645 > 192.168.2.1.80: Flags [.], ack 195, win 237, options [nop,nop,TS val 101688202 ecr 93924393], length 0
12:32:28.814420 IP 192.168.2.2.38645 > 192.168.2.1.80: Flags [.], ack 1643, win 260, options [nop,nop,TS val 101688202 ecr 93924393], length 0
12:32:28.814778 IP 192.168.2.2.38645 > 192.168.2.1.80: Flags [.], ack 3091, win 282, options [nop,nop,TS val 101688202 ecr 93924393], length 0
12:32:28.815203 IP 192.168.2.2.38645 > 192.168.2.1.80: Flags [.], ack 4291, win 305, options [nop,nop,TS val 101688203 ecr 93924393], length 0
12:32:28.815825 IP 192.168.2.2.38645 > 192.168.2.1.80: Flags [.], ack 5739, win 327, options [nop,nop,TS val 101688203 ecr 93924393], length 0
12:32:28.816218 IP 192.168.2.2.38645 > 192.168.2.1.80: Flags [.], ack 7187, win 338, options [nop,nop,TS val 101688203 ecr 93924393], length 0
12:32:28.816454 IP 192.168.2.2.38645 > 192.168.2.1.80: Flags [.], ack 8387, win 338, options [nop,nop,TS val 101688203 ecr 93924393], length 0
12:32:28.817214 IP 192.168.2.2.38645 > 192.168.2.1.80: Flags [.], ack 9835, win 338, options [nop,nop,TS val 101688203 ecr 93924393], length 0
12:32:28.817725 IP 192.168.2.2.38645 > 192.168.2.1.80: Flags [.], ack 11283, win 338, options [nop,nop,TS val 101688203 ecr 93924393], length 0
12:32:28.818270 IP 192.168.2.2.38645 > 192.168.2.1.80: Flags [.], ack 12063, win 338, options [nop,nop,TS val 101688203 ecr 93924393], length 0
12:32:28.818285 IP 192.168.2.2.38645 > 192.168.2.1.80: Flags [F.], seq 464, ack 12063, win 338, options [nop,nop,TS val 101688203 ecr 93924393], length 0
12:32:28.822507 IP 192.168.2.2.38645 > 192.168.2.1.80: Flags [.], ack 12064, win 338, options [nop,nop,TS val 101688204 ecr 93924394], length 0
12:32:29.361417 IP 192.168.2.2.38646 > 192.168.2.1.80: Flags [S], seq 1020857781, win 29200, options [mss 1460,sackOK,TS val 101688339 ecr 0,nop,wscale 7], length 0
12:32:29.362067 IP 192.168.2.2.38646 > 192.168.2.1.80: Flags [.], ack 1563288624, win 229, options [nop,nop,TS val 101688339 ecr 93924448], length 0
12:32:29.362132 IP 192.168.2.2.38646 > 192.168.2.1.80: Flags [P.], seq 0:465, ack 1, win 229, options [nop,nop,TS val 101688339 ecr 93924448], length 465
12:32:29.373350 IP 192.168.2.2.38646 > 192.168.2.1.80: Flags [.], ack 195, win 237, options [nop,nop,TS val 101688342 ecr 93924449], length 0
12:32:29.373847 IP 192.168.2.2.38646 > 192.168.2.1.80: Flags [.], ack 1643, win 260, options [nop,nop,TS val 101688342 ecr 93924449], length 0
12:32:29.374231 IP 192.168.2.2.38646 > 192.168.2.1.80: Flags [.], ack 3091, win 282, options [nop,nop,TS val 101688342 ecr 93924449], length 0
12:32:29.374654 IP 192.168.2.2.38646 > 192.168.2.1.80: Flags [.], ack 4291, win 305, options [nop,nop,TS val 101688342 ecr 93924449], length 0
12:32:29.375205 IP 192.168.2.2.38646 > 192.168.2.1.80: Flags [.], ack 5739, win 327, options [nop,nop,TS val 101688343 ecr 93924449], length 0
12:32:29.375606 IP 192.168.2.2.38646 > 192.168.2.1.80: Flags [.], ack 7187, win 338, options [nop,nop,TS val 101688343 ecr 93924449], length 0
12:32:29.375823 IP 192.168.2.2.38646 > 192.168.2.1.80: Flags [.], ack 8387, win 338, options [nop,nop,TS val 101688343 ecr 93924449], length 0
12:32:29.376783 IP 192.168.2.2.38646 > 192.168.2.1.80: Flags [.], ack 9835, win 338, options [nop,nop,TS val 101688343 ecr 93924449], length 0
12:32:29.377190 IP 192.168.2.2.38646 > 192.168.2.1.80: Flags [.], ack 11283, win 338, options [nop,nop,TS val 101688343 ecr 93924449], length 0
12:32:29.377724 IP 192.168.2.2.38646 > 192.168.2.1.80: Flags [.], ack 12483, win 338, options [nop,nop,TS val 101688343 ecr 93924449], length 0
12:32:29.378275 IP 192.168.2.2.38646 > 192.168.2.1.80: Flags [.], ack 13931, win 338, options [nop,nop,TS val 101688343 ecr 93924449], length 0
12:32:29.378894 IP 192.168.2.2.38646 > 192.168.2.1.80: Flags [.], ack 15029, win 338, options [nop,nop,TS val 101688343 ecr 93924449], length 0
12:32:29.378909 IP 192.168.2.2.38646 > 192.168.2.1.80: Flags [F.], seq 465, ack 15029, win 338, options [nop,nop,TS val 101688343 ecr 93924449], length 0
12:32:29.383607 IP 192.168.2.2.38646 > 192.168.2.1.80: Flags [.], ack 15030, win 338, options [nop,nop,TS val 101688345 ecr 93924450], length 0
12:32:29.502053 IP 192.168.2.2.38647 > 192.168.2.1.80: Flags [S], seq 3445878485, win 29200, options [mss 1460,sackOK,TS val 101688374 ecr 0,nop,wscale 7], length 0
12:32:29.502679 IP 192.168.2.2.38647 > 192.168.2.1.80: Flags [.], ack 1559067984, win 229, options [nop,nop,TS val 101688374 ecr 93924462], length 0
12:32:29.502762 IP 192.168.2.2.38647 > 192.168.2.1.80: Flags [P.], seq 0:496, ack 1, win 229, options [nop,nop,TS val 101688374 ecr 93924462], length 496
12:32:29.514519 IP 192.168.2.2.38647 > 192.168.2.1.80: Flags [.], ack 178, win 237, options [nop,nop,TS val 101688377 ecr 93924463], length 0
12:32:29.515483 IP 192.168.2.2.38647 > 192.168.2.1.80: Flags [.], ack 1036, win 260, options [nop,nop,TS val 101688378 ecr 93924463], length 0
12:32:29.515497 IP 192.168.2.2.38647 > 192.168.2.1.80: Flags [F.], seq 496, ack 1036, win 260, options [nop,nop,TS val 101688378 ecr 93924463], length 0
12:32:29.519301 IP 192.168.2.2.38647 > 192.168.2.1.80: Flags [.], ack 1037, win 260, options [nop,nop,TS val 101688379 ecr 93924463], length 0
12:32:29.798614 IP 192.168.2.2.38648 > 192.168.2.1.80: Flags [S], seq 2521644494, win 29200, options [mss 1460,sackOK,TS val 101688448 ecr 0,nop,wscale 7], length 0
12:32:29.799280 IP 192.168.2.2.38648 > 192.168.2.1.80: Flags [.], ack 1563505569, win 229, options [nop,nop,TS val 101688449 ecr 93924491], length 0
12:32:29.799335 IP 192.168.2.2.38648 > 192.168.2.1.80: Flags [P.], seq 0:491, ack 1, win 229, options [nop,nop,TS val 101688449 ecr 93924491], length 491
12:32:29.801267 IP 192.168.2.2.38650 > 192.168.2.1.80: Flags [S], seq 2741826038, win 29200, options [mss 1460,sackOK,TS val 101688449 ecr 0,nop,wscale 7], length 0
12:32:29.801276 IP 192.168.2.2.38649 > 192.168.2.1.80: Flags [S], seq 3497588920, win 29200, options [mss 1460,sackOK,TS val 101688449 ecr 0,nop,wscale 7], length 0
12:32:29.801904 IP 192.168.2.2.38650 > 192.168.2.1.80: Flags [.], ack 1571907393, win 229, options [nop,nop,TS val 101688449 ecr 93924492], length 0
12:32:29.801957 IP 192.168.2.2.38650 > 192.168.2.1.80: Flags [P.], seq 0:491, ack 1, win 229, options [nop,nop,TS val 101688449 ecr 93924492], length 491
12:32:29.802394 IP 192.168.2.2.38649 > 192.168.2.1.80: Flags [.], ack 1565291009, win 229, options [nop,nop,TS val 101688449 ecr 93924492], length 0
12:32:29.802421 IP 192.168.2.2.38649 > 192.168.2.1.80: Flags [P.], seq 0:491, ack 1, win 229, options [nop,nop,TS val 101688449 ecr 93924492], length 491
12:32:29.815852 IP 192.168.2.2.38648 > 192.168.2.1.80: Flags [.], ack 177, win 237, options [nop,nop,TS val 101688453 ecr 93924493], length 0
12:32:29.816533 IP 192.168.2.2.38648 > 192.168.2.1.80: Flags [.], ack 262, win 237, options [nop,nop,TS val 101688453 ecr 93924493], length 0
12:32:29.816566 IP 192.168.2.2.38648 > 192.168.2.1.80: Flags [F.], seq 491, ack 262, win 237, options [nop,nop,TS val 101688453 ecr 93924493], length 0
12:32:29.820603 IP 192.168.2.2.38648 > 192.168.2.1.80: Flags [.], ack 263, win 237, options [nop,nop,TS val 101688454 ecr 93924494], length 0
12:32:29.829546 IP 192.168.2.2.38650 > 192.168.2.1.80: Flags [.], ack 178, win 237, options [nop,nop,TS val 101688456 ecr 93924494], length 0
12:32:29.830441 IP 192.168.2.2.38650 > 192.168.2.1.80: Flags [.], ack 693, win 245, options [nop,nop,TS val 101688456 ecr 93924495], length 0
12:32:29.830454 IP 192.168.2.2.38650 > 192.168.2.1.80: Flags [F.], seq 491, ack 693, win 245, options [nop,nop,TS val 101688456 ecr 93924495], length 0
12:32:29.835004 IP 192.168.2.2.38650 > 192.168.2.1.80: Flags [.], ack 694, win 245, options [nop,nop,TS val 101688457 ecr 93924495], length 0
12:32:29.846045 IP 192.168.2.2.38649 > 192.168.2.1.80: Flags [.], ack 178, win 237, options [nop,nop,TS val 101688460 ecr 93924496], length 0
12:32:29.846882 IP 192.168.2.2.38649 > 192.168.2.1.80: Flags [.], ack 1027, win 260, options [nop,nop,TS val 101688460 ecr 93924496], length 0
12:32:29.846894 IP 192.168.2.2.38649 > 192.168.2.1.80: Flags [F.], seq 491, ack 1027, win 260, options [nop,nop,TS val 101688460 ecr 93924496], length 0
12:32:29.850092 IP 192.168.2.2.38653 > 192.168.2.1.80: Flags [S], seq 3816031802, win 29200, options [mss 1460,sackOK,TS val 101688461 ecr 0,nop,wscale 7], length 0
12:32:29.850102 IP 192.168.2.2.38652 > 192.168.2.1.80: Flags [S], seq 2156941015, win 29200, options [mss 1460,sackOK,TS val 101688461 ecr 0,nop,wscale 7], length 0
12:32:29.850141 IP 192.168.2.2.38655 > 192.168.2.1.80: Flags [S], seq 2432380451, win 29200, options [mss 1460,sackOK,TS val 101688461 ecr 0,nop,wscale 7], length 0
12:32:29.850783 IP 192.168.2.2.38653 > 192.168.2.1.80: Flags [.], ack 1561902509, win 229, options [nop,nop,TS val 101688461 ecr 93924497], length 0
12:32:29.850834 IP 192.168.2.2.38653 > 192.168.2.1.80: Flags [P.], seq 0:494, ack 1, win 229, options [nop,nop,TS val 101688461 ecr 93924497], length 494
12:32:29.851185 IP 192.168.2.2.38652 > 192.168.2.1.80: Flags [.], ack 1566531302, win 229, options [nop,nop,TS val 101688462 ecr 93924497], length 0
