Switching from beta to home license

February 28, 2014, 12:18 pm

≫ Next: OTP Token Creation - Manual Method

≪ Previous: 9.200.11,Webadmin and OTP.

$

0

0

When I apply my home license to 9.200-11, replacing the beta license, I get a warning that my customization of user messages will be reset to default since the license does not cover that. Is this correct? Seems to be an odd feature to limit when everything else is fully available.

"Management → Customization → Web Messages:
The Home User License does not allow customizations of the enduser_messages->http->sp_warn_subject configuration. Continuing will reset this customization to the default."

Regards,
Ola

---

OTP Token Creation - Manual Method

February 28, 2014, 3:03 pm

≫ Next: AP30 and Samsung Note3 complaining

≪ Previous: Switching from beta to home license

$

0

0

I am having trouble determining the "correct" secret format/length.

If I go to randomkeygen.com and use a 152-bit WEP Key, I get the error message "The OTP shared secret '.....' must be at least 128 bits long." (Is it not 152 bits long?)

If I try some of the other hex keys I get the message ""The OTP secret '....' must be a hexadecimal octet string." message.

What is the correct format to use and if using the tool at randomkey.com, which one?

Thanks :)

AP30 and Samsung Note3 complaining

February 28, 2014, 8:16 pm

≫ Next: SMTP IPv6 HE

≪ Previous: OTP Token Creation - Manual Method

$

0

0

Hi,

Since I got my Note3, it keeps complaining at home that my "Wireless Network is unstable".

It doesn't do this at work.

I'm running 9.106, with an AP30 (great signal); I'm using Channel 11 and only one neighbor shows up on my site survey, on Channel 6.
No other 2.4GHz devices in the house.

The only devices normally on the WiFi are the Samsung Note3, 1 iPhone5s, and 1 iPad.
There are a couple laptops and a Wii, but they are usually powered off.

Connection is FiOS, and I have uplink monitoring enabled, and I don't get many alerts from the UTM that the line is down, nor do I see any problems when using wired devices.

In addition to the Samsung's alerts, sometimes pages including Google aren't loading on the phone.

I don't see anything in the IPS and firewall logs, and I'm not using the proxies.

The wireless log has lots of stuff, I'm not sure what it all is:

Code:

---

2014:02:28-19:32:43 ap30 hostapd: wlan2: STA 00:d0:2d:26:37:2c WPA: received EAPOL-Key frame (2/2 Group)
2014:02:28-19:32:43 ap30 hostapd: wlan2: STA 00:d0:2d:26:37:2c WPA: group key handshake completed (RSN)
2014:02:28-19:32:43 ap30 hostapd: wlan2: STA 0c:3e:9f:01:d4:ec WPA: received EAPOL-Key frame (2/2 Group)
2014:02:28-19:32:43 ap30 hostapd: wlan2: STA 0c:3e:9f:01:d4:ec WPA: group key handshake completed (RSN)
2014:02:28-19:32:43 ap30 hostapd: wlan2: STA 10:1c:0c:2a:f0:9f WPA: received EAPOL-Key frame (2/2 Group)
2014:02:28-19:32:43 ap30 hostapd: wlan2: STA 10:1c:0c:2a:f0:9f WPA: group key handshake completed (RSN)
2014:02:28-19:34:51 ap30 kernel: [919354.560000] net_ratelimit: 54 callbacks suppressed
2014:02:28-19:42:04 ap30 kernel: [919788.850000] net_ratelimit: 61 callbacks suppressed
2014:02:28-19:42:39 ap30 kernel: [919823.040000] net_ratelimit: 34 callbacks suppressed
2014:02:28-19:42:41 ap30 hostapd: wlan0: WPA rekeying GTK
2014:02:28-19:42:43 ap30 hostapd: wlan1: WPA rekeying GTK
2014:02:28-19:42:43 ap30 hostapd: wlan2: WPA rekeying GTK
2014:02:28-19:42:43 ap30 hostapd: wlan2: STA 0c:3e:9f:01:d4:ec WPA: sending 1/2 msg of Group Key Handshake
2014:02:28-19:42:43 ap30 hostapd: wlan2: STA f0:27:65:ea:69:40 WPA: sending 1/2 msg of Group Key Handshake
2014:02:28-19:42:43 ap30 hostapd: wlan2: STA 10:1c:0c:2a:f0:9f WPA: sending 1/2 msg of Group Key Handshake
2014:02:28-19:42:43 ap30 hostapd: wlan2: STA 00:d0:2d:26:37:2c WPA: sending 1/2 msg of Group Key Handshake
2014:02:28-19:42:43 ap30 hostapd: wlan4: WPA rekeying GTK
2014:02:28-19:42:43 ap30 hostapd: wlan2: STA 10:1c:0c:2a:f0:9f WPA: received EAPOL-Key frame (2/2 Group)
2014:02:28-19:42:43 ap30 hostapd: wlan2: STA 10:1c:0c:2a:f0:9f WPA: group key handshake completed (RSN)
2014:02:28-19:42:43 ap30 hostapd: wlan2: STA 00:d0:2d:26:37:2c WPA: received EAPOL-Key frame (2/2 Group)
2014:02:28-19:42:43 ap30 hostapd: wlan2: STA 00:d0:2d:26:37:2c WPA: group key handshake completed (RSN)
2014:02:28-19:42:43 ap30 hostapd: wlan2: STA f0:27:65:ea:69:40 WPA: received EAPOL-Key frame (2/2 Group)
2014:02:28-19:42:43 ap30 hostapd: wlan2: STA f0:27:65:ea:69:40 WPA: group key handshake completed (RSN)
2014:02:28-19:42:43 ap30 hostapd: wlan2: STA 0c:3e:9f:01:d4:ec WPA: EAPOL-Key timeout
2014:02:28-19:42:43 ap30 hostapd: wlan2: STA 0c:3e:9f:01:d4:ec WPA: sending 1/2 msg of Group Key Handshake
2014:02:28-19:42:43 ap30 hostapd: wlan2: STA 0c:3e:9f:01:d4:ec WPA: received EAPOL-Key frame (2/2 Group)
2014:02:28-19:42:43 ap30 hostapd: wlan2: STA 0c:3e:9f:01:d4:ec WPA: group key handshake completed (RSN)
2014:02:28-19:42:43 ap30 hostapd: wlan2: STA 0c:3e:9f:01:d4:ec WPA: received EAPOL-Key 2/2 Group with unexpected replay counter
2014:02:28-19:43:00 ap30 kernel: [919843.450000] net_ratelimit: 3 callbacks suppressed
2014:02:28-19:43:05 ap30 kernel: [919848.750000] net_ratelimit: 110 callbacks suppressed
2014:02:28-19:43:12 ap30 kernel: [919855.670000] net_ratelimit: 121 callbacks suppressed
2014:02:28-19:44:32 ap30 kernel: [919935.880000] net_ratelimit: 44 callbacks suppressed
2014:02:28-19:44:46 ap30 kernel: [919949.880000] net_ratelimit: 43 callbacks suppressed
