Search Results

Search found 3293 results on 132 pages for 'comodo firewall'.

Page 15/132 | < Previous Page | 11 12 13 14 15 16 17 18 19 20 21 22 | Next Page >

Watchguard firebox: public IP addresses behind firewall with as much usable IP addresses as possible

- by martinezpt

Our ISP assigned us 16 public IP addresses that we want to assign to hosts behind a Watchguard firebox x750e. The IP addresses are: x.x.x.176/28 of which x.x.x.177 is the gateway. The hosts will be running software that needs to be directly assigned the public IP address so 1:1 NAT is not an option. I found this document that gives examples on how to assign public IP addresses to hosts behind the firewall, using an optional interface: http://www.watchguard.com/help/configuration-examples/public_IP_behind_XTM_configuration_example_(en-US).pdf However, I can't implement scenario 1 as it won't allow me to use the same subnet on both interfaces. As for scenario 2, splitting the address range into 2 subnets will decrease the usable hosts on the optional interface to 5 (8 - network - broadcast - optional interface ip). I'm convinced that there must be a better way to address this problem and maximize the number of usable IP addresses but I'm not very familiar with this specific firewall. Are there any suggestions on how to keep the hosts behind the firewall with public IP addresses while maximizing the usable IP addresses? thanks

Read the article
Block web browsing by older browsers

- by Eamon

Given the vulnerabilities in older versions of IE, I want to enforce a rule that only the latest IE or Firefox is used to browse the web. I can't ensure that everyone's PC is up to date, so is there a firewall that will let me write a rule to restrict the version of the browser that can make requests through the firewall? Our current firewall is from Watchguard

Read the article
Unable to access internal network through PfSense WAN port

- by Sean

Our branch office is unable to connect to our internal network for some reason. However we can connect to the branch office domain controller from behind PfSense. The following is our setup: |Branch DC - 192.168.0.101 | |Branch Firewall - 192.168.0.2 | |(Internet) | |Local Firewall - 192.168.3.1 | |PFSense WAN port - 192.168.3.100 |PFSense LAN port - 192.168.1.1 | | DC1 - 192.168.1.2|DC2 - 192.168.1.4 Branch DC can ping and connect to PFSense WebGUI on the WAN port successfully (we set this up using the PfSense documentation). DC1 and DC2 can connect outbound to the Branch DC. There seems to be a rule that prevents internal access on the WAN port. However our rules are set to allow all traffic on the LAN and WAN ports. It would be ideal to just disable the firewall altogether since we already have a firewall but when we do this, PfSense doesn't allow any internal traffic at all. I look forward to any assistance and thank you ahead of time.

Read the article
Is Hacom Mars II Dual Blade good ?

- by Joachim H. Skeie

I am considering getting a Hacom Mars II Dual Blade for use as a firewall in a data-center for one of my colocated solutions. As the 1U enclosure have two identical firewalls, I am intending to use one of the firewalls as the external firewall using packet-filtering and load balancer (balancing load for my front-end nodes), while using the second as the internal firewall (as an application gateway). But I have no experience with Hacom, or pfSense firewalls. They do look really good on paper, but how are they in practice ?

Read the article
How to block incoming connections by source address in Windows?

- by Jader Dias

Windows Firewall does it?

Read the article
Linux servers seeing bad download performance behind Sonicwall firewall

- by Joshua Penix

I'm working with a pair of co-located CentOS Linux servers sitting behind a Sonicwall PRO 2040 Enhanced firewall running in transparent bridge mode. These servers are having a strange problem downloading files more than a few megabytes in size. For example, if I try to wget or FTP a copy of the Linux kernel from kernel.org, the first ~1-2MB will download at 600+K/s, and then throughput will drop off a cliff to 1K/s. I've reviewed all the firewall configuration settings for anything suspicious, but found nothing. More interestingly, I performed the same download with a Windows server sitting behind the same firewall, and it sailed right through at 600+K/s the whole way. Has anyone seen this? Where should I start looking to troubleshoot this problem?