12:32:29.851213 IP 192.168.2.2.38652 > 192.168.2.1.80: Flags [P.], seq 0:491, ack 1, win 229, options [nop,nop,TS val 101688462 ecr 93924497], length 491
12:32:29.851585 IP 192.168.2.2.38655 > 192.168.2.1.80: Flags [.], ack 1561481019, win 229, options [nop,nop,TS val 101688462 ecr 93924497], length 0
12:32:29.851612 IP 192.168.2.2.38655 > 192.168.2.1.80: Flags [P.], seq 0:491, ack 1, win 229, options [nop,nop,TS val 101688462 ecr 93924497], length 491
12:32:29.854359 IP 192.168.2.2.38649 > 192.168.2.1.80: Flags [.], ack 1028, win 260, options [nop,nop,TS val 101688462 ecr 93924497], length 0
12:32:29.873364 IP 192.168.2.2.38653 > 192.168.2.1.80: Flags [.], ack 179, win 237, options [nop,nop,TS val 101688467 ecr 93924499], length 0
12:32:29.873859 IP 192.168.2.2.38653 > 192.168.2.1.80: Flags [.], ack 1627, win 260, options [nop,nop,TS val 101688467 ecr 93924499], length 0
12:32:29.874297 IP 192.168.2.2.38653 > 192.168.2.1.80: Flags [.], ack 2360, win 282, options [nop,nop,TS val 101688467 ecr 93924499], length 0
12:32:29.874309 IP 192.168.2.2.38653 > 192.168.2.1.80: Flags [F.], seq 494, ack 2360, win 282, options [nop,nop,TS val 101688467 ecr 93924499], length 0
12:32:29.878587 IP 192.168.2.2.38653 > 192.168.2.1.80: Flags [.], ack 2361, win 282, options [nop,nop,TS val 101688468 ecr 93924499], length 0
12:32:29.885697 IP 192.168.2.2.38652 > 192.168.2.1.80: Flags [.], ack 178, win 237, options [nop,nop,TS val 101688470 ecr 93924500], length 0
12:32:29.886363 IP 192.168.2.2.38652 > 192.168.2.1.80: Flags [.], ack 360, win 245, options [nop,nop,TS val 101688470 ecr 93924500], length 0
12:32:29.886395 IP 192.168.2.2.38652 > 192.168.2.1.80: Flags [F.], seq 491, ack 360, win 245, options [nop,nop,TS val 101688470 ecr 93924500], length 0
12:32:29.890837 IP 192.168.2.2.38652 > 192.168.2.1.80: Flags [.], ack 361, win 245, options [nop,nop,TS val 101688471 ecr 93924501], length 0
12:32:29.898836 IP 192.168.2.2.38655 > 192.168.2.1.80: Flags [.], ack 178, win 237, options [nop,nop,TS val 101688473 ecr 93924501], length 0
12:32:29.899798 IP 192.168.2.2.38655 > 192.168.2.1.80: Flags [.], ack 964, win 260, options [nop,nop,TS val 101688474 ecr 93924501], length 0
12:32:29.899810 IP 192.168.2.2.38655 > 192.168.2.1.80: Flags [F.], seq 491, ack 964, win 260, options [nop,nop,TS val 101688474 ecr 93924501], length 0
12:32:29.903842 IP 192.168.2.2.38655 > 192.168.2.1.80: Flags [.], ack 965, win 260, options [nop,nop,TS val 101688475 ecr 93924502], length 0
12:32:30.080754 IP 192.168.2.2.38656 > 192.168.2.1.80: Flags [S], seq 737056678, win 29200, options [mss 1460,sackOK,TS val 101688519 ecr 0,nop,wscale 7], length 0
12:32:30.081409 IP 192.168.2.2.38656 > 192.168.2.1.80: Flags [.], ack 1574125611, win 229, options [nop,nop,TS val 101688519 ecr 93924520], length 0
12:32:30.081466 IP 192.168.2.2.38656 > 192.168.2.1.80: Flags [P.], seq 0:491, ack 1, win 229, options [nop,nop,TS val 101688519 ecr 93924520], length 491
12:32:30.092543 IP 192.168.2.2.38656 > 192.168.2.1.80: Flags [.], ack 178, win 237, options [nop,nop,TS val 101688522 ecr 93924521], length 0
12:32:30.093279 IP 192.168.2.2.38656 > 192.168.2.1.80: Flags [.], ack 297, win 237, options [nop,nop,TS val 101688522 ecr 93924521], length 0
12:32:30.093292 IP 192.168.2.2.38656 > 192.168.2.1.80: Flags [F.], seq 491, ack 297, win 237, options [nop,nop,TS val 101688522 ecr 93924521], length 0
12:32:30.097248 IP 192.168.2.2.38656 > 192.168.2.1.80: Flags [.], ack 298, win 237, options [nop,nop,TS val 101688523 ecr 93924521], length 0
12:32:30.123253 IP 192.168.2.2.38657 > 192.168.2.1.80: Flags [S], seq 2342123056, win 29200, options [mss 1460,sackOK,TS val 101688530 ecr 0,nop,wscale 7], length 0
12:32:30.123875 IP 192.168.2.2.38657 > 192.168.2.1.80: Flags [.], ack 1564086123, win 229, options [nop,nop,TS val 101688530 ecr 93924524], length 0
12:32:30.123945 IP 192.168.2.2.38657 > 192.168.2.1.80: Flags [P.], seq 0:491, ack 1, win 229, options [nop,nop,TS val 101688530 ecr 93924524], length 491
12:32:30.135663 IP 192.168.2.2.38657 > 192.168.2.1.80: Flags [.], ack 178, win 237, options [nop,nop,TS val 101688533 ecr 93924525], length 0
12:32:30.136311 IP 192.168.2.2.38657 > 192.168.2.1.80: Flags [.], ack 317, win 245, options [nop,nop,TS val 101688533 ecr 93924525], length 0
12:32:30.136320 IP 192.168.2.2.38657 > 192.168.2.1.80: Flags [F.], seq 491, ack 317, win 245, options [nop,nop,TS val 101688533 ecr 93924525], length 0
12:32:30.140167 IP 192.168.2.2.38657 > 192.168.2.1.80: Flags [.], ack 318, win 245, options [nop,nop,TS val 101688534 ecr 93924526], length 0
     