2014:02:28-19:44:51 ap30 kernel: [919955.350000] net_ratelimit: 1 callbacks suppressed
2014:02:28-19:45:06 ap30 kernel: [919969.740000] net_ratelimit: 14 callbacks suppressed
2014:02:28-19:45:14 ap30 kernel: [919978.190000] net_ratelimit: 19 callbacks suppressed
2014:02:28-19:45:19 ap30 kernel: [919983.410000] net_ratelimit: 52 callbacks suppressed
2014:02:28-19:45:41 ap30 kernel: [920004.930000] net_ratelimit: 72 callbacks suppressed
2014:02:28-19:45:47 ap30 kernel: [920010.940000] net_ratelimit: 19 callbacks suppressed
2014:02:28-19:45:53 ap30 kernel: [920016.720000] net_ratelimit: 41 callbacks suppressed
2014:02:28-19:45:58 ap30 kernel: [920021.910000] net_ratelimit: 144 callbacks suppressed
2014:02:28-19:46:11 ap30 kernel: [920035.340000] net_ratelimit: 16 callbacks suppressed
2014:02:28-19:46:20 ap30 kernel: [920043.990000] net_ratelimit: 56 callbacks suppressed
2014:02:28-19:46:25 ap30 kernel: [920049.240000] net_ratelimit: 27 callbacks suppressed
2014:02:28-19:46:42 ap30 kernel: [920065.420000] net_ratelimit: 25 callbacks suppressed
2014:02:28-19:46:51 ap30 kernel: [920075.180000] net_ratelimit: 14 callbacks suppressed
2014:02:28-19:46:56 ap30 kernel: [920080.590000] net_ratelimit: 35 callbacks suppressed
2014:02:28-19:47:10 ap30 kernel: [920093.210000] net_ratelimit: 48 callbacks suppressed
2014:02:28-19:47:19 ap30 kernel: [920102.600000] net_ratelimit: 29 callbacks suppressed
2014:02:28-19:47:24 ap30 kernel: [920108.020000] net_ratelimit: 12 callbacks suppressed
2014:02:28-19:47:38 ap30 kernel: [920122.460000] net_ratelimit: 94 callbacks suppressed
2014:02:28-19:47:45 ap30 kernel: [920128.980000] net_ratelimit: 126 callbacks suppressed
2014:02:28-19:47:59 ap30 kernel: [920142.870000] net_ratelimit: 133 callbacks suppressed
2014:02:28-19:48:45 ap30 kernel: [920189.020000] net_ratelimit: 31 callbacks suppressed
2014:02:28-19:52:41 ap30 hostapd: wlan0: WPA rekeying GTK
2014:02:28-19:52:43 ap30 hostapd: wlan1: WPA rekeying GTK
2014:02:28-19:52:43 ap30 hostapd: wlan2: WPA rekeying GTK
2014:02:28-19:52:43 ap30 hostapd: wlan2: STA 0c:3e:9f:01:d4:ec WPA: sending 1/2 msg of Group Key Handshake
2014:02:28-19:52:43 ap30 hostapd: wlan2: STA f0:27:65:ea:69:40 WPA: sending 1/2 msg of Group Key Handshake
2014:02:28-19:52:43 ap30 hostapd: wlan2: STA 10:1c:0c:2a:f0:9f WPA: sending 1/2 msg of Group Key Handshake
2014:02:28-19:52:43 ap30 hostapd: wlan2: STA 00:d0:2d:26:37:2c WPA: sending 1/2 msg of Group Key Handshake
2014:02:28-19:52:43 ap30 hostapd: wlan4: WPA rekeying GTK
2014:02:28-19:52:43 ap30 hostapd: wlan2: STA f0:27:65:ea:69:40 WPA: received EAPOL-Key frame (2/2 Group)
2014:02:28-19:52:43 ap30 hostapd: wlan2: STA f0:27:65:ea:69:40 WPA: group key handshake completed (RSN)
2014:02:28-19:52:43 ap30 hostapd: wlan2: STA 00:d0:2d:26:37:2c WPA: received EAPOL-Key frame (2/2 Group)
2014:02:28-19:52:43 ap30 hostapd: wlan2: STA 00:d0:2d:26:37:2c WPA: group key handshake completed (RSN)
2014:02:28-19:52:43 ap30 hostapd: wlan2: STA 10:1c:0c:2a:f0:9f WPA: received EAPOL-Key frame (2/2 Group)
2014:02:28-19:52:43 ap30 hostapd: wlan2: STA 10:1c:0c:2a:f0:9f WPA: group key handshake completed (RSN)