Read the article
Cloud services can't be reached from complex customer infrastructure

- by Nock

We have several services running on a cloud, they all are hosted on Windows Server 2012 R2, have public IP address and specific port. Some of our customers can't reach them because for "some reason" the ports are cut between a firewall between them and us. (some customers are using a shared internet connection in a multi tenant office and they can't change firewall communication) Well, you get it, we don't have the possibility to make all the firewall "allowing" the communication. My customers all runs Windows 7 at least. What is the best counter solution in such case, using Microsoft (Windows Server) technologies? The best would be some kind of tunneling communication or VPN, but the customer should also be able to access his/her enterprise resources. Bby the way, today we using IPSec using Windows Firewall to secure the communication, is IPSec tunneling a solution for us? Otherwise, is there a service in Windows to enable some kind of VPN between a client and a server but only for a given set of servers?

Read the article
Squeezebox server on Mac OS 10.6

- by jonathancaryl

I want to run Squeezebox server on my Mac running OS 10.6 Snow Leopard. The Firewall settings on 10.6 now let you speciy by Application things that are allowed to connect through the firewall. But Squeezebox server isn't an application, so I can't select it. If I turn the firewall off, it works fine. This is a reasonable step for a desktop (as it's always connecting to the 'net through the router's firewall) but on a laptop that connects via public WiFi it doesn't seem like a good idea. Help!

Read the article
Google Chrome giving error 138

- by gsingh2011

Google Chrome randomly stopped working one day and is giving me this error: Google Chrome is having trouble accessing the network. This may be because your firewall or antivirus software wrongly thinks that Google Chrome is an intruder on your computer and is blocking it from connecting to the Internet. Here are some suggestions: Add Google Chrome as a permitted programme in your firewall or antivirus software's settings. If it is already a permitted programme, try deleting it from the list of permitted programmes and adding it again. Error 138 (net::ERR_NETWORK_ACCESS_DENIED): Unable to access the network. I didn't make any changes to my firewall settings between the time it was working and when it wasn't working. I'm using the default Windows Firewall. I added Chrome to the allowed programs and restarted, but that didn't fix the error. I even reinstalled Chrome completely and that didn't work either. Any help would be appreciated. EDIT: I forgot to mention that Firefox and IE9 work fine.

Read the article
Cannot connect to MySQL on RDS (Amazon Web Services) from my laptop

- by Bruno Reis

I'm having some trouble connecting to a MySQL 5.1 server on an RDS instance on AWS from my laptop. The detailed description of the problem is here: https://forums.aws.amazon.com/thread.jspa?messageID=323397 In short: I have 2 MySQL servers, both with the same db configuration and firewall (security group) configuration. One of them works fine: I can connect to it from my EC2 instances (ie, from inside the AWS cloud) and from my laptop. The other one doesn't: I can connect from my EC2 instances but not from my laptop. The symptom: a connection attempt from my laptop just hangs, and then times out, as if there was a firewall blocking me (ie, silently dropping my SYN packets). I must say that everything has been working fine for a very long time, and this problem began suddenly, 3 days ago, without any modifications to DB parameters or the security groups. My current analysis of the situation: The firewall (ie, security group) cannot be the problem: both MySQL servers share the same firewall configuration -- I can connect to one of them but not to the other. Later on, I even added a rule to allow inbound connections from 0.0.0.0/0 (ie, I turned off the firewall), and nothing. Oh, I also created a new, fresh security group and changed this instance's SG to the new one (to which I first added my ip address, and then 0.0.0.0/0) but still nothing. The credentials cannot be the problem: I use the same from my laptop and from my EC2 instances -- and the user (which is what Amazon calls master user), in the database, has a host of '%'. MySQL is not blocking my IP due to, say, too many failed connection attemps: I've FLUSH HOSTS on the database, and also I tried to connect using many different source IP addresses, even from all around the world through a VPN proxy service. What could I be missing? I'm asking here because it's been about 36 hours since I've posted on AWS forums but got no answer at all over there... someone here might have a solution! Any input is really appreciated, I'm out of ideas. Thanks!

Read the article
how can 192.168.2.10 talk to 172.18.156.65 ?

- by steve

from what i understand, all computers need to be in the same subnet /24 so how would i get a computer to be able to connect to another computer that is set as 172 ? one computer is behind a firewall, the other is connected to a HUGHES sat dish and has the IP of 172 would I need to setup a ROUTE in a firewall between the 2 computers, to say "if you are trying to get to 172.18.156.65 then use the ip address 192.168.2.65 and translate it to 172.18.156.65" the firewall is a netgear, if I should use a ROUTE, then I'll try to learn it from the manual thanks

Read the article
How to turn iptables stateless?