     

     

    Thanks again!!!

     
    Sophos XG Home Licence.

    Machine: Barracuda F12 appliance (Intel Celeron N3350 CPU, 6GB Ram, 80GB sata SSD)
  • 0 in reply to ChriZathens

    I just looked at the entire thread.  I was so sure it was something between the UTM and the modem, but I only now "saw" that the modem never responded to the ARP request from the UTM.  Strange that the UTM would ARP on the internal NIC rather than the external one.  That might be an unintended feature[;)], but let's see if we can outsmart it.  What happens if you change the Additional Address to a /30?

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • 0 in reply to BAlfson

    Hello again!

    Changed the additional address to /30, but still the same... Those two phones cannot access the modem   

    I also got a TCPdump while trying to access the modem from my tablet (192.168.1.4)

    Fullscreen tcpdumpfromtablet.txt Download 
    18:46:03.803127 IP (tos 0x0, ttl 64, id 40729, offset 0, flags [DF], proto TCP (6), length 60)
    192.168.2.2.35216 > 192.168.2.1.80: Flags [S], cksum 0x9281 (correct), seq 3269258036, win 29200, options [mss 1460,sackOK,TS val 301691949 ecr 0,nop,wscale 7], length 0
18:46:03.803937 IP (tos 0x0, ttl 64, id 40730, offset 0, flags [DF], proto TCP (6), length 52)
    192.168.2.2.35216 > 192.168.2.1.80: Flags [.], cksum 0x8895 (correct), ack 222145908, win 229, options [nop,nop,TS val 301691950 ecr 173925571], length 0
18:46:03.803990 IP (tos 0x0, ttl 64, id 40731, offset 0, flags [DF], proto TCP (6), length 522)
    192.168.2.2.35216 > 192.168.2.1.80: Flags [P.], cksum 0x417c (correct), seq 0:470, ack 1, win 229, options [nop,nop,TS val 301691950 ecr 173925571], length 470
18:46:03.844485 IP (tos 0x0, ttl 64, id 40732, offset 0, flags [DF], proto TCP (6), length 52)
    192.168.2.2.35216 > 192.168.2.1.80: Flags [.], cksum 0x86a0 (correct), ack 18, win 229, options [nop,nop,TS val 301691960 ecr 173925575], length 0
18:46:03.845239 IP (tos 0x0, ttl 64, id 40733, offset 0, flags [DF], proto TCP (6), length 52)
    192.168.2.2.35216 > 192.168.2.1.80: Flags [.], cksum 0x8598 (correct), ack 274, win 237, options [nop,nop,TS val 301691960 ecr 173925575], length 0
18:46:03.845776 IP (tos 0x0, ttl 64, id 40734, offset 0, flags [DF], proto TCP (6), length 52)
    192.168.2.2.35216 > 192.168.2.1.80: Flags [.], cksum 0x7fd9 (correct), ack 1722, win 260, options [nop,nop,TS val 301691960 ecr 173925575], length 0
18:46:03.845887 IP (tos 0x0, ttl 64, id 40735, offset 0, flags [DF], proto TCP (6), length 52)
    192.168.2.2.35216 > 192.168.2.1.80: Flags [.], cksum 0x7f3e (correct), ack 1855, win 282, options [nop,nop,TS val 301691960 ecr 173925575], length 0
18:46:03.849601 IP (tos 0x0, ttl 64, id 40736, offset 0, flags [DF], proto TCP (6), length 52)
    192.168.2.2.35216 > 192.168.2.1.80: Flags [F.], cksum 0x7f3a (correct), seq 470, ack 1856, win 282, options [nop,nop,TS val 301691961 ecr 173925576], length 0
18:46:03.964652 IP (tos 0x0, ttl 64, id 5595, offset 0, flags [DF], proto TCP (6), length 60)
    192.168.2.2.35217 > 192.168.2.1.80: Flags [S], cksum 0x0f5f (correct), seq 3481035149, win 29200, options [mss 1460,sackOK,TS val 301691990 ecr 0,nop,wscale 7], length 0
18:46:03.965375 IP (tos 0x0, ttl 64, id 5596, offset 0, flags [DF], proto TCP (6), length 52)
    192.168.2.2.35217 > 192.168.2.1.80: Flags [.], cksum 0xdb06 (correct), ack 237033198, win 229, options [nop,nop,TS val 301691990 ecr 173925587], length 0
18:46:03.965451 IP (tos 0x0, ttl 64, id 5597, offset 0, flags [DF], proto TCP (6), length 509)
    192.168.2.2.35217 > 192.168.2.1.80: Flags [P.], cksum 0xa38f (correct), seq 0:457, ack 1, win 229, options [nop,nop,TS val 301691990 ecr 173925587], length 457
18:46:03.976707 IP (tos 0x0, ttl 64, id 5598, offset 0, flags [DF], proto TCP (6), length 52)
    192.168.2.2.35217 > 192.168.2.1.80: Flags [.], cksum 0xd86f (correct), ack 195, win 237, options [nop,nop,TS val 301691993 ecr 173925588], length 0
18:46:03.977284 IP (tos 0x0, ttl 64, id 5599, offset 0, flags [DF], proto TCP (6), length 52)
    192.168.2.2.35217 > 192.168.2.1.80: Flags [.], cksum 0xd2b0 (correct), ack 1643, win 260, options [nop,nop,TS val 301691993 ecr 173925588], length 0
18:46:03.977556 IP (tos 0x0, ttl 64, id 5600, offset 0, flags [DF], proto TCP (6), length 52)
    192.168.2.2.35217 > 192.168.2.1.80: Flags [.], cksum 0xccf2 (correct), ack 3091, win 282, options [nop,nop,TS val 301691993 ecr 173925588], length 0
18:46:03.977742 IP (tos 0x0, ttl 64, id 5601, offset 0, flags [DF], proto TCP (6), length 52)
    192.168.2.2.35217 > 192.168.2.1.80: Flags [.], cksum 0xc82b (correct), ack 4291, win 305, options [nop,nop,TS val 301691993 ecr 173925588], length 0
18:46:03.978434 IP (tos 0x0, ttl 64, id 5602, offset 0, flags [DF], proto TCP (6), length 52)
    192.168.2.2.35217 > 192.168.2.1.80: Flags [.], cksum 0xc26d (correct), ack 5739, win 327, options [nop,nop,TS val 301691993 ecr 173925588], length 0
18:46:03.978842 IP (tos 0x0, ttl 64, id 5603, offset 0, flags [DF], proto TCP (6), length 52)
    192.168.2.2.35217 > 192.168.2.1.80: Flags [.], cksum 0xbcb9 (correct), ack 7187, win 338, options [nop,nop,TS val 301691993 ecr 173925589], length 0
18:46:03.979328 IP (tos 0x0, ttl 64, id 5604, offset 0, flags [DF], proto TCP (6), length 52)
    192.168.2.2.35217 > 192.168.2.1.80: Flags [.], cksum 0xb808 (correct), ack 8387, win 338, options [nop,nop,TS val 301691994 ecr 173925589], length 0
18:46:03.980202 IP (tos 0x0, ttl 64, id 5605, offset 0, flags [DF], proto TCP (6), length 52)
    192.168.2.2.35217 > 192.168.2.1.80: Flags [.], cksum 0xb260 (correct), ack 9835, win 338, options [nop,nop,TS val 301691994 ecr 173925589], length 0
18:46:03.980364 IP (tos 0x0, ttl 64, id 5606, offset 0, flags [DF], proto TCP (6), length 52)
    192.168.2.2.35217 > 192.168.2.1.80: Flags [.], cksum 0xacb8 (correct), ack 11283, win 338, options [nop,nop,TS val 301691994 ecr 173925589], length 0
18:46:03.980540 IP (tos 0x0, ttl 64, id 5607, offset 0, flags [DF], proto TCP (6), length 52)
    192.168.2.2.35217 > 192.168.2.1.80: Flags [.], cksum 0xa808 (correct), ack 12483, win 338, options [nop,nop,TS val 301691994 ecr 173925589], length 0
18:46:03.981449 IP (tos 0x0, ttl 64, id 5608, offset 0, flags [DF], proto TCP (6), length 52)
    192.168.2.2.35217 > 192.168.2.1.80: Flags [.], cksum 0xa260 (correct), ack 13931, win 338, options [nop,nop,TS val 301691994 ecr 173925589], length 0
18:46:03.981918 IP (tos 0x0, ttl 64, id 5609, offset 0, flags [DF], proto TCP (6), length 52)
    192.168.2.2.35217 > 192.168.2.1.80: Flags [.], cksum 0x9e16 (correct), ack 15029, win 338, options [nop,nop,TS val 301691994 ecr 173925589], length 0
18:46:03.981932 IP (tos 0x0, ttl 64, id 5610, offset 0, flags [DF], proto TCP (6), length 52)
    192.168.2.2.35217 > 192.168.2.1.80: Flags [F.], cksum 0x9e15 (correct), seq 457, ack 15029, win 338, options [nop,nop,TS val 301691994 ecr 173925589], length 0
18:46:03.985662 IP (tos 0x0, ttl 64, id 5611, offset 0, flags [DF], proto TCP (6), length 52)
    192.168.2.2.35217 > 192.168.2.1.80: Flags [.], cksum 0x9e13 (correct), ack 15030, win 338, options [nop,nop,TS val 301691995 ecr 173925589], length 0
18:46:04.100728 IP (tos 0x0, ttl 64, id 28408, offset 0, flags [DF], proto TCP (6), length 60)