2014:02:28-19:52:43 ap30 hostapd: wlan2: STA 0c:3e:9f:01:d4:ec WPA: EAPOL-Key timeout
2014:02:28-19:52:43 ap30 hostapd: wlan2: STA 0c:3e:9f:01:d4:ec WPA: sending 1/2 msg of Group Key Handshake
2014:02:28-19:52:43 ap30 hostapd: wlan2: STA 0c:3e:9f:01:d4:ec WPA: received EAPOL-Key frame (2/2 Group)
2014:02:28-19:52:43 ap30 hostapd: wlan2: STA 0c:3e:9f:01:d4:ec WPA: group key handshake completed (RSN)
2014:02:28-19:52:43 ap30 hostapd: wlan2: STA 0c:3e:9f:01:d4:ec WPA: received EAPOL-Key 2/2 Group with unexpected replay counter
2014:02:28-20:02:41 ap30 hostapd: wlan0: WPA rekeying GTK
2014:02:28-20:02:43 ap30 hostapd: wlan1: WPA rekeying GTK
2014:02:28-20:02:43 ap30 hostapd: wlan2: WPA rekeying GTK
2014:02:28-20:02:43 ap30 hostapd: wlan2: STA 0c:3e:9f:01:d4:ec WPA: sending 1/2 msg of Group Key Handshake
2014:02:28-20:02:43 ap30 hostapd: wlan2: STA f0:27:65:ea:69:40 WPA: sending 1/2 msg of Group Key Handshake
2014:02:28-20:02:43 ap30 hostapd: wlan2: STA 10:1c:0c:2a:f0:9f WPA: sending 1/2 msg of Group Key Handshake
2014:02:28-20:02:43 ap30 hostapd: wlan2: STA 00:d0:2d:26:37:2c WPA: sending 1/2 msg of Group Key Handshake
2014:02:28-20:02:43 ap30 hostapd: wlan4: WPA rekeying GTK
2014:02:28-20:02:43 ap30 hostapd: wlan2: STA 00:d0:2d:26:37:2c WPA: received EAPOL-Key frame (2/2 Group)
2014:02:28-20:02:43 ap30 hostapd: wlan2: STA 00:d0:2d:26:37:2c WPA: group key handshake completed (RSN)
2014:02:28-20:02:43 ap30 hostapd: wlan2: STA 10:1c:0c:2a:f0:9f WPA: received EAPOL-Key frame (2/2 Group)
2014:02:28-20:02:43 ap30 hostapd: wlan2: STA 10:1c:0c:2a:f0:9f WPA: group key handshake completed (RSN)
2014:02:28-20:02:43 ap30 hostapd: wlan2: STA 0c:3e:9f:01:d4:ec WPA: EAPOL-Key timeout
2014:02:28-20:02:43 ap30 hostapd: wlan2: STA 0c:3e:9f:01:d4:ec WPA: sending 1/2 msg of Group Key Handshake
2014:02:28-20:02:43 ap30 hostapd: wlan2: STA f0:27:65:ea:69:40 WPA: EAPOL-Key timeout
2014:02:28-20:02:43 ap30 hostapd: wlan2: STA f0:27:65:ea:69:40 WPA: sending 1/2 msg of Group Key Handshake
2014:02:28-20:02:44 ap30 hostapd: wlan2: STA 0c:3e:9f:01:d4:ec WPA: received EAPOL-Key frame (2/2 Group)
2014:02:28-20:02:44 ap30 hostapd: wlan2: STA 0c:3e:9f:01:d4:ec WPA: group key handshake completed (RSN)
2014:02:28-20:02:44 ap30 hostapd: wlan2: STA 0c:3e:9f:01:d4:ec WPA: received EAPOL-Key 2/2 Group with unexpected replay counter
2014:02:28-20:02:44 ap30 hostapd: wlan2: STA f0:27:65:ea:69:40 WPA: EAPOL-Key timeout
2014:02:28-20:02:44 ap30 hostapd: wlan2: STA f0:27:65:ea:69:40 WPA: sending 1/2 msg of Group Key Handshake
2014:02:28-20:02:44 ap30 hostapd: wlan2: STA f0:27:65:ea:69:40 WPA: received EAPOL-Key frame (2/2 Group)
2014:02:28-20:02:44 ap30 hostapd: wlan2: STA f0:27:65:ea:69:40 WPA: group key handshake completed (RSN)
2014:02:28-20:02:44 ap30 hostapd: wlan2: STA f0:27:65:ea:69:40 WPA: received EAPOL-Key 2/2 Group with unexpected replay counter
2014:02:28-20:02:44 ap30 hostapd: wlan2: STA f0:27:65:ea:69:40 WPA: received EAPOL-Key 2/2 Group with unexpected replay counter
2014:02:28-20:08:04 ap30 kernel: [921347.600000] net_ratelimit: 11 callbacks suppressed
2014:02:28-20:08:12 ap30 kernel: [921355.370000] net_ratelimit: 24 callbacks suppressed

