Quantcast
Channel: Sophos User Bulletin Board
Viewing all 14361 articles
Browse latest View live

Network Security License on ASG220

July 2, 2014, 11:25 pm
$
0
0
Our Network Security license for the ASG220 is about to expire in a few weeks.

According to the description: "This subscription enables the Intrusion Prevention System (IPS) incl. pattern updates, DoS/Flood Protection, SSL & IPsec based VPN and Remote Access, Advanced Routing, WAN Link Balancing and detailed Network Security Reporting."

Does this mean that if we do not renew the license the VPN (and the rest of the services in the quote above) will stop working?

TIA
Search

Blacklist Mails in Quarantäne

July 2, 2014, 11:41 pm
$
0
0
Hallo,

gibt es eine Möglichkeit Mails von Absender die auf einer (eigenen) Blacklist stