TheRealShadowHunter Posted October 22, 2014 Report Share Posted October 22, 2014 Hello,First time post... I'm in desperate need of your support cause for the love of me I can't figure it out. I'm behind a Sophos UTM (running happily in Hyper-V on a designated server) - If your interested: http://www.sophos.com/en-us/products/unified-threat-management.aspx I don't want to bother you with the details, but the incoming port is fixed and open as are all the needed tracker ports. All other ports are closed for inbound and outbound traffic. The designated port is also forwarded to my µT box which has fixed IP. UPnP, NAT-PMP is disabled in µT. When I start a download all seems to work normal, except the speed is 15% lower than when I open all ports and download start seems to take much longer compared to all ports open. In the packet filter log of the firewall I do see packets being dropped originating from the µT machine... When running the µT network test (CTRL+G) it uses a random outbound port, this is perfectly visible in the live firewall log. The question now is straight forward: which ports besides the incoming traffic port need to be opened to allow maximal transfer speeds? Clearly opening only the tracker ports and the designated µT port is not sufficient? Who can deliver the magic insight of µT and tell me if there are registry hacks to fix randomly used ports like the one used for the network test so I can allow them. Since the UTM is on a separate machine I cannot open ports based on application... Thank you all for sharing your knowledge. With best regards, TheRealShadowHunter Link to comment Share on other sites More sharing options...
DreadWingKnight Posted October 22, 2014 Report Share Posted October 22, 2014 Blocking outbound traffic on ports other than the common tracker ports is the cause of your issue. Remote clients aren't obligated to listen on any specific port, so blocking outbound communication to ports outside of the small subset you've likely assigned prevents you from making outbound connections to those peers. Link to comment Share on other sites More sharing options...
TheRealShadowHunter Posted October 22, 2014 Author Report Share Posted October 22, 2014 Hi DreadWingKnight, Thanks for your feedback. Okay I see, makes sense. The goal of the whole UTM setup is to run a tight ship and have only the minimum amount of ports opened. That seems to be an impossible task when, correct me if I'm wrong, any port might be used. Is there perhaps a rule of thumb to define a subset of ports which could cover the most, how to put this, "popular" ports? Thank you for sharing your expertise. With best regards, TheRealShadowHunter Link to comment Share on other sites More sharing options...
DreadWingKnight Posted October 22, 2014 Report Share Posted October 22, 2014 Because of the extensive use of random listen ports in uTorrent, BitTorrent and probably several other major clients, no there isn't a subset of ports you can open on outbound. Link to comment Share on other sites More sharing options...
TheRealShadowHunter Posted October 23, 2014 Author Report Share Posted October 23, 2014 Was afraid that would be the final outcome. Well, okay let's just open all outbound ports for the specific IP of the µT machine only. Thanks for your feedback, much appriciated. Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.