---

Anything stand out to anyone?

Thanks,
Barry

SMTP IPv6 HE

March 1, 2014, 6:42 am

≫ Next: [9.200-11] Web protection SSL filter

≪ Previous: AP30 and Samsung Note3 complaining

$

0

0

Hallo,

Habe die 9.2 aufgespielt, jetzt geht SMTP per IPv6 nicht mehr, die UTM antwortet nur noch auf IPv4 und Port 25.
IPv6 geht weder auf der IPv6 des Tunnelbrokers
2001:470:1f0a:8f4::2

noch auf dem eingerichteten IPv6 MX:
2001:470:734a:3999::1

Ping & HTTP gehen, getestet habe ich das mit einer Testmail von Heise.de und diesem Tool:
Online Port Scanner IPv6 - SubnetOnline.com

Hat jemand den Bug auch?

Danke für die Hilfe

[9.200-11] Web protection SSL filter

March 1, 2014, 7:51 am

≫ Next: Outbound VPN connectivity

≪ Previous: SMTP IPv6 HE

$

0

0

Hi,

I have install the new Version and a new Problem.

I have a esxi in office B.

Then i activate in Web protection "https traffic - URL filtering only" i can't connect to esxi. I Check that and find out that i can Not connect to https://<esxi>

I turn https traffic Check off... It works.

Best regards.

Outbound VPN connectivity

March 1, 2014, 10:38 am

≫ Next: How to I enable just allowing specific MAC to be able to use the network?

≪ Previous: [9.200-11] Web protection SSL filter

$

0

0

I'm having 2 issues.

1) outbound PPTP connections do not work for me through UTM9. They do work directly to the cable modem.
2) My wifes outbound VPN connection (Cisco Any Connect), I think IPsec, UDP 4500 is very slow through the UTM9. 100 down / 35 up VPN direct to modem, 2 down / 2 up VPN through the UTM9.

I tried turning off web filtering and intrusion prevention with no effect.

I tried looking through the logs for the PPTP problem and didn't find anything probably because I am unsure what I am looking for.

Any help appreciated.
Thanks

How to I enable just allowing specific MAC to be able to use the network?

March 1, 2014, 11:26 am

≫ Next: Is this a correct Network IPS configuration?

≪ Previous: Outbound VPN connectivity

$

0

0

Basically I would like to limit the access to my LAN only to specific MAC's that are on the LAN. Is that possible?

Thanks

Is this a correct Network IPS configuration?

March 1, 2014, 11:31 am

≫ Next: [9.200-11] User Portal Remote Access links bad

≪ Previous: How to I enable just allowing specific MAC to be able to use the network?

$

0

0

I have my UTM connect right after the FIOS Ethernet that comes out of the wall.

Attached Images

network.PNG (13.0 KB)

---

[9.200-11] User Portal Remote Access links bad

March 1, 2014, 2:51 pm

≫ Next: 9.2 virtuell Node 1 read only

≪ Previous: Is this a correct Network IPS configuration?

$

0

0

Click here to install the SSL VPN configuration on your Android™ or iOS™ device. The client software is available for download on Google Play or the App Store.

The 2 links begin with my UTM IP address and have a trailing "

Meanwhile I cannot seem to download and install the configuration to a Nexus 4 android phone over wifi - I get unsuccessful or queued when I look in the downloads folder

9.2 virtuell Node 1 read only

March 1, 2014, 11:47 pm

≫ Next: [9.200-11] No way to close "Reporting Direction" Windows

≪ Previous: [9.200-11] User Portal Remote Access links bad

$

0

0

Hallo,

my virtuell HA crashed 2 times since the update to 9.2. When restarting the nodes I can see in the messages on the screen that the filesystem on node 1 is radonly.
After a reboot I found in /var/log/system starting yesterday at 23.15 messages that the filesystem is readonly.


Ralf

[9.200-11] No way to close "Reporting Direction" Windows

March 2, 2014, 1:55 am

≫ Next: Endpoint protection for Mac/OS X

≪ Previous: 9.2 virtuell Node 1 read only

$

0

0

Hi,

I was playing around with the reporting today and I found that when I had clicked on an domain I got the Reporting Direction window. So far so good.
But I wanted to go back and click an different domain. I took the wrong one...

There was no [X] in the upper right corner to do so. Or an Cancel button in the buttom.

The only way to get rid of this was to choose an view and then use the Avalible Reports and klick Sites again.