- by tex

Hi, I'm running a Linux server that - from time to time - faces heavy load and the conntrack table overflows. Since it's iptables firewall ruleset is very simple I'd like to turn it to stateless mode. I know that iptables can operate in stateful connection tracking mode and in a stateless mode. My firewall rules are all in place I'm pretty sure that they are stateless but my question is how can I verify that the firewall is really operating in stateless mode?

Read the article
Sending email with Windows 8 Mail (Modern UI) being blocked by AVG Firewall

- by Riaan

I've setup my Outlook.com email address in Windows 8 Mail (Modern UI) but is unable to send and receive emails when my AVG Internet Security 2012 Business Edition's Firewall is enable. When I disable the firewall, the emails are coming through and are being send. I know that I can most probably open the ports for IMAP on the firewall, but instead I would like to permit the application. Where/how do I find the application path for Windows 8 Mail (Modern UI) to allow all network traffic? (AVG did not show its normal Allow/Disallow notification for 1st time communications) Any advice would be appreciated.

Read the article
MAC-Address based routing

- by d-fens

Here is what i want to do: I have a bunch of systems, some might have the same Public-IP, i disable ARP. I have a Firewall (either IP Layer or bridge-FW) between these systems and the internet. Depending on the destination port of incoming IP-Packets to some of these Public-IPs i want to set the destinsation-Ethernet-Adress. So for instance System A has IP 8.8.8.8, mac de:ad:be:ef:de:ad, arp disabled System B has IP 8.8.8.8, mac 1f:1f:1f:1f:1f:1f, arp disabled Firewall has IP 8.8.8.1, arp disabled on that interface Incoming packet to IP 8.8.8.8 tcp dest port 100 Incoming packet to IP 8.8.8.8 tcp dest port 101 Firewall sets dest-mac for 1.) - de:ad:be:ef:de:ad Firewall sets dest-mac for 2.) - 1f:1f:1f:1f:1f:1f Second scenario: System A and System B establish outgoing TCP-Connections, and the firewall matches the dst-mac of the incoming IP-Packets (response packets) to the senders-mac address. is this possible in any way with linux and iptables? edit: i read ebtables might "work" in a hackish way for this purpose but i am not sure...

Read the article
No client internet access when setting up these iptables rules

- by Siriss

I have read many other posts but cannot figure this out. eth0 is my external connected to a Comcast modem. The server has internet access with no issues. eth1 is internal and running DHCP for the clients. I have DHCP working just fine, all my clients can get an IP and ping the server but they cannot access the internet. I am using ISC-DHCP-SERVER and have set /etc/default/isc-dhcp-server to INTERFACE="eht1" Here is my dhcpd.conf file located in /etc/dhcp/dhcpd.conf ddns-update-style interim; ignore client-updates; subnet 10.0.10.0 netmask 255.255.255.0 { range 10.0.10.10 10.0.10.200; option routers 10.0.10.2; option subnet-mask 255.255.255.0; option domain-name-servers 208.67.222.222, 208.67.220.220; #OpenDNS # option domain-name "example.com"; default-lease-time 21600; max-lease-time 43200; authoritative; } I have made the *net.ipv4.ip_forward=1* change in /etc/sysctl.conf here is my interfaces file: auto lo iface lo inet loopback auto eth0 iface eth0 inet dhcp iface eth1 inet static address 10.0.10.2 netmask 255.255.255.0 network 10.0.10.0 auto eth1 And finally- here is my iptables.conf file: # Firewall configuration written by system-config-firewall # Manual customization of this file is not recommended. *nat :PREROUTING ACCEPT [0:0] :OUTPUT ACCEPT [0:0] :POSTROUTING ACCEPT [0:0] -A POSTROUTING -s 10.0.10.0/24 -o eth0 -j MASQUERADE #-A PREROUTING -i eth0 -p tcp --dport 59668 -j DNAT --to-destination 10.0.10.2:59668 COMMIT *filter :INPUT ACCEPT [0:0] :FORWARD ACCEPT [0:0] :OUTPUT ACCEPT [0:0] -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT -A INPUT -p icmp -j ACCEPT -A INPUT -i lo -j ACCEPT -A INPUT -i eth1 -j ACCEPT -A INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT -A INPUT -m state --state NEW -m tcp -p tcp --dport 80 -j ACCEPT -A INPUT -m state --state NEW -m tcp -p tcp --dport 443 -j ACCEPT -A INPUT -m state --state NEW -m tcp -p tcp --dport 53 -j ACCEPT -A INPUT -m state --state NEW -m udp -p udp --dport 53 -j ACCEPT -A FORWARD -s 10.0.10.0/24 -o eth0 -j ACCEPT -A FORWARD -d 10.0.10.0/24 -m state --state ESTABLISHED,RELATED -i eth0 -j ACCEPT -A FORWARD -p icmp -j ACCEPT -A FORWARD -i lo -j ACCEPT -A FORWARD -i eth1 -j ACCEPT #-A FORWARD -i eth0 -m state --state NEW -m tcp -p tcp -d 10.0.10.2 --dport 59668 -j ACCEPT -A INPUT -j REJECT --reject-with icmp-host-prohibited -A FORWARD -j REJECT --reject-with icmp-host-prohibited COMMIT I am completely stuck. I cannot figure out why the clients cannot access the internet. Am I missing a service? Is a service not running? Any help would be greatly appreciated. I tried to be as thorough as possible but please let me know if I have missed something. Thank you!

