Search Results

Search found 3293 results on 132 pages for 'comodo firewall'.

Page 3/132 | < Previous Page | 1 2 3 4 5 6 7 8 9 10 11 12  | Next Page >

  • pfsense CARP - wan failure on firewall

    - by eldblz
    I have recently configured 2 firewall (on 2 DELL PowerEdge R210II with ESXI 5.1) with pfsense. We have several LANs and 2 WANs. Everything is running fine but i have a strange behavior: i can access internet from alla LANs but not from the firewall (itself). For example the firewall cannot retrive package information or if i setup a gatway monitor ip (like google 8.8.8.8 ) this fails. These are the screenshots of firewall configuration: http://imgur.com/a/LNuMz#0 ATM i kept firewall rules to minimum to avoid problem or conflicts. Any ideas how to solve the problem? Thank you in advance.

    Read the article

  • "svchost.exe cannot be allowed through firewall" ftp server

    - by Anthony
    Alright here's my problem iv recently set up an ftp server and everything works fine except when i try to allow svchost.exe through the firewall, I get the error message "windows cannot allow svchost through firewall". If i disable the firewall there are no problems but i would rather have the firewall up (for obvious reasons) can anyone please tell me why it is not allowing the application through the firewall and how to fix? Or what i may have done wrong to receive this message as all the tutorials iv seen do not have this issue. Thanks in advance for any help.

    Read the article

  • Why does Windows Firewall show "Unidentified network" as one of my "Active public networks"?

    - by MousePad
    I have a machine that has wifi and ethernet. I have wifi active, and am not using ethernet. My Windows firewall shows two active networks, one is the wifi network I connect to, and the other is "Unidentified network". What is this unidentified network? I can't seem to be able to get rid of it because I can't find where it is even defined. How can you detect this and know whether this is just something appropriate or possibly a security problem? I am on Windows 7 64bit.

    Read the article

  • ESX Firewall Command Troubles

    - by John
    Hi, I am working on creating some firewall rules to stop some of the SSH brute-force attacks that we have seen recently on our ESX server hosts. I have tried the following rules from the CLI to first block all SSH traffic and then allow the two ranges that I am interested in: esxcfg-firewall --ipruleAdd 0.0.0.0/0,22,tcp,REJECT,"Block_SSH" esxcfg-firewall --ipruleAdd 11.130.0.0/16,22,tcp,ACCEPT,"Allow_PUBLIC_SSH" esxcfg-firewall --ipruleAdd 10.130.0.0/16,22,tcp,ACCEPT,"Allow_PRIVATE_SSH" However, these rules are not working as intended. I know that if you do not enter the block rule first, then the allow rule will not be processed. We are now having the issue where the first entered allow rule is being ignored such that the block rule works and the last entered allow rule works. I was curious if anyone had any ideas on how I could allow a few different ranges of IP's with the esxcfg-firewall --ipruleAdd command? I am at a loss and am having a hard time locating examples or further documentation about this. Thanks in advance for your help with this.

    Read the article

  • CryptSvc not matched by Windows 7 Firewall rule

    - by theultramage
    I am using Windows Firewall in conjunction with a third-party tool to get notified about new outbound connection attempts (Windows Firewall Notifier or Windows Firewall Control). The way these tools do it is by setting the firewall to deny by default, and to add an auditing policy to log blocked connections into the Security event log. Then they watch the log, and display notification about newly added entries. netsh advfirewall set allprofiles firewallpolicy blockinbound,blockoutbound auditpol /set /subcategory:{0CCE9226-69AE-11D9-BED3-505054503030} /failure:enable With this configuration in place, I now need to craft outbound allow rules for applications and system services. Here is the rule for CryptSvc, the service frequently used for certificate validation and revocation checking: netsh advfirewall firewall add rule name="Windows Cryptographic Services" action=allow enable=yes profile=any program="%SystemRoot%\system32\svchost.exe" service="CryptSvc" dir=out protocol=tcp remoteport=80,443 The problem is, this rule does not work. Unless I change the scope to "all programs and services" (which is really unhealthy), connection denied events like the following will keep appearing in the security log: Event 5157, Microsoft Windows security auditing. The Windows Filtering Platform has blocked a connection. Application Information: Process ID: 1476 (<- svchost.exe with CryptSvc and nothing else) Application Name: \device\harddiskvolume1\windows\system32\svchost.exe Network Information: Direction: Outbound Source Address: 192.168.0.1 Source Port: 49616 Destination Address: 2.16.52.16 Destination Port: 80 Protocol: 6 (<- TCP) To make sure it's CryptSvc, I have let the connection through and reviewed its traffic; I also configured CryptSvc to run in its own svchost instance to make it more obvious: ;sc config CryptSvc type= share sc config CryptSvc type= own So... why is it not matching the firewall rule, and how to fix that?

    Read the article

  • Home Sharing and Remote on iTunes causing firewall nags

    - by BoltClock
    It seems that enabling Home Sharing and/or hooking up my iPhone's Remote to iTunes causes Mac OS X Snow Leopard's firewall to freak out and keep nagging every time I launch iTunes to ask if I'd like it to accept incoming connections. If I turn off Home Sharing and forget all Remotes, the nag dialog no longer comes up. I could also disable the firewall, but I think that's a silly thing to do. iTunes is already in the firewall whitelist, so the only thing I know that could cause Mac OS X to nag is a bad application bundle code signature. I checked with this Terminal command: $ codesign -vvv /Applications/iTunes.app/ And sure enough, this is what it outputs: /Applications/iTunes.app/: a sealed resource is missing or invalid /Applications/iTunes.app/Contents/Resources/English.lproj/AutofillSettings.nib/objects.xib: resource added /Applications/iTunes.app/Contents/Resources/English.lproj/iTunesDJSettings.nib/objects.xib: resource added /Applications/iTunes.app/Contents/Resources/English.lproj/MobilePhonePrefs.nib/objects.xib: resource added /Applications/iTunes.app/Contents/Resources/English.lproj/MobilePhoneSetup.nib/objects.xib: resource added /Applications/iTunes.app/Contents/Resources/English.lproj/UniversalAccess.nib/objects.xib: resource added I've tried reinstalling iTunes as suggested by this answer, but Mac OS X still nags about incoming connections and the exact same output is generated when I run the above command again. On my PC, Windows Firewall has never nagged whenever I turn on Home Sharing and hook up Remote on my iPhone. Both computers use iTunes 9.2.1. My Mac runs Mac OS X 10.6.4. Is there anything special I need to do that I might have missed? Or how do I resolve the issue? EDIT: I've updated to iTunes 10, but the nags on my Mac are still there and only go away if I turn off Home Sharing and Remote. EDIT 2: I've updated to Remote 2.0 on my iPhone, but the firewall nags are persisting. Has anyone else had this firewall issue at all?

    Read the article

  • TCP Keepalive and firewall killing idle sessions

    - by Carlos A. Ibarra
    In a customer site, the network team added a firewall between the client and the server. This is causing idle connections to get disconnected after about 40 minutes of idle time. The network people say that the firewall doesn't have any idle connection timeout, but the fact is that the idle connections get broken. In order to get around this, we first configured the server (a Linux machine) with TCP keepalives turned on with tcp_keepalive_time=300, tcp_keepalive_intvl=300, and tcp_keepalive_probes=30000. This works, and the connections stay viable for days or more. However, we would also like the server to detect dead clients and kill the connection, so we changed the settings to time=300,intvl=180,probes=10, thinking that if the client was indeed alive, the server would probe every 300s (5 minutes) and the client would respond with an ACK and that would keep the firewall from seeing this as an idle connection and killing it. If the client was dead, after 10 probes, the server would abort the connection. To our surprise, the idle but alive connections get killed after about 40 minutes as before. Wireshark running on the client side shows no keepalives at all between the server and client, even when keepalives are enabled on the server. What could be happening here? If the keepalive settings on the server are time=300,intvl=180,probes=10, I would expect that if the client is alive but idle, the server would send keepalive probes every 300 seconds and leave the connection alone, and if the client is dead, it would send one after 300 seconds, then 9 more probes every 180 seconds before killing the connection. Am I right? One possibility is that the firewall is somehow intercepting the keepalive probes from the server and failing to pass them on to the client, and the fact that it got a probe makes it think that the connection is active. Is this common behavior for a firewall? We don't know what kind of firewall is involved. The server is a Teradata node and the connection is from a Teradata client utility to the database server, port 1025 on the server side, but we have seen the same problem with an SSH connection so we think it affects all TCP connections.

    Read the article

  • Configure firewall (Shorewall/UFW) to allow traffic for services on an Ubuntu Server

    - by Niklas
    I have an Ubuntu Server 11.04 x64 which I want to secure. The server will be open to Internet and I want to be able to SSH/SFTP into the machine and the SSH-server runs on a custom set port. I also want a web server accessible from the Internet. These tasks seems not to hard to perform but I also want SAMBA-shares to be accessible from within the local network and this seems to be a bit trickier. If possible I also want to be able to "stealth" the ports necessary to protect the server further but also allow the SAMBA-shares to be automatically found within the local network. I've never configured firewalls before except for a router and I always bump into a bunch of problem when doing it all by myself so I was hoping for some tips or preferably a guide on how to this. Thank you! Update: On second thought I'd could just as likely go with UFW if the same settings are achievable ("stealth" ports).

