Quantcast
Channel: Sophos User Bulletin Board
Viewing all 14361 articles
Browse latest View live

Network Security License Expired

August 17, 2013, 6:52 pm
$
0
0
Greetings,

This is embarrassing, but we were horrified to receive notice this morning from our ASG220 that the Network Security License expired. We've been using Astaro since 2005 and we always receives advance notice whenever any of our licenses are due for renewal, so I don't know what happened.

I left a voice message with Sophos support and also submitted a ticket through My Astaro. Being the weekend I don't know how soon the message will be received. Unfortunately this has resulted in our remote users being unable to log into the VPN.

Is there a way to generate a temporary license to get our services functioning again until Sophos or our reseller are next available?

Thanks!
Search

Astaro download progress window popup gone

August 17, 2013, 10:56 pm
$
0
0
Astaro download progress window popup gone.
I had/use to get an Astaro popup download progress window popup in the browser on both Windows and Macs. Is this related to the AV scanners? I am running dual AV scanners. I no longer get that. I just get the normal default browser download progress. Both Firefox and Safari don't get it on the Mac and I have only tested Firefox on Windows. I want to get that back. Any ideas?

ISP and UTM/modem configuration

August 18, 2013, 1:56 am
$
0
0
Hi All

After spending some time configuring various routers in bridge configuration in order to provide UTM a public IP address, I think others users will benefit from my troubleshooting. Below is a list of Global ISP and the configuration needed in order for your UTM appliance to get a public IP (Please send me via pm configuration for other ISP and I will add it here). Let's make a start

UK ISP

Thanks
wingman

url-filtering / Additional URLs/sites to block Eintrag verschwindet

August 18, 2013, 2:25 am
$
0
0
Hallo,

ich habe diese Adresse
ds87-230-101-30.dedicated.hosteurope.de
unter webfiltering / url-filtering / Additional URLs/sites to block eingetragen.
Das Problem:
Die URL wird nach dem speichern und neuem Aufbau der Seite nicht mehr angezeigt.
Trage ich sie testweise noch mal ein kommt die Meldung das sie bereits vorhanden ist.
Kennt jemand das Problem?

Gruss

Umstellungsfragen

August 18, 2013, 4:36 am
$
0
0
Hi,

ich habe heute meine bestehende Firewall durch die aktuelle Version von Astaro ausgetauscht.
Soweit läuft alles und ich bin mehr als zufrieden. Allerdings habe ich paar Sachen, die ich nicht ans laufen bekomme:

Skype und dass mein Iphone wieder auf den Apple Store zugreifen kann.
Hab die Webprotection auf transparent mit https Scan gestellt.

Hat jemand eine Idee?

Danke

UTM 9.1 mit mehr als 3 NICs nicht mehr erreichbar

August 18, 2013, 4:50 am
$
0
0
Hallo liebe Kollegen,

ich habe das merkwürdige Problem, dass das Management Interface (WebAdmin) meiner UTM 9.1.103 64-bit unter VMware ESXi 5.1 ab 3 NICs plötzlich nicht mehr erreichbar ist. Das Problem ist reproduzierbar. Bei 3 NICs habe ich keine Probleme, aber sobald ich eine weitere Netzwerkkarte hinzufüge ist WebAdmin nicht mehr erreichbar (jeweils jede NIC als VMXNET3 angelegt).

Habt ihr soetwas schon erlebt?

Viele Grüße

Daniel

Red problem after 9.104-17 update

August 18, 2013, 12:00 pm
$
0
0
This weekend, I installed 9.006-5.1 on new hardware, imported my 8.x config, reconfigured a few things (enabled uplink balancing) and tested.

Everything looked good so I went ahead with the available firmware updates, bringing the UTM to 9.104-17. After a scare from seeing 25 of 30 REDs fail to come back up, I realized they were also getting firmware updates. after 30-40 minutes, all of the REDs were up, however one of them is still reported by the console as being down, even though the tunnel is actually up.

The logs show the standard ping/response and the tunnel works but the console continues to report it as down with a last contact time of around 10 secs.

Any ideas? Everything else seems to be working great.

I have a mixture of v1-v3 REDs. I'm not entirely sure which version this particular one is.