Read the article
CentOS 5.7 issues with iptables

- by Corey Whitaker

I'm trying to set up IPTables on a new CentOS server. This server will function as an FTP server that I need to be accessible from the outside, however, I want to lock down SSH to only accept internal IP connections. I need to allow SSH for 10.0.0.0/8 and 172.16.132.0/24. Below I've posted my /etc/sysconfig/iptables file. Whenever I apply this, I essentially lock myself out and I have to access it via console using Vsphere. Can somebody show me what I'm doing wrong? I'm connecting from my laptop with an IP of 172.16.132.226. *filter :INPUT ACCEPT [0:0] :FORWARD ACCEPT [0:0] :OUTPUT ACCEPT [115:15604] :RH-Firewall-1-INPUT - [0:0] -A INPUT -j RH-Firewall-1-INPUT -A FORWARD -j RH-Firewall-1-INPUT -A RH-Firewall-1-INPUT -i lo -j ACCEPT -A RH-Firewall-1-INPUT -p icmp -m icmp --icmp-type any -j ACCEPT -A RH-Firewall-1-INPUT -p esp -j ACCEPT -A RH-Firewall-1-INPUT -p ah -j ACCEPT -A RH-Firewall-1-INPUT -d 224.0.0.251 -p udp -m udp --dport 5353 -j ACCEPT -A RH-Firewall-1-INPUT -p udp -m udp --dport 631 -j ACCEPT -A RH-Firewall-1-INPUT -p tcp -m tcp --dport 631 -j ACCEPT -A RH-Firewall-1-INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT -A RH-Firewall-1-INPUT -s 10.0.0.0/8 -p tcp -m state --state NEW -m tcp --dport 22 -j ACCEPT -A RH-Firewall-1-INPUT -s 172.16.132.0/24 -p tcp -m state --state NEW -m tcp --dport 22 -j ACCEPT -A RH-Firewall-1-INPUT -p tcp -m state --state NEW -m tcp --dport 20 -j ACCEPT -A RH-Firewall-1-INPUT -p tcp -m state --state NEW -m tcp --dport 21 -j ACCEPT -A RH-Firewall-1-INPUT -j REJECT --reject-with icmp-host-prohibited COMMIT

Read the article
Can not open ports in iptables on CentOS 5??