    Read the article

  • Watchguard Firewall - Issues with SSLVPN

    - by David W
    I have a client who has a WatchGuard XTM 23 device on site as their primary firewall. I just upgraded its firmware a couple days ago to the latest version for that series, 11.6.6. The problem is that I haven't successfully been able to setup a VPN connection for them. Using the instructions at http://www.watchguard.com/help/docs/webui/11_XTM/en-US/index.html#en-US/mvpn/ssl/configure_fb_for_mvpn_ssl_c.html, I'm trying to setup a VPN with SSL connection: From the firewall web GUI / Dashboard, I go to VPN - Mobile VPN with SSL, I enable it, add the organization's public IP address to which the firewall is connected. I've setup a group in Active Directory named "SSLVPN-Users", verified that the WatchGuard box can talk to the Active Directory Server, and added myself to that group. I then downloaded the WatchGuard Mobile VPN with SSL client onto my own Windows 7 machine, walked to the client's 2nd building across the street (which has a different public internet connection), and tried to connect to the VPN. When I do try to connect with the client, I get the following errors: 2013-06-24T15:41:32.119 Launching WatchGuard Mobile VPN with SSL client. Version 11.6.0 (Build 343814) Built:Jun 13 2012 01:42:55 2013-06-24T15:41:37.595 Requesting client configuration from 184.174.143.176:443 2013-06-24T15:41:50.106 FAILED:Cannot perform http request, timeout 12002 2013-06-24T15:41:50.106 failed to get domain name I discovered today the Firebox System Manager, and its "Traffic Monitor" which gives current log information (refreshes every 5 seconds). Unfortunately, it doesn't look like the client has setup any sort of WatchGuard / Firebox logging server, so actually recording server-side logs to file hasn't been done. I can work on implementing that if I need to. I noticed that if I try to ping the client's public IP address from an outside source, I don't get a response back (unless I added a policy into the firewall to allow ICMP traffic from "External", which I successfully did a few seconds ago for testing purposes - that rule has since been reverted to not respond to external ping requests). There's a policy in the firewall for allowing SSLVPN Traffic authentication requests coming from any external source TO the Firebox, and then to do the authentication / actually allow the VPN traffic, there's a policy allowing traffic for anyone in the SSLVPN-Users group to flow between that user and the inside network. So my questions are: Has anyone seen these errors before from the Watchguard VPN Client, and/or do you have any suggestions on how I can resolve that error? If I need to setup logging server to grab the firewall logs (in order to further troubleshoot this issue), how complicated a task is that and does it require a lot of system resources? The organization I'm consulting with only has 1 server and not a lot of resources or technical know-how.

    Read the article

  • Trouble configuring firewall for FTP on Windows Server 2008 R2

    - by x3ro
    Ok, I'm having the exact same problem as in this question http://serverfault.com/questions/59635/outbound-ftp-on-server-2008-r2-stalls but the accepted answer didn't help me much... I followed the third step of this http://learn.iis.net/page.aspx/309/configuring-ftp-firewall-settings/ guide in order to configure my firewall for FTP, and I am able to authenticate, however, the data channel doesn't seem to be passing through the firewall. If I disable the firewall, everything works fine. Hope someone can help me, as this is really starting to annoy me. Best regards, x3ro

    Read the article

  • Trouble configuring firewall for FTP on Windows Server 2008 R2

    - by x3ro
    Ok, I'm having the exact same problem as in this question http://serverfault.com/questions/59635/outbound-ftp-on-server-2008-r2-stalls but the accepted answer didn't help me much... I followed the third step of this http://learn.iis.net/page.aspx/309/configuring-ftp-firewall-settings/ guide in order to configure my firewall for FTP, and I am able to authenticate, however, the data channel doesn't seem to be passing through the firewall. If I disable the firewall, everything works fine. Hope someone can help me, as this is really starting to annoy me. Best regards, x3ro

    Read the article

  • Linux router and firewall with IP accounting

    - by Andrew
    I'm working on a project to replace my organisation's aging Slackware gateway/router/firewall machine in our colo rack. Previously we used rc.firewall but we are now looking for something more modern and easily configurable. The requirements are: Act as a gateway router & firewall Port forwarding to a Terminal Server in the colo IP/traffic accounting, preferably accessible via SNMP (already using cacti for other servers) Possibility of acting as a PPTP server & routing these connections Is not an out-of-the-box Cisco product (don't have the finances or support to maintain it) I'd prefer to use Ubuntu or some other Debian-based distro but something that integrates everything we're looking for is certainly an option if it offers all the desired features and is easy to configure. Is there a simple set of packages that will provide me with the Firewall & Accounting features, or am I best served with a custom-built distro / other solution?

