Web Protection not blocking new URLs

December 4, 2013, 10:17 am

≫ Next: Apps-in-iTunes-laden-erzeugt-Error-3253

≪ Previous: IPv6 autoconfg no default gateway

$

0

0

I'm trying to block access to Facebook

If I add the following line to the "Block these URL/Sites" --> Regular Expressions
^https?://([A-Za-z0-9.-]*\.)?ivillage\.com/

I get the warning that the site has been blocked when I browse to http://www.ivillage.com

However, if I add these... (I found several variations in the forums)
^https?://([A-Za-z0-9.-]*\.)?facebook\.com/
^https?://([A-Za-z0-9.-]\.)*facebook\.com/
^https?://([A-Za-z0-9.-]+\.)?facebook\.com/

I can still access https://www.facebook.com

Why?

---

Apps-in-iTunes-laden-erzeugt-Error-3253

December 4, 2013, 10:44 am

≫ Next: TP-Link Access Point an WAN-Schnittstelle

≪ Previous: Web Protection not blocking new URLs

$

0

0

Apps in iTunes laden erzeugt Error - 3253 | Software | Forum | MacTechNews.de
https://discussions.apple.com/thread...rt=30&tstart=0


habe ich gefunden.
Könnte es sein das die Astaro ähnliche Probleme verursacht?
Siehe drittletzter Artikel obrigen Link bzw. Ende der Diskussion bei Apple.
Letztlich ist häufig die Info das der Wechsel von DNS Serven geholfen hat aber ich nutze nur die Astaro als DNS System.

Gruss

TP-Link Access Point an WAN-Schnittstelle

December 4, 2013, 10:55 am

≫ Next: Harware für UTM 9

≪ Previous: Apps-in-iTunes-laden-erzeugt-Error-3253

$

0

0

Hallo zusammen,
ich hab folgende Konstellation:

Aktuell verbinde ich mich mit einem TP-Link Access-Point mit dem Internet (wird als WDS-Modus betrieben und fungiert als Repeater eines Wireless-Netzwerks). Über die Ethernet-Schnittstelle und dem IP-Bereich 192.168.2.*** funktioniert die Internetverbindung.
Nun möchte ich gerne den Access Point an die WAN-Schnittstelle meiner UTM9 anbinden. Welche Einstellungen muss ich dazu vornehmen? Ich habe es bisher so versucht, dass ich der WAN-Schnittstelle eine IP aus dem Bereich des AccessPoints vergeben hab (192.168.2.254) und als Gateway die Adresse des AccessPoints (192.168.2.1). Leider hat das noch nicht ganz funktioniert. Hat jemand Erfahrung mit diesem Thema?

Danke schonmal für eure Rückmeldungen

Harware für UTM 9

December 4, 2013, 12:27 pm

≫ Next: Firewall overriding L2TP VPN functionality

≪ Previous: TP-Link Access Point an WAN-Schnittstelle

$

0

0

Hallo,
ich bin immer noch auf der Suche nach einer geeigneten Hardware für UTM9. Bisher setze ich ein kleiner Thinclient ein, der mir aber zu viel Strom verbraucht und ich nur zwei Netzwerkkarten habe.
Also meine Frage an euch, welche Hardware nutzt ihr? Könnt ihr mir einen Tipp geben, wo ich eine zusätzliche PCI oder PCI-Expresskarte einbauen kann und die Firewall trotzdem stromsparend ist!?

Firewall overriding L2TP VPN functionality

December 4, 2013, 2:01 pm

≫ Next: US Dept of Defense integrated into L2TP VPN?

≪ Previous: Harware für UTM 9

$

0

0

I'm an intermittent user of the L2TP VPN on my UTM [gotta love acronyms] and I'm finding I cannot connect anymore. I pulled up various logs and SSL remains blank. If I remember there is no dedicated L2TP log. When I attempt a connection I get a firewall log entry indicating UDP port 1701 being blocked via the Default ruleset.

Am I missing something basic here?
Yes, L2TP over IPsec status is green (active/on)

Thanks,
~D

UPDATE--
I assume the UDP 1701 is correctly blocked for security.
Looking at wrong log: IPsec VPN held the answers. Passphrase mismatch Sheesh!

US Dept of Defense integrated into L2TP VPN?

December 4, 2013, 2:22 pm

≫ Next: Publishing Webserver with Sophos UTM

≪ Previous: Firewall overriding L2TP VPN functionality

$

0

0

Ok, here's a fun little puzzler.

I'm connecting my smartphone to my local home net using L2TP via the Sophos UTM.

I'm reviewing the firewall logs and notice traffic on port 443 being blocked between two addresses:
Source:

21.194.27.36 Dept of Defense

Dest:

50.115.125.93 50.115.125.93.static.westdc.net ??

69.171.245.49 Facebook

Here's what I can find on the source:
Location UNITED STATES, OHIO, COLUMBUS Latitude, Longitude 39.96638, -83.01277 (39°57'59"S -83°0'46"E) Connection through DOD NETWORK INFORMATION CENTER Local Time 04 Dec, 2013 05:17 PM (UTC -05:00) Domain NIC.MIL
Here are a couple of lines from the logs:

Code:

---

14:08:16 Packet filter rule #6 L2TP 21.194.27.36 : 39669 → 50.115.125.93 : 443 [RST] len=40 ttl=63 tos=0x00 srcmac=0:0:2f:d2:32:f7

14:08:19 Packet filter rule #6 L2TP 21.194.27.36 : 39669 → 50.115.125.93 : 443 [RST] len=40 ttl=63 tos=0x00 srcmac=0:0:2f:d2:32:f7

14:08:19 Packet filter rule #6 L2TP 21.194.27.36 : 38247 → 69.171.245.49 : 443 [ACK PSH] len=130 ttl=63 tos=0x00 srcmac=0:0:2f:d2:32:f7

14:08:26 Packet filter rule #6 L2TP 21.194.27.36 : 39669 → 50.115.125.93 : 443 [RST] len=40 ttl=63 tos=0x00 srcmac=0:0:2f:d2:32:f7


---

Note the L2TP is the traffic being parsed.

Could I get some fresh eyes on this?

Thanks,

Doug

Publishing Webserver with Sophos UTM

December 5, 2013, 2:08 am

≫ Next: Voucher Customization

≪ Previous: US Dept of Defense integrated into L2TP VPN?

$

0

0

Hello.

We had an old ISA Server from Microsoft to publish our Servers and replaced it now with a Sophos UTM. I’m not really a firewall professional, so I thought maybe there is someone in this forum who can take a look at my configuration and give me some advice if I did something wrong. Thanks in advance.

In the DMZ we have a server for our websites.

Definitions

In Interface and Routing I have an Interface DMZ and in Definitions & Users there are the three Definitions DMZ (Address), DMZ (Broadcast) and DMZ (Network).

Web Application Firewall

In Real Webservers there is my webserver with port 80 and in Virtual Webservers there is my webserver with all the corresponding domains and the Firewall Profile Basic Protection.

Intrusion Prevention

I’m not sure if that is correct, but I added the DMZ (Network) to the Local networks, so the Intrusion Prevention is working for my webserver.

NAT

I don't know if NAT is required if you publish a webserver over the web application firewall but it didn’t work before I enabled it. So I made a masquerading rule from DMZ to one of the external interfaces and one from DMZ to the Internal Interface.

Firewall

I enabled two firewall rules. One is from the internal network to the webserver with the services for administrating the webserver with putty over ssh and over a defined port to the installed webmin. The second rule is from the webserver to Internet IPv4 with the services DNS NTP HTTP HTTPS ping and SMTP, so the webserver can get his updates from his repositories and can send Mails from his web forms.

I hope, I didn’t made something wrong and we’re safe. But I would feel more comfortable if someone of you could confirm this. Thanks.

Voucher Customization

December 5, 2013, 2:22 am

≫ Next: UTM110 + WebProtection 3 yaers TO SELL

≪ Previous: Publishing Webserver with Sophos UTM

$

0

0

Hello BETA testers,

we are still struggling with certain PDF types with our Voucher customization feature. Therefore we would like to ask you to generate Vouchers and test them.

Please fill out the form and upload the PDF in case a failure occured, so we can fix it and generate a knowledge base article with supported programs and tools.


Template for copying/pasting:

UTM Version:

Program or tool and version you used to generate the PDF:

Status: [Working | NOT Working]

---

UTM110 + WebProtection 3 yaers TO SELL

December 5, 2013, 3:47 am

≫ Next: OWA redirection

≪ Previous: Voucher Customization

$

0

0

Hi,

I wish to sell my UTM110 with WepProtection for 3 years.
My customer is retracted at the last moment.