- by abszero

I am trying to open up ports in CentOS's firewall and am having a terrible go at it. I have followed the "HowTo" here: http://wiki.centos.org/HowTos/Network/IPTables as well as a few other places on the Net but I still can't get the bloody thing to work. Basically I wanted to get two things working: VNC and Apache over the internal network. The problem is that the firewall is blocking all attempts to connect to these services. Now if I issue service iptables stop and then try to access the server via VNC or hit the webserver everything works as expected. However the moment I turn iptables back on all of my access is blocked. Below is a truncated version of my iptables file as it appears in vi -A RH-Firewall-1-INPUT -p tcp -m state --state NEW -m tcp --dport 5801 -j ACCEPT -A RH-Firewall-1-INPUT -p tcp -m state --state NEW -m tcp --dport 5901 -j ACCEPT -A RH-Firewall-1-INPUT -p tcp -m state --state NEW -m tcp --dport 6001 -j ACCEPT -A RH-Firewall-1-INPUT -p tcp -m state --state NEW -m tcp --dport 5900 -j ACCEPT -A RH-Firewall-1-INPUT -p tcp -m state --state NEW -m tcp --dport 80 -j ACCEPT Really I would just be happy if I could get port 80 opened up for Apache since I can do most stuff via putty but if I could figure out VNC as well that would be cool. As far as VNC goes there is just a single/user desktop that I am trying to connect to via: [ipaddress]:1 Any help would be greatly appreciated!

Read the article
Add DNS suffixes to a Sonicwall PRO2040 firewall?

- by eidylon

I want to have our network pass out DNS suffixes with the DHCP assignments, so that we don't need to add them to the TCP/IP settings on each computer. Our DHCP is not being handled by an actual server box, but by our Sonicwall firewall, which is a PRO 2040. Can this firewall be set up to append DNS suffixes? Thanks!

Read the article
Networking Mac and PC - Firewall Issue?

- by zm15

Here's the scenario: Work network - I have a Mac and a PC - OS X is Snow Leopard - Windows 7 I am trying to connect to the PC from the Mac. IT ONLY works if I turn off the firewall in Windows. I tried to trace the port and connection it was using, it appears to be on port 445 via TCP. I really prefer not to leave this open, or is it OK? How can I only allow this connection while still leaving the firewall on?

Read the article
Assist me access my firewall using ASDM

- by ghp

Have configured my asa 5520 with all the interfaces inside -- 10.11.12.1 outside - 70.71.72.4 Have not connected the management interface ..left it as is. Im remotely accessing this firewall from a different location by SSH, but would like to use the asdm to access it remotely. I have configured the HTTP SERVER enable and assigned http 10.11.12.254 255.255.255.255 inside Please can someone let me know the config which can help me access this firewall using ASDM.

Read the article
Window 2008 server shared not accessible if Firewall is on

- by Mirage

I have folder to be shared on window server 2008. If i disable all firewalls then MAC can see the folder If i enable firewall then MAC can't connect to my folder WHich rule i have to apply in firewall setting to make that share work

Read the article
Windows Firewall problem GP0 SP3

- by Cyper

Hi All, I have recently rolled XP service pack 3 out on the estate, and for some reason it is enabling the windows firewall. I have a group policy that disables the windows firewall but SP3 is turning it on. Is there any way in GPO that I can turn this off, or is there a setting in SP3 that can be done globally. Cheers

Read the article
Using modproxy to get around China's Great Firewall

- by Yau Leung

I'm using WIX service and I like it very much. However, one big problem is that some of my colleagues are in China but their IP is blocked. I'm wondering if modproxy can help me. I would like to setup a clean server (not blocked by the stupid Chinese government). Pointed the DNS cname to it and have modproxy get the page in background and send the page to viewers in China. Will it work? If yes, can anyone post any examples? Thanks a million

Read the article
12/12 Live Webcast: Introducing Next-Generation Enterprise Auditing and Database Firewall

- by jgelhaus

Join Oracle Security gurus to hear how Oracle products monitor Oracle and non-Oracle database traffic, detect unauthorized activity including SQL injection attacks, and block internal and external threats from reaching the database. Hear how organizations such as TransUnion Interactive and SquareTwo Financial rely on Oracle to monitor and secure their Oracle and non-Oracle database environments. Register for the webcast here.

Read the article
Port listening on localhost:8000 but not on ip:8000

- by Marionette

Hello I'm running a web application on port 8000. When I access it from the host server localhost:8000 it responds ok, 127.0.0.1:8000 also works, but 192.168.1.7:8000 does not work. 192.168.1.7 is the ip of my server. Also if i try to go to another web application running on port 80 it works 192.168.1.7 I enabled ufw firewall and set ufw default allow. I am using ubuntu server 12.04 Any suggestions on why I can't get to my app on port 8000 using the ip-address:8000? Thanks in advance!

Read the article

< Previous Page | 11 12 13 14 15 16 17 18 19 20 21 22 | Next Page >