PPPOE probleme nach Update auf 9.105-7

August 18, 2013, 12:01 pm
$
0
0
Hallo
nach dem Update auf 9.105-7 stelle ich nun ein Problem beim PPPOE Interface fest.
Das Interface wird im Webadmin immer mit dem Status "aus" angezeigt.
Ich habe das Interface bereits gelöscht und neu installiert, leider kein erfolg.
Hat jemand nen Hinweis oder ein ähnliches Problem?
Die UTM läuft unter Hyper-V virtualisiert.
Search

How to setup WAF for owa + other

August 18, 2013, 3:35 pm
$
0
0
Hi all,

I've been using the sophos box for about 3 weeks now actually very impressed with the unit.

Now the next step is to setup waf...

Problem is I'm strugging to figure out how this works and how to set it up and how do I import the self assigned cert?

I hope once I get this working over the next 4 weeks I can get a wild card for the rest of the services that will be running through this box aswell.

Cheers,
Aza

Report Inconsistencies

August 18, 2013, 5:32 pm
$
0
0
On the front page of network protection, the top dropped service / destination host is a service called icmp/t3c1. At the moment, it shows 730 dropped packets. When I bring up the report of top services, the top entry is icmp, with the 730 packets. When I click on the service for more detail it's blank. When I try to view the detail for other services, I get a list of ip addresses, but not for this one. Also, the name is strange in comparison to the others that have a port number. Is there an explanation for this?

Wireless Roaming Faulty

August 18, 2013, 7:21 pm
$
0
0
I know I'm not going to get the roaming capabilities of like Meru, but I just did some initial testing on Lenovo Twist with inSIDDER Office running and walked around the building to see signal strengths and see if the AP would roam.

At first it didn't, but I forgot to change the Roaming Aggressiveness up to 5 on the Intel Centrino Wifi card. While walking around for about 15 minutes the laptop only successfully reassociated to a different access point when it was near it.

Is there anything to help the roaming capabilities on the UTM? I know the wireless client card would have to be changed to a higher level or is it best to lower the transmit power for the specific antenna?

SUTM on Qemu/KVM.

August 18, 2013, 11:25 pm
$
0
0
If I install the 64 bit version, I end up with a blank screen upon reboot and no responsiveness via PING or web interface. (32 bit version works).

Does anyone of a workaround? I am guessing it is not supported.

[9.104-17][POP3]Can't bind on port 8110: Address already in use

August 19, 2013, 12:52 am
$
0
0
Hi All

For some time now I am only able to enable pop3 prefetch on one account. Today I've managed to do some troubleshooting

I have two accounts configured for POP3S but it seems that only the first one works(not sure why it says "account 6" thought as I def have only 2 accounts BUT at some point I did have around 6 accounts--Maybe the numbers don't reset!). Today I have disabled the pop3 feature and re enable it again and I got the result below

Code:
127.0.0.1 MAIN pop3 > known_servers@
  0 'REF_PopSerPopgmServe' [***** Servers]
  1 'REF_PopSerMailsServe' [****** Servers]
Code:
2013:08:19-08:39:45 ****** pop3proxy[12941]: Prefetch for account 6 finished (fetched=0, deleted=0, not_on_server=3)
2013:08:19-08:43:59 ****** pop3proxy[4832]: Master terminated
2013:08:19-08:44:11 ****** pop3proxy[13416]: Fatal: Can't bind on port 8110: Address already in use
I am assuming that pop3 still listen to the port 8110 (spam/av engine)? (Allocation of Network Ports for Listening in the Astaro Security Gateway UTM Appliance)

Code:
:/root # netstat -a | grep 8110
tcp        0      0 *:8110                  *:*                    LISTEN
Code:
/root # ps -ef | grep pop3
postgres  3727  3653  0 Aug18 ?        00:00:00 postgres: pop3 pop3 127.0.0.1(52545) idle           
postgres 12504  3653  0 08:36 ?        00:00:00 postgres: pop3 pop3 127.0.0.1(59502) idle           
root    12674 12670  0 08:38 ?        00:00:00 /usr/bin/tail -n 10 -f /var/log/pop3.log
root    14807 14394  0 08:50 pts/0    00:00:00 grep pop3
root    30878    1  0 Aug16 ?        00:00:00 /bin/pop3proxy
postgres 30879  3653  0 Aug16 ?        00:00:00 postgres: pop3 pop3 127.0.0.1(34453) idle
I am not using that port 8110 anywhere (i.e. NAT)

Any thoughts?