    The tablet has no problem accessing the modem..

     And this one is from my computer (which can also access the modem)

    Fullscreen tcpdumpfrompc.txt Download 
    18:50:34.057607 IP (tos 0x0, ttl 64, id 14963, offset 0, flags [DF], proto TCP (6), length 60)
    192.168.2.2.35281 > 192.168.2.1.80: Flags [S], cksum 0x1efa (correct), seq 3540010602, win 29200, options [mss 1460,sackOK,TS val 301759513 ecr 0,nop,wscale 7], length 0
18:50:34.058259 IP (tos 0x0, ttl 64, id 14964, offset 0, flags [DF], proto TCP (6), length 52)
    192.168.2.2.35281 > 192.168.2.1.80: Flags [.], cksum 0xda66 (correct), ack 507276684, win 229, options [nop,nop,TS val 301759513 ecr 173952596], length 0
18:50:34.058370 IP (tos 0x0, ttl 64, id 14965, offset 0, flags [DF], proto TCP (6), length 429)
    192.168.2.2.35281 > 192.168.2.1.80: Flags [P.], cksum 0xfd58 (correct), seq 0:377, ack 1, win 229, options [nop,nop,TS val 301759513 ecr 173952596], length 377
18:50:34.068875 IP (tos 0x0, ttl 64, id 14966, offset 0, flags [DF], proto TCP (6), length 52)
    192.168.2.2.35281 > 192.168.2.1.80: Flags [.], cksum 0xd78a (correct), ack 344, win 237, options [nop,nop,TS val 301759516 ecr 173952597], length 0
18:50:34.072997 IP (tos 0x0, ttl 64, id 14967, offset 0, flags [DF], proto TCP (6), length 52)
    192.168.2.2.35281 > 192.168.2.1.80: Flags [F.], cksum 0xd786 (correct), seq 377, ack 345, win 237, options [nop,nop,TS val 301759517 ecr 173952598], length 0
18:50:35.385202 IP (tos 0x0, ttl 64, id 54815, offset 0, flags [DF], proto TCP (6), length 60)
    192.168.2.2.35282 > 192.168.2.1.80: Flags [S], cksum 0xa244 (correct), seq 3914902394, win 29200, options [mss 1460,sackOK,TS val 301759845 ecr 0,nop,wscale 7], length 0
18:50:35.385829 IP (tos 0x0, ttl 64, id 54816, offset 0, flags [DF], proto TCP (6), length 52)
    192.168.2.2.35282 > 192.168.2.1.80: Flags [.], cksum 0x0cd5 (correct), ack 499498586, win 229, options [nop,nop,TS val 301759845 ecr 173952729], length 0
18:50:35.385887 IP (tos 0x0, ttl 64, id 54817, offset 0, flags [DF], proto TCP (6), length 429)
    192.168.2.2.35282 > 192.168.2.1.80: Flags [P.], cksum 0x2fc7 (correct), seq 0:377, ack 1, win 229, options [nop,nop,TS val 301759845 ecr 173952729], length 377
18:50:35.396387 IP (tos 0x0, ttl 64, id 54818, offset 0, flags [DF], proto TCP (6), length 52)
    192.168.2.2.35282 > 192.168.2.1.80: Flags [.], cksum 0x09f9 (correct), ack 344, win 237, options [nop,nop,TS val 301759848 ecr 173952730], length 0
18:50:35.400557 IP (tos 0x0, ttl 64, id 54819, offset 0, flags [DF], proto TCP (6), length 52)
    192.168.2.2.35282 > 192.168.2.1.80: Flags [F.], cksum 0x09f5 (correct), seq 377, ack 345, win 237, options [nop,nop,TS val 301759849 ecr 173952731], length 0
18:50:41.512161 IP (tos 0x0, ttl 64, id 3184, offset 0, flags [DF], proto TCP (6), length 60)
    192.168.2.2.35283 > 192.168.2.1.80: Flags [S], cksum 0xeef8 (correct), seq 3004206865, win 29200, options [mss 1460,sackOK,TS val 301761377 ecr 0,nop,wscale 7], length 0
18:50:41.512860 IP (tos 0x0, ttl 64, id 3185, offset 0, flags [DF], proto TCP (6), length 52)
    192.168.2.2.35283 > 192.168.2.1.80: Flags [.], cksum 0xe69f (correct), ack 513093135, win 229, options [nop,nop,TS val 301761377 ecr 173953342], length 0
18:50:41.512924 IP (tos 0x0, ttl 64, id 3186, offset 0, flags [DF], proto TCP (6), length 472)
    192.168.2.2.35283 > 192.168.2.1.80: Flags [P.], cksum 0xde08 (correct), seq 0:420, ack 1, win 229, options [nop,nop,TS val 301761377 ecr 173953342], length 420
18:50:41.570487 IP (tos 0x0, ttl 64, id 3187, offset 0, flags [DF], proto TCP (6), length 52)