No major issue just a bit annoying ;)

Regards,
Frank

Endpoint protection for Mac/OS X

March 2, 2014, 3:28 am

≫ Next: Update auf 9.2

≪ Previous: [9.200-11] No way to close "Reporting Direction" Windows

$

0

0

Hi
I thought there would be made available an endpoint protection client for OS X and Mac together with version 9.200. There is currently only a WIndows Client available. Anyone aware of any OS X clients?

/Andy

Update auf 9.2

March 2, 2014, 3:59 am

≫ Next: 9.2 Web Filtering - HTTPS (SSL) traffic Issue

≪ Previous: Endpoint protection for Mac/OS X

$

0

0

Hallo Zusammen,

wie kann ich auf 92. Updaten (Also nicht neu installieren)
Bei mir schlägt das System kein Update vor.

mfg
XeogX

9.2 Web Filtering - HTTPS (SSL) traffic Issue

March 2, 2014, 9:29 am

≫ Next: SMTP connection closed by DROP in ACL

≪ Previous: Update auf 9.2

$

0

0

In the new ver (9.2) I run into strange issue working with HTTPS (SSL) traffic:
Turning the "URL filtering only" – no problem.
Turning the "URL filtering only" off – the system will crash and restart.
Error info:
System was restarted
Reason: (unknown)

Another issue concerning "URL filtering only" – some sites are blocked.

I wonder if anyone else can confirm it.

SMTP connection closed by DROP in ACL

March 2, 2014, 4:01 pm

≫ Next: 9.200 brokes SUM web-configuration and regular extensions in web-filter

≪ Previous: 9.2 Web Filtering - HTTPS (SSL) traffic Issue

$

0

0

Here is my configuration:

I have secondary MX setup in case of server failure with Dyndns.org (mailhop)

my Server was down for maintenance this weekend.

Brought the exchange server back on line and now all the email held at dyndns is try to come back but the UTM9 is dropping the connection "Drop in ACL"

Following is the log, How do I fix this

Envelope-from: <ccdec4d3b@steelemail.net>
host exim-in[6517]:: [3\31] Envelope-to: <ccdec4d3b@myemail.com>
host exim-in[6517]:: [4\31] P Received: from mxout-059-ewr.mailhop.org ([216.146.33.59]:50391 helo=mail-22-ewr.dyndns.com)
host exim-in[6517]:: [5\31] by FW1.myemail.com with esmtp (Exim 4.76)
host exim-in[6517]:: [6\31] (envelope-from <ccdec4d3b@steelemail.net>)
host exim-in[6517]:: [7\31] id 1WKFmt-0001h7-01
host exim-in[6517]:: [8\31] for ccdec4d3b@myemail.com; Sun, 02 Mar 2014 17:27:15 -0600
host exim-in[6517]:: [9\31] X-CTCH-RefID: str=0001.0A020206.5313BE78.00C1,ss=4,re=0.000,recu =0.000,reip=0.000,pt=R_286614,cl=4,cld=1,fgs=8
host exim-in[6517]:: [10\31] X-Mail-Handler: MailHop by DynDNS
host exim-in[6517]:: [11\31] X-Originating-IP: 88.80.118.79
host exim-in[6517]:: [12\31] P Received: from [88.80.118.79] (unknown [88.80.118.79])
host exim-in[6517]:: [13\31] by mail-22-ewr.dyndns.com (Postfix) with ESMTP id EE99E2E5B7
host exim-in[6517]:: [14\31] for <ccdec4d3b@myemail.com>; Sun, 2 Mar 2014 19:24:12 +0000 (UTC)
host exim-in[6517]:: [15\31] P Received: from [10.0.0.219] ([10.0.0.219:6709] helo=KRUSHOVSK\xC0-PC)
host exim-in[6517]:: [16\31] by 3DB8DBDD (envelope-from <ccdec4d3b@steelemail.net>)
host exim-in[6517]:: [17\31] (ecelerity 3.5.1.37854 r(Momo-dev:3.5.1.0)) with ESMTP
host exim-in[6517]:: [18\31] id 0C/83-AA2CF-18F0BF03; Sun, 02 Mar 2014 21:24:20 +0300
host exim-in[6517]:: [19\31] Date: Sun, 02 Mar 2014 21:24:11 +0300
host exim-in[6517]:: [20\31] F From: "AmazingPfizer" <ccdec4d3b@steelemail.net>
host exim-in[6517]:: [21\31] R Reply-To: ccdec4d3b@steelemail.net
host exim-in[6517]:: [22\31] T To: ccdec4d3b@myemail.com
host exim-in[6517]:: [23\31] I Message-ID: <BD50B06CA15CAD16A7DE38222124E47-B7C76179FA0282E0F0788256A2E47815@KRUSHOVSK\xC0-PC>
host exim-in[6517]:: [24\31] Subject: Customer ccdec4d3b Get 75% OFF!
host exim-in[6517]:: [25\31] MIME-Version: 1.0
host exim-in[6517]:: [26\31] Content-Type: text/html; charset=UTF-8
host exim-in[6517]:: [27\31] Content-Transfer-Encoding: 7bit
host exim-in[6517]:: [28\31] X-Mailer: WhatCounts
host exim-in[6517]:: [29\31] ENVID: WC-7118260334313-1301bef24a0c38fc7bcf16597c92-9aab1fa539a8d1174f1b76afe721ba81
host exim-in[6517]:: [30\31] List-Unsubscribe: <http://email.steelemail.net/u?id=1301bef24a0c38fc7bcf16597c92>
host exim-in[6517]:: [31/31] X-Unsubscribe-Web: <http://email.steelemail.net/u?id=1301bef24a0c38fc7bcf16597c92>
host exim-in[6517]:: 2014-03-02 17:27:15 1WKFmt-0001h7-01 SMTP connection from mxout-059-ewr.mailhop.org (mail-22-ewr.dyndns.com) [216.146.33.59]:50391 closed by DROP in ACL