The appliance is in excellent condition, with only one week of operation.

Please contact me by mp for the conditions.

Thanks

OWA redirection

December 5, 2013, 4:30 am

≫ Next: [9.180-21][bug] SPAM Release POP3

≪ Previous: UTM110 + WebProtection 3 yaers TO SELL

$

0

0

Hi,

I am currently beta testing UTM 9.2. I'd like to know how to redirect URLs. For example, when a user types:

http://owa.domainname.com

The UTM directs it to:

https://owa.domainname.com/owa

I have seen the https redirect bit but I can't find how to append /owa

Thanks

[9.180-21][bug] SPAM Release POP3

December 5, 2013, 4:39 am

≫ Next: [9.180][ANSWERED] Custom Dyndns

≪ Previous: OWA redirection

$

0

0

Hi all,
SPAM Release from POP 3 Quarntine no longer works.

regards
mod
ASG HA running on Hyper-V V3

[9.180][ANSWERED] Custom Dyndns

December 5, 2013, 4:45 am

≫ Next: Grundlagen VPN Installation auf UTM9

≪ Previous: [9.180-21][bug] SPAM Release POP3

$

0

0

HI,

its possible, to add Custom Dyndns provider ?
(like all-inkl.com)

Best

Robert

Grundlagen VPN Installation auf UTM9

December 5, 2013, 4:56 am

≫ Next: VPN Netz maskieren

≪ Previous: [9.180][ANSWERED] Custom Dyndns

$

0

0

Hallo zusammen,

wir möchten unsere Sophos UTM 9 für den VPN Zugang via SSL (nicht über PPTP) Konfigurieren.

Ziel soll es sein das alle Außendienst Mitarbeiter über den Sophos Client sich im Firmennetz anbinden können.

Suchen tue ich hierfür eine Dokumentation die Beschreibt wie man hier vor gehen soll.

Ein paar Sceenshoots wäre auch hilfreich.
So was wie Step by Step Anleitung.

Gibt es so was?

Besten Dank im Voraus


Ps. ich habe schon alles Mögliche bei Google gesucht aber nichts passendes gefunden

VPN Netz maskieren

December 5, 2013, 5:10 am

≫ Next: RED 10 rev. 3 Huawei USB Modem E3276 4G

≪ Previous: Grundlagen VPN Installation auf UTM9

$

0

0

Hallo,
Ich habe aktuell das Problem das ich zwei Standorte habe, die beide ein SSL VPN für Fernzugriff bereitstellen. Natürlich beide mit dem gleichen AdressenPool. Ich komme also nicht an den jeweilig anderen Standort.
Meine erste Idee war ein einfaches maskieren der Netze. Sprich, eine NAT Regel die die das VPN Netz direkt ins Interne Netz maskiert. Ist die Lösung gut, oder ehr nicht? Ich meine vom Prinzip her gebe ich den Clients ja sowieso vollen Zugriff aufs Interne Netz indem ich es bei den lokalen Netzen eintrage... Ich könnte natürlich auch ein zusätzliches Netz machen in das ich die Clients maskiere, so könnte ich per Firewall Regel noch ein Stück Sicherheit mehr hinbekommen, allerdings arbeite ich ja sowieso mit VPN Profilen...
Oder ich ändere einfach den Adressen-Pool am nicht so schwierigen Standort.
Welche Lösung am Besten?

Danke im Voraus,
Sebastian

RED 10 rev. 3 Huawei USB Modem E3276 4G

December 5, 2013, 6:07 am

≫ Next: Limit access based on schedule?

≪ Previous: VPN Netz maskieren

$

0

0

Dear Board
Is it possible to connect a Huawei USB Modem E3276 4G the RED and work wit 4G/LTE (100M/bit). At the official Device List there are only the Vodafone K5005 LTE marked as a LTE Modem, but my provider here in Switzerland (Swisscom) only deliver the Huawei.
Has someone positive experience with a 4G/LTE Stick on the RED and if yes maybe a Huawei E3276?
Thanks for answers.
Greetings from Switzerland
Stefan

---

Limit access based on schedule?

December 5, 2013, 6:20 am

≫ Next: Beta Update 9.185: Release and Download Information

≪ Previous: RED 10 rev. 3 Huawei USB Modem E3276 4G

$

0

0

I am running Sophos UTM 9 and I would like to block internet access based on a schedule (only allow access during lunch, non business hours, etc) by MAC address.

Is this possible?

Beta Update 9.185: Release and Download Information

December 5, 2013, 8:33 am

≫ Next: Facebook URL Freigeben

≪ Previous: Limit access based on schedule?

$

0

0

Hi.

We just released 9.185 which fixes an important issue in the SMTP proxy.

Fixed Issues
[*] [29729] [BETA] quarantine reports lead to DD death

Download Information

ASG ISO for Software/Virtual appliance installation:
ftp://ftp.astaro.de/pub/UTM/v9/beta/asg-9.185-3.1.iso
ISO size................: 583M (611588096 bytes)
ISO md5sum..............: 5ac307ede4347778c4a780d3a0006d2a
ISO sha1sum.............: 97d3328e1937c942893e23a2b80befedbf4319ff

SSI ISO for Hardware appliance installation:
ftp://ftp.astaro.de/pub/UTM/v9/beta/ssi-9.185-3.1.iso
ISO size................: 586M (614238208 bytes)
ISO md5sum..............: d847e4d1b1fdb9de678c03694ae438bf
ISO sha1sum.............: 5465fc7f315c49c458ed7b11d3a30103d213a1ef

Up2Date package (from 9.180):
ftp://ftp.astaro.de/pub/UTM/v9/beta/...185003.tgz.gpg
U2D size................: 37M (39092409 bytes)
U2D md5sum..............: a2f94bafefd28271f612cf242e5a3e96
U2D sha1sum.............: 2ddf652110d29632fbc1214493cc0cdb46c7301c

Up2Date package (from 9.106):
ftp://ftp.astaro.de/pub/UTM/v9/beta/...185003.tgz.gpg
U2D size................: 286M (299233427 bytes)
U2D md5sum..............: 0e86ac479abb0e78d7e359f91eb9f1a1
U2D sha1sum.............: 7e2bbf99a1a648b5b0fb33ed0ff2dbb10e88ed36

Please note that the Up2date package will also be distributed over the Up2Date server, so your appliance should usually download the package by itself.

Facebook URL Freigeben

December 5, 2013, 8:56 am

≫ Next: No resources viewable (CPU, Mem, Disk, Connections, etc)

≪ Previous: Beta Update 9.185: Release and Download Information

$

0

0

Hallo liebes Forum,

ist es möglich NUR eine Bestimmte URL z.B. https://www.facebook.com/Firmaxyz/Bilder freizugeben.

Es soll nur diese Seite aufgerufen werden können.

Also nicht https://www.facebook.com

Ich habe jetzt schon mehrfach versucht die Seite komplett einzugeben, allerdings ohne erfolg.

Bei Facebook.* funktioniert es. (Aber das möchte ich nicht. Es soll nur auf ein Bestimmten Bereich zugegriffen werden.)

Oder würde es sonst einen Weg geben?:rolleyes:



Danke mal :)

No resources viewable (CPU, Mem, Disk, Connections, etc)

December 5, 2013, 11:03 am

≫ Next: Email Alerts/Reports not working

≪ Previous: Facebook URL Freigeben

$

0

0

On my dashboard the graphs for system resources are empty.
The same for the executive reports, those have empty graphs in the reports.

Version: 9.185-3
Hardware: UTM120
Updated with Up2Date.

Anyone an idea what goes wrong?

Attached Images

	Schermafbeelding 2013-12-05 om 19.54.21.png (90.4 KB)
	Schermafbeelding 2013-12-05 om 20.00.18.jpg (83.1 KB)

Email Alerts/Reports not working

December 5, 2013, 1:02 pm

≫ Next: AStaro v9 > Checkpoint R77 one way firewall issue.

≪ Previous: No resources viewable (CPU, Mem, Disk, Connections, etc)

$

0

0

I have configured the email alerts and reports according to the following knowledge base article: Setting up endpoint email alerts from a console policy

However I haven't receive any of the alerts or reports that I have configured. I have tested the smtp settings and verified that the "TEST" was successfully established. but have been banging my head on this issue for a while now. Anyone have any idea or provide assistance?

Below is the OS and Console version.

OS: Server 2003
EPM: 5.2.1.197