    192.168.2.2.35283 > 192.168.2.1.80: Flags [.], cksum 0xe4d6 (correct), ack 18, win 229, options [nop,nop,TS val 301761391 ecr 173953348], length 0
18:50:41.571259 IP (tos 0x0, ttl 64, id 3188, offset 0, flags [DF], proto TCP (6), length 52)
    192.168.2.2.35283 > 192.168.2.1.80: Flags [.], cksum 0xe3cd (correct), ack 274, win 237, options [nop,nop,TS val 301761392 ecr 173953348], length 0
18:50:41.571826 IP (tos 0x0, ttl 64, id 3189, offset 0, flags [DF], proto TCP (6), length 52)
    192.168.2.2.35283 > 192.168.2.1.80: Flags [.], cksum 0xde0e (correct), ack 1722, win 260, options [nop,nop,TS val 301761392 ecr 173953348], length 0
18:50:41.571874 IP (tos 0x0, ttl 64, id 3190, offset 0, flags [DF], proto TCP (6), length 52)
    192.168.2.2.35283 > 192.168.2.1.80: Flags [.], cksum 0xdd73 (correct), ack 1855, win 282, options [nop,nop,TS val 301761392 ecr 173953348], length 0
18:50:41.575443 IP (tos 0x0, ttl 64, id 3191, offset 0, flags [DF], proto TCP (6), length 52)
    192.168.2.2.35283 > 192.168.2.1.80: Flags [F.], cksum 0xdd70 (correct), seq 420, ack 1856, win 282, options [nop,nop,TS val 301761393 ecr 173953348], length 0
18:50:41.599776 IP (tos 0x0, ttl 64, id 57478, offset 0, flags [DF], proto TCP (6), length 60)
    192.168.2.2.35284 > 192.168.2.1.80: Flags [S], cksum 0x4a64 (correct), seq 2192466929, win 29200, options [mss 1460,sackOK,TS val 301761399 ecr 0,nop,wscale 7], length 0
18:50:41.600496 IP (tos 0x0, ttl 64, id 57479, offset 0, flags [DF], proto TCP (6), length 52)
    192.168.2.2.35284 > 192.168.2.1.80: Flags [.], cksum 0x7c6e (correct), ack 500888669, win 229, options [nop,nop,TS val 301761399 ecr 173953351], length 0
18:50:41.600545 IP (tos 0x0, ttl 64, id 57480, offset 0, flags [DF], proto TCP (6), length 409)
    192.168.2.2.35284 > 192.168.2.1.80: Flags [P.], cksum 0x7e15 (correct), seq 0:357, ack 1, win 229, options [nop,nop,TS val 301761399 ecr 173953351], length 357
18:50:41.610913 IP (tos 0x0, ttl 64, id 57481, offset 0, flags [DF], proto TCP (6), length 52)
    192.168.2.2.35284 > 192.168.2.1.80: Flags [.], cksum 0x7a3c (correct), ack 195, win 237, options [nop,nop,TS val 301761401 ecr 173953352], length 0
18:50:41.611445 IP (tos 0x0, ttl 64, id 57482, offset 0, flags [DF], proto TCP (6), length 52)
    192.168.2.2.35284 > 192.168.2.1.80: Flags [.], cksum 0x747c (correct), ack 1643, win 260, options [nop,nop,TS val 301761402 ecr 173953352], length 0
18:50:41.611780 IP (tos 0x0, ttl 64, id 57483, offset 0, flags [DF], proto TCP (6), length 52)
    192.168.2.2.35284 > 192.168.2.1.80: Flags [.], cksum 0x6ebe (correct), ack 3091, win 282, options [nop,nop,TS val 301761402 ecr 173953352], length 0
18:50:41.612087 IP (tos 0x0, ttl 64, id 57484, offset 0, flags [DF], proto TCP (6), length 52)
    192.168.2.2.35284 > 192.168.2.1.80: Flags [.], cksum 0x69f7 (correct), ack 4291, win 305, options [nop,nop,TS val 301761402 ecr 173953352], length 0
18:50:41.612860 IP (tos 0x0, ttl 64, id 57485, offset 0, flags [DF], proto TCP (6), length 52)

     

    What the... is going on... I can't understand...

     
    Sophos XG Home Licence.

    Machine: Barracuda F12 appliance (Intel Celeron N3350 CPU, 6GB Ram, 80GB sata SSD)
  • 0 in reply to ChriZathens

    "Changed the additional address to /30, but still the same"

    Not the same!  We're now getting mostly ACKs in the tcpdump and not the outrageously high seq numbers.  Did you see any blocks in the Firewall or Intrusion Prevention logs at the time of this last test?

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • 0 in reply to BAlfson

    Did not check the first time, but gave it another try right now and nothing in firewall log, nor in IPS...

     
    Sophos XG Home Licence.