---

9.200 brokes SUM web-configuration and regular extensions in web-filter

March 2, 2014, 4:18 pm

≫ Next: DNS issue with Vlan

≪ Previous: SMTP connection closed by DROP in ACL

$

0

0

My updated UTM 9.200 doesn`t append web-configuration from SUM (4.103), this UTM is absent in deploy list!
also, my previously uploaded from SUM web-filter rules with regular extensions stopped working
with regular extension

Code:

---

^https?://([A-Za-z0-9.-]*\.)?***\.ru/

---

i`ve got error

Code:

---

2014:03:03-11:02:04 123 httpproxy[5538]: id="0002" severity="info" sys="SecureWeb" sub="http" name="web request blocked" action="block" method="CONNECT" srcip="192.168.25.21" dstip="" user="" statuscode="403" cached="0" profile="REF_HttProUser (user)" filteraction="REF_HttCffTemp (temp)" size="3279" request="0x989e000" url="https://mail.***.ru" exceptions="" error="" authtime="0" dnstime="0" cattime="191852" avscantime="0" fullreqtime="195451" device="0" auth="0" category="9998" reputation="neutral" categoryname="Uncategorized" application=""

---

but if i create temp rule for
domain ***.ru with checked checkbox "include subdomains", rule start working:

Code:

---

2014:03:03-11:03:53 123 httpproxy[5538]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="CONNECT" srcip="192.168.25.15" dstip="***.***.***.***" user="" statuscode="200" cached="0" profile="REF_HttProUser (user)" filteraction="REF_HttCffTemp (temp)" size="1856" request="0x173b1540" url="https://mail.***.ru" exceptions="" error="" authtime="0" dnstime="137427" cattime="0" avscantime="0" fullreqtime="1186342" device="0" auth="0" application=""

---

where i make a mistake?

DNS issue with Vlan

March 2, 2014, 4:53 pm

≫ Next: Swisscom TV / IPTV

≪ Previous: 9.200 brokes SUM web-configuration and regular extensions in web-filter

$

0

0

Hello,

I think I have my vlan interface now working.

Eth0 is a vlan interface, set to vlan 1, the default in Cisco.
I can ping the I.P. of vlan 1 interface and I can web into it and manage the UTM. But I can not pull up external web sites. I have attached photos of my settings. Do I have DNS configured wrong or?

Chad

Attached Images

	dashboard.jpg (81.3 KB)
	interfaces.jpg (67.4 KB)
	DNS.jpg (61.9 KB)
	DHCP.jpg (60.9 KB)

Swisscom TV / IPTV

March 2, 2014, 10:10 pm

≫ Next: RED an UTM

≪ Previous: DNS issue with Vlan

$

0

0

Hallo,

gibt es jemanden, der mir bei der Einrichtung von Swisscom TV hinter einer 9.2 helfen könnte? So weit läuft alles mit einem gebridgten Router, ich komme ins Internet etc. Bei Swisscom TV gibt es nach 10s den Freeze, wenn auf Multicast umgeschaltet wird.
Zum Setup: eth1 ist mein VDSL-Interface, an eth2 hängt nur die Swisscom Box. Ich habe auf der UTM eine Masquerading-Rule eth2-Netz nach eth1-Netz erstellt und versucht, jeglichen Traffice vom eth2-Netz überall hin zu erlauben, ich habe auch noch eine paar Multicast-Netze hinzugenommen. Falls das wichtig wäre, müsste ich noch ein paar Screenshots anhängen. Dann habe ich mich an igmpproxy versucht, meine Konfig ist
--------------------------------------------------------------------
## This sample configuration assumes your PPP is on eth0
## And your internal network is 192.168.1.0/24
## with just ONE single receiver on 192.168.1.61

##------------------------------------------------------
## Enable Quickleave mode (Sends Leave instantly)
##------------------------------------------------------
quickleave

##------------------------------------------------------
## Configuration for Upstream Interface
##------------------------------------------------------

# Set this to the VLAN interface your PPP is running on

phyint eth1 upstream ratelimit 0 threshold 1

# These are the T-Home Entertain networks
altnet 239.0.0.0/8 #MBONE
altnet 224.0.0.0/4
altnet 195.186.0.0/16 #Swisscom Infra
altnet 192.168.223.10/32 #SCTV Master Box
altnet 1.0.0.0/8


# Only one of the below config lines should be enabled!
# Set this to your receiver network
altnet 192.168.223.10/32
# If it's only ONE receiver you can use
#altnet 192.168.1.61/32

##------------------------------------------------------
## Configuration for Downstream Interface
##------------------------------------------------------

# Set this to the interface for your receiver network
# (usually your internal network adapter)

phyint eth2 downstream ratelimit 0 threshold 1

# Only one of the below config lines should be enabled!
# Set this to your receiver network
altnet 192.168.223.10/32

phyint eth0 disabled
phyint eth1 disabled
phyint eth2 disabled
phyint lo disabled
--------------------------------------------------------------------

Bei den Settings habe ich schon alle möglichen Versionen versucht, Interfaces auf disabled oder nicht, etc.
Leider ohne Erfolg, nach ein paar Sekunden bleibt das Bild stehen.


Kann mir hier jemand einen Tip geben? Ich wäre für jede Hilfe dankbar, denn wenn ich TV nicht zu laufen bekomme, wird meine Familie böse :)

Danke.

RED an UTM

March 2, 2014, 10:45 pm

≫ Next: Concurrent Connections with SNMP

≪ Previous: Swisscom TV / IPTV

$

0

0

Hallo allerseits,

ich habe mal eine kleine Frage:

Ausgangslage:

Haupstandort mit fester IP und interner IP-Kreis von 192.168.178.x

- dort steht die UTM mit IP: 192.168.178.1
- Windows Server 2012 als DC mit IP: 192.168.178.2
- mehrere Clients mit fester IP

Nebenstandort mit fester IP und interner IP-Kreis von 192.168.3.x

- dort steht eine FritzBox als Router mit IP 192.168.3.1
- Sophos RED 10 mit 192.168.3.2
- dann ein Switch und alle Clients vor Ort haben wieder feste IP´s

Nun möchte ich gerne das der normale Internetverkehr vom Nebenstandort nicht durch die RED geht sondern nur der Netzwerktraffic falls auf Netzwerkressourcen am Hauptstandort zugegriffen wird. Gleichzeitig möchte ich die Clients am Nebenstandort mit in die Domäne des Hauptstandortes aufnehmen.

Nur irgendwie bekomme ich das nicht zum laufen.

Concurrent Connections with SNMP

March 3, 2014, 1:08 am

≫ Next: IPS only logs from traffic to ip adres of the utm server

≪ Previous: RED an UTM

$

0

0

Hi,
i need to get the number of Concurrent Connections with snmp
Someone know the OID?
Thanks a lot