Thanks

Attached Images
File Type: png allowed networks.PNG (7.3 KB)
File Type: png Prefetch Servers.PNG (11.0 KB)

[9.104-17]Chrome cosmetic issues

August 19, 2013, 2:27 am

[9.104-17] [BUG] Kernel Segfault-libperl.so

August 19, 2013, 2:41 am
$
0
0
Hi All

It seems that I just found a new segfault issue

Code:
2013:08:19-00:00:09 ****** kernel: [526717.898512] mailsec-reporte[27653]: segfault at 65c ip 00000000f770e14b sp 00000000ff917cd0 error 4 in libperl.so[f767f000+14d000]
Code:
ls -ls /var/storage/cores/
total 262944
 8504 -rw-r--r-- 1 root root  8708096 Jan 10  2013 admin-reporter..6760
23292 -rw-r--r-- 1 root root 23851008 Nov 22  2012 awed.7016
  60 -rw-r--r-- 1 root root    61440 Aug 19 00:00 COMMAND.mailsec-reporte.27653

Code:
stuffman:/root # gdb /usr/local/bin/reporter/mailsec-reporter.pl /var/storage/cores/COMMAND.mailsec-reporte.27653
GNU gdb (GDB) SUSE (7.3-0.8.2.770.g338214c.rb1)
Copyright (C) 2011 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.  Type "show copying"
and "show warranty" for details.
This GDB was configured as "i686-suse-linux".
For bug reporting instructions, please see:
<http://www.gnu.org/software/gdb/bugs/>...
"/usr/local/bin/reporter/mailsec-reporter.pl": not in executable format: File format not recognized
BFD: Warning: /var/storage/cores/COMMAND.mailsec-reporte.27653 is truncated: expected core file size >= 7520256, found: 61440.
[New LWP 27653]
Failed to read a valid object file image from memory.
Core was generated by `/usr/bin/perl /usr/local/bin/reporter/mailsec-reporter.pl'.
Program terminated with signal 11, Segmentation fault.
#0  0xf770e14b in ?? ()
(gdb) bt full
#0  0xf770e14b in ?? ()
No symbol table info available.
Cannot access memory at address 0xff917cd0
Thanks
Search

Lost connectivity to WebAdmin when standard proxy configured

August 19, 2013, 3:41 am
$
0
0
Hello, I have been using my system now in transparent proxy for a while and figured I would like to test in standard proxy mode.
The moment I configured it, I was able to connect to internet again after entering <IP of UTM> as proxy server, however I couldn't access my WebAdmin no more. Had to logon to another site to change back to transparent proxy before I could access WebAdmin again.

With transparent I have my Internal LAN in Skip transparent mode destination networks and I think because this doesn't work in standard proxy mode I have to configure this differently, but I don't know how to do this.
I use proxy profiles btw.

IPS-mailreport dnsstuff URL is outdated

August 19, 2013, 4:46 am
$
0
0
HI

In the notifications mails of IPS detections there is a link with the IP to the dnsstuff.com website.

This link doesn't work correct anymore. It just opens the mainpage of dnsstuff.com instead the IP details.

For example:
-Actual link in the mail:
http://www.dnsstuff.com/tools/ptr/?ip=95.211.207.176

-correct would be:
http://www.dnsstuff.com/tools#ipInformation|type=ipv4&&value=95.211.207.17 6

Erro Apache or Midleware

August 19, 2013, 5:24 am
$
0
0
Code:
Internal Server Error

The server encountered an internal error or misconfiguration and was unable to complete your request.

Please contact the server administrator at admin to inform them of the time this error occurred, and the actions you performed just before this error.

More information about this error may be available in the server error log.
Firmware version: 4.102-7
Pattern version: 49404
Last check: never

Since the updates version 4.*** have had the problem every 4 days ... a log that can analyze?

Web interface no responding

August 19, 2013, 6:19 am
$
0
0
I have spent the past week getting my UTM 9.x up and running at home.
Last night I was clicking through the reports and the browser hung on the site. :(

I waited 20+ minutes and eventually closed the browser and now the site does not come up at all.

What can I do besides restarting the whole UTM itself?

ERROR:The system tried to join a drive to a directory on a joined drive

August 19, 2013, 7:26 am
$
0
0
ERROR:The system tried to join a drive to a directory on a joined drive

New Client connects once on SSL VPN and then Will not connect - Retries with this error each time.

ERROR:The system tried to join a drive to a directory on a joined drive

Anyone else seeing this issue?
Viewing all 14361 articles
Browse latest View live
Search