    Machine: Barracuda F12 appliance (Intel Celeron N3350 CPU, 6GB Ram, 80GB sata SSD)
  • 0 in reply to ChriZathens

    This is strange.  What do you see if you test while running tcpdump on the Internal NIC with src the IP of the modem and dst the IP of your phone - does the UTM see responses sent to your phone?

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • 0 in reply to BAlfson

    Hello again, Bob!

    Yes, it is strange... Every device but my personal smartphones can access the modem's WebGui..

    I will check the tcpdump once I am home...

    I think I will delete every and single trace of the phones from the UTM, delete any rules, associated with them and delete the WiFi from my phones.

    Then start over again, as if it is the first time they are accessing the home network and check their behavior...

     
    Sophos XG Home Licence.

    Machine: Barracuda F12 appliance (Intel Celeron N3350 CPU, 6GB Ram, 80GB sata SSD)
  • 0 in reply to sachingurung

    Hi Sachin,

    the UTM needs no ARP entry for 192.168.2.2, its a secondary UTM IP....

  • 0 in reply to ChriZathens

    Hi ,

    did I understand you right, that the only difference between the working and the non working devices is, that the devices, that can access the dsl modem´s webfrontend are handled by the transparent proxy and the non working devices are handled by firewall rules?

     

    If yes, then I think the problem can be be explained easily. For the working devices (using transparent webproxy) the utm automatically masquerades the request behind the address 192.168.2.2 (Proxy Service).

    For the non working devices, without the SNAT Configuration the clients will not be able to reach the dsl modem, even when firewalls rules are in place. Or did you configure a route for your internal network 192.168.1.0 on the dsl modem? 

     

    Did you configure the SNAT Rule mentioned by Bob? If not, do it. I believe your setup will then work again!

     

    Let me know ;)

     

    BR

    Sebastian

  • 0 in reply to seroal

    I want to add something informational. I realized, that the access to the dsl-modem is only possible, as long the pppoe link is up. As soon, as the link goes down, the secondary ip address isn´t also working any more... Just FYI..... ;)

  • 0 in reply to seroal

    Hi Sebastian and thanks for offering your help.

    Yes that's what I thought at the beginning, but as mentioned at my first post, even after removing the devices from the skip transparent mode, I still could not access the modem

    I also tried the SNAT but to no avail, although to be honest I am not really sure that I configured the rule correctly...

    I described my trying here --> https://community.sophos.com/products/unified-threat-management/f/network-protection-firewall-nat-qos-ips/85030/cannot-access-adsl-modem-setup-with-additional-address-via-specific-devices/319766#319766

    Can you verify what to enter in the boxes, please?

     

    Unknown said:

    I want to add something informational. I realized, that the access to the dsl-modem is only possible, as long the pppoe link is up. As soon, as the link goes down, the secondary ip address isn´t also working any more... Just FYI..... ;)

     

    Don't think this is true.. The ethernet connection and the pppoe connection are on different ports. Even if I unplug the phone line from the modem the ethernet links talk to each other.
    But of course in this case I cannot use the workaround that I have for my two problematic devices (which is connecting via VPN)
     
    Sophos XG Home Licence.

    Machine: Barracuda F12 appliance (Intel Celeron N3350 CPU, 6GB Ram, 80GB sata SSD)
Reply
  • 0 in reply to seroal

    Hi Sebastian and thanks for offering your help.

    Yes that's what I thought at the beginning, but as mentioned at my first post, even after removing the devices from the skip transparent mode, I still could not access the modem

    I also tried the SNAT but to no avail, although to be honest I am not really sure that I configured the rule correctly...

    I described my trying here --> https://community.sophos.com/products/unified-threat-management/f/network-protection-firewall-nat-qos-ips/85030/cannot-access-adsl-modem-setup-with-additional-address-via-specific-devices/319766#319766

    Can you verify what to enter in the boxes, please?

     

    Unknown said:

    I want to add something informational. I realized, that the access to the dsl-modem is only possible, as long the pppoe link is up. As soon, as the link goes down, the secondary ip address isn´t also working any more... Just FYI..... ;)

     

    Don't think this is true.. The ethernet connection and the pppoe connection are on different ports. Even if I unplug the phone line from the modem the ethernet links talk to each other.
    But of course in this case I cannot use the workaround that I have for my two problematic devices (which is connecting via VPN)
     
    Sophos XG Home Licence.

    Machine: Barracuda F12 appliance (Intel Celeron N3350 CPU, 6GB Ram, 80GB sata SSD)
Children
  • 0 in reply to ChriZathens

    Hi,

    maybe you understood me a little wrong.... You are writing: "even after removing the devices from the skip transparent mode, I still could not access the modem"

    But especially after adding this two devices to the skiplist, it is necessary to create a SNAT Rule and also a firewall rule. Is this your SNAT rule? I can´t look into the objects, but from the object´s name perspective, this rule seems to be configured correctly. In my last statement, I asked the question, whether you configured a static route on the dsl modem... I assume, that you didn´t do that. So SNAT is necessary.

     

    Regarding your second statement: "Don't think this is true.. The ethernet connection and the pppoe connection are on different ports. Even if I unplug the phone line from the modem the ethernet links talk to each other."

    I think you didn´t mention, that you have two cables connected to your modem (I was talking about that situation, that you only have one connection, the pppoe link, if the pppoe link is down, and thus the whole interface, the secondary ip address on it won´t work anymore aswell ) Of course, if you have 2 cables / 2 interfaces, the one interface has nothing to do with the second and keeps on working.

     

    To bring this "case" on the next "level" ;) I would kindly ask you to draw a picture with your physical connections (and interface names), including the clients. Please also write down the ip address configuration from your interfaces.

     

    Regards

    Sebastian

  • 0 in reply to seroal

    Hello again!

    Yes there are two cables physically connected to the modem.

    The one is an RJ-11 cable (the telephone cable) which connects to the ADSL interface of the modem.

    The other is an RJ-45 cable which connects the modem itself to the WAN of sophos UTM

    I will draw a sketch and will post the address details promptly

    OK, I am attaching a jpg with the diagram

    Explaining the diagram:

    I have an ADSL modem.

    This is actually an ADSL wireless modem/router with 4 ethernet ports. It is in bridge mode and from the telephone wall plug there is a telephone cable (RJ11) connected to its dedicated ADSL port (RJ11 port). 