    Read the article

  • Adding many IP addresses to Windows Firewall using CLI fails partially

    - by Thomas
    I have a PowerShell script which adds IP addresses to Windows Firewall using the "netsh advfirewall" command. (As described in this question: How to append netsh firewall rules, not just replace). The problem is that when adding a lot of IP addresses (currently over 700) the string of IP addresses seems to be 'cut off' at some point. Only an X amount of the total amount of IP addresses are actually added to the firewall, the rest... not. The script is very simple, and looks something like this: $ip = "123.123.123.123,124.124.124.124,125.125.125.125 and so on" netsh advfirewall firewall set rule name="*" new remoteip="$ip" I tried to echo the string to see if it's cut off; echo $ip But the complete string is correctly echo'ed. Is there some kind of string length limit for the netsh command? Or anything else that could be causing this issue?

    Read the article

  • Can't open Windows firewall?

    - by Mr. Noob.
    I accidentally opened a virus on my windows XP, now i can't open the Windows firewall. Control Panel Click on Windows firewall Gives me this error - "Unable to display Windows Firewall settings due to an unidentified problem" What shall i do? (Sorry for my poor english)

    Read the article

  • How do I disable the firewall on blackberry?

    - by user15660
    I own a Blackberry 9630 tour.(Sprint). The firewall is enabled with a lock sign and grayed out. I'm not able to disable it. Because of this many of my blackberry apps don't work as it gives a message "The application has tried to open a connection that's not allowed by your IT policy". I tried all options and there's nothing to disable. This is a personal blackberry and I don't have an IT policy on it. I did all methods like wiping, formatting/resetting to factory settings acc. to blackberry site by running their reset app from PC etc etc. but nothing works I tried CrackUtil for blackberry and that worked and wiped the blackberry. I restored my bb and started using it just to notice that the firewall is enabled back after a desktop manager connection to PC. I even made sure the policy.bin file on PC is a regular one with no IT policy. How do I get this disabled? I had the same problem on my old blackberry 8330 and crackutil disabled the firewall. but after a few days after a desktop manager update of blackberry OS and other small stuff the firewall got enabled again. Please give me a solutions to disable the firewall on blackberry

    Read the article

  • How do I get the Windows 7 Firewall to prompt me whether to allow or deny a new connection?

    - by Epaga
    In Vista and before, new programs attempting an ingoing or outgoing connection would cause a Windows prompt whether to allow or deny the program as a rule. In Windows 7 I seem to have to manually enter rules. Is there any way to get Windows 7 to ask me on its own? Edit : The options MrStatic points to in his answer are already turned on. No prompts, hence my question. See this forum entry for another guy with the same problem

    Read the article

  • Advice on new hardware firewall for a small company server-environment

    - by Mestika
    Hi everyone, My companies currently hardware firewall (an old ZyXEL ZyWALL firewall) and is indeed requiring an update to a new firewall. It is a small company with a similar small server-environment, so the need for a huge, complex and expensive solution isn’t there but a more “straight-forward” firewall, that can provide the necessary security to our systems and block unwanted elements from the core server and only accept access through our one server which is used as an “gateway” between the Internet and our internal network. I haven’t that much experience with hardware firewalls so I’m requesting any good advice and/or knowledge on which products will be suited for our specific need. If you need more information about the specific needs we require, please let me know and I’ll provide them to you. Sincerely - Mestika

    Read the article

  • Firewall GPO not applying despite being enumerated by gpresult

    - by jshin47
    I have a need to open up the admin$ share on all of my domain's client PC's and I am trying to do so using group policy. I defined computer policy for Windows Firewall with Advanced Security in a policy object linked to the appropriate container and added the appropriate rules. However, they are not being applied! I feel like I have tried all of the obvious steps: I've checked gpresult and the resulting set of policy is the way that I would expect it to look. I've gpupdate /force and gpupdate /sync on a few client computers, but no matter what I do they don't seem to respond to my changes. I know that other computer policies in the GPO are being applied so it is strange that these are not. I have also disabled exceptions on clients in the firewall GPO, but that doesn't seem to be applying either. Here is a screenshot of the firewall.cpl from a client: Basically, although other options in the same GPO ARE applied for computer policy, the firewall settings seem to be ignored.

