<html><head></head><body>Why would Suricata be stopping communications to Sophos Web GUI on TCP Port 4444 through an IPSec VPN Tunnel?<br><br>The weird thing about this is packet captures on both sides of tunnel from the firewalls don't show the traffic being blocked or dropped. I disconnect the wan connection from Suricata appliance and connect directly to the firewall and everything works. Suricata running on the outside of the firewall.<br><br>In suricata.yaml, I put this HTTP_PORTS: "[80,443,4444]" and it still does not work. Does the problem have something to do with how Suricata interacts with the IPSec tunnel? But this does not make any sense because the tunnel comes up and I can even Putty into the firewall command line console and ping the firewall through the tunnel. For some reason, Suricata does not like ports 4444 and 443 to the private ip address of the firewall through the tunnel.<br><br>Thanks.<br><br><font size="4" face="Arial">Leonard<br></font><BR />
<BR />
This email and any files transmitted with it are confidential and
intended solely for the use of the individual or entity to which they
are addressed. If you have received this email in error please notify Netsecuris management at mgmt@netsecuris.com. Please note that any views or opinions presented in
this email are solely those of the author and do not necessarily
represent those of Netsecuris Inc. The integrity and
security of this message cannot be guaranteed on the Internet
<BR />
</body></html>