    This router has wireless and DHCP disabled and has an IP address of 192.168.2.1/24. An ethernet cable (RJ45) connects its LAN to the UTM's WAN port

     Sophos UTM:

    It has two NICs, the WAN and the LAN. The WAN is setup as PPPoE (from the initial configuration wizard of Sophos) and is physically connected to the ADSL modem using the ethernet cable mentioned above. 

    I also have setup an additional address to the WAN interface in order to have access to the ADSL modem:

    The LAN interface of the sophos UTM has an address of 192.168.1.1/24. There is a DHCP server active on the UTM giving IP addresses to the network (192.168.1.3 - 192.168.1.30)

    There is an RJ45 ethernet cable connecting UTM's LAN port to the next device (Switch& wireless)

    Switch& wireless:

    This is another wireless ADSL modem/router with 4 Gbit ethernet ports. It is set to bridge mode, too, with a static address of 192.168.1.2 and DHCP is disabled. The wireless interface is used to give wireless access to all phones/tablets/laptops in my home network.

    As mentioned above, its LAN1 is connected to the UTM. There is another cable which connects its LAN4 port to a homeplug. The homeplug is used to connect to another homeplug and then a switch which is located in my home office and gives network access to a windows PC and 2 servers. LAN 2&3 of this device are also used to give network access to a Network media player and my TV (Just for the record)

    The name of the modem is InsomniaModem. as mentioined, its IP is 192.168.2.1. Ping from the UTM works normally

    My Windows PC is wired via the homeplug. I can access InsomniaModem's WEBUI without any issues

    My tablet is connected using wireless. I can access InsomniaModem's WEBUI without any issues

    My wife's smartphone is connected using wireless. It can access InsomniaModem's WEBUI without any issues

    My iPhone and my Nexus (my two phones) are connected using wireless. None of those can access InsomniaModem's WEBUI.

    My iPhone and my Nexus are in "Skip Transparent Mode Hosts/Nets" for both source and destination. They can normally access InsomniaModem's WEBUI if I connect to my home using OpenVPN.

    As you mentioned, since, they are in "Skip Transparent Mode Hosts/Nets" they correctly can't access InsomniaModem's WEBUI. If I delete them from the "Skip Transparent Mode Hosts/Nets" list, they still cannot access InsomniaModem's WEBUI.

    Adding the SNAT rule (yes the one you linked to) does not change things. Still can't access InsomniaModem's WEBUI from my two phones

     

    (What I told the UTM in this rule - please correct me if there is any mistake): For traffic from my internal network (192.168.1.0/24) using any service, going to InsomniaModem (192.168.2.1/24), change the source to Additional Address (192.168.2.2/24) 

    Thanks a lot for all your time, guys!!!!!

     
    Sophos XG Home Licence.

    Machine: Barracuda F12 appliance (Intel Celeron N3350 CPU, 6GB Ram, 80GB sata SSD)
  • 0 in reply to ChriZathens

    Hi,

    that´s pretty much like a game, it makes a lot of fun ;) And you created a pretty interesting game here ....

     

    And thanks for the big picture ;) But we still had some misunderstandings... I thought you had two RJ45 ethernet links to your modem, but now I see you meant your RJ11-cable to the providers wall phone plug... And here my statement applies, as the pppoe link on the UTM goes down (link is shown as down in webadmin), you will not be able to access the modem, because in your WAN Interfaces on the sophos will be down. Anyhow, this is the behaviour I saw on different UTM.

     

    But now I can also state, that I have no idea in the moment, whats the difference between your two wireless devices and the other ones??? Do you have static dhcp reservations that could, in combination with certain firewall rules, result in different behaviours?

     

    Without transparent skiplist entries for your wireless devices (so any devices uses the webproxy) do you see the requests coming from one of YOUR phones in the webfilter log? If yes, how does the logfile entry look like? What for a site/message does the browser display?

     

    Can you run a tcpdump at the same moment? Whats the output? Is eth1 your wan interface, otherwise please change eth1 to the appropriate interface.

    tcpdump -nvi eth1 host 192.168.2.1

     

    Another question, do you have proxy arp configured on your interfaces?

     

    Regards

    Sebastian

  • 0 in reply to seroal

    Unknown said:

    Hi,

    that´s pretty much like a game, it makes a lot of fun ;) And you created a pretty interesting game here ....

     

    And thanks for the big picture ;) But we still had some misunderstandings... I thought you had two RJ45 ethernet links to your modem, but now I see you meant your RJ11-cable to the providers wall phone plug... And here my statement applies, as the pppoe link on the UTM goes down (link is shown as down in webadmin), you will not be able to access the modem, because in your WAN Interfaces on the sophos will be down. Anyhow, this is the behaviour I saw on different UTM.

    I am pretty sure that in the past, when I had ISP issues, I could normally connect to the modem's webui and see the line status, even when the WAN link was down. But you seem pretty confident about this, so I started doubting myself about it - might have to double check by pulling the RJ11 cable

    (I have a backup 3G connection, though, although I doubt it is relevant. It is a different interface and the additional address is on WAN interface, not the Uplink Interfaces - I don't have this option anyway)

     

    Unknown said:

    But now I can also state, that I have no idea in the moment, whats the difference between your two wireless devices and the other ones??? Do you have static dhcp reservations that could, in combination with certain firewall rules, result in different behaviours?

     

    I do have static dhcp reservations for those two "problematic" devices, but the same applies to e.g. my tablet and/or my windows PC (both of them can access the modem's webui)

     

    Unknown said:

    Without transparent skiplist entries for your wireless devices (so any devices uses the webproxy) do you see the requests coming from one of YOUR phones in the webfilter log? If yes, how does the logfile entry look like? What for a site/message does the browser display?

    Can you run a tcpdump at the same moment? Whats the output? Is eth1 your wan interface, otherwise please change eth1 to the appropriate interface.

    tcpdump -nvi eth1 host 192.168.2.1

       

    I will have to check this

     

     

    Unknown said:

    Another question, do you have proxy arp configured on your interfaces?

       

     

    No I have not checked proxy arp on the internal interface (the other interfaces don't have that option anyway)

     

     

    Thanks a lot!

     
    Sophos XG Home Licence.

    Machine: Barracuda F12 appliance (Intel Celeron N3350 CPU, 6GB Ram, 80GB sata SSD)
Share Feedback
×

Submitted a Tech Support Case lately from the Support Portal?

Unfiltered HTML