    Read the article

  • Software firewall used in network

    - by user45019
    Hi, I have a medium sized organization with users between 300-500 users. I am looking for software firewall for this type orgnization. Which type of software do you guys prefer, am not looking for hardware firewall...Can u suggest me some names of software firewall for this kind of organization. thanks, Gary

    Read the article

  • FTP blocked by firewall on windows 8.1 update 1 public network

    - by amik
    I've recently upgraded to Windows 8.1 u1. I connect to VPN to one of my projects, over which I connect to FTP server (using Total Commander 8.51a). Now, when I try to connect, Total Commander hangs on "Download" (in case of passive connection on "PASV" command). I've figured out that the problem is somehow caused by firewall, because it works if I disable firewall or I set the VPN network location to "private" (which I don't want, it is not enough trusted network for me) I tried to add total commander to firewall exception for total commander, both to inbound and outbound rule, but with no success. I have no more ideas how to configure the firewall to make FTP work properly, can you plese help me? thanks in advance.

    Read the article

  • What does "Flush the Firewall" mean?

    - by Qasim
    I know this is a real newbie question but what does it mean when someone says they "flushed the firewall". I got locked out of my server a few times due to the enhanced security configuration I had done and when I contacted my server management company, they said both times that they flushed the firewall and I was allowed back in. I hope "flushing the firewall" doesn't mean they reduced the security settings at all.

    Read the article

  • How to allow all traffic from 1 IP address Windows Firewall

    - by Foo_Chow
    I am trying to give another PC completely unrestricted access to my machine. They are both on the same subnet. What I am looking for is effectively disabling the firewall entirely for one IP address. Example Host: 192.168.1.2 Client: 192.168.1.3 Firewall "off" World: xxx.xxx.xxx.xxx Firewall "on" To be specific I am running "Easy"PHP as a testing server for websites and want to access them from other machines on my network. After tinkering I figure the method suggested in my question would be best to make things actually easy. PS. I have already tried opening all ports both inbound and outbound to that IP with no results. My only current success has been actually turning the whole firewall off.

    Read the article

  • How do I know if my firewall is on?

    - by paercebal
    I installed Firestarter, and configured my firewall. But I'm in doubt : On boot, I sometimes see a [FAIL] marker, and to the left, I guess it was something like "start firewall". I can't be sure because the message is seen for less than a second, so I wanted to know if there is a way, without starting the whole firestarter software, to know if the firewall is on and working, or not. Either a gadget, or better, some console instruction, the exact name of the firewall process/daemon, or bash script, will do. Edit: I already tested my computer with the "Shield's Up" http://www.grc.com feature, which marks my computer as "Stealth", but as I am behind a router, I'm not surprised. Still, apparently, my computer answers to pings... Strange...

    Read the article

  • How can I use smbclient to connect to Windows shares by hostname when a firewall is enabled?

    - by skyblue
    I can't connect to file shares on Windows computers using smbclient -L //hostname when the firewall is enabled. This occurs whether I'm using ufw (which allows outgoing traffic and replies back in with the default configuration) or iptables (where I'm allowing outgoing traffic and replies back in with iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT). However, smbclient -L //ip-address works whether the firewall is enabled or not. I also tested this against a Samba server running on Ubuntu and again smbclient -L //hostname does not work when the firewall is enabled, but smbclient -L //ip-address works whether the firewall is enabled or not. For reference, here are the iptables rules I used during testing: *filter :INPUT DROP [0:0] :FORWARD ACCEPT [0:0] :OUTPUT ACCEPT [0:0] -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT -A INPUT -p icmp -j ACCEPT -A INPUT -d 224.0.0.251/32 -p udp -m udp --dport 5353 -j ACCEPT COMMIT

    Read the article

  • Is it possible to configure Ubuntu as a software firewall?

    - by user3215
    I have some systems running on Ubuntu in the private IP range 192.168.2.0-255 . These systems are connected to a switch and the switch is connected to the ISP's modem. Neither the switch nor the modem support firewall options. I don't have any firewall device and I'm not willing to individually configure firewalls on all the systems (via gui/iptables). Is it possible to make an Ubuntu system into something like a software firewall, so that all the traffic/packets sent to or from the WAN(internet) would be allowed/denied based on its firewall rules?

    Read the article

< Previous Page | 1 2 3 4 5 6 7 8 9 10 11 12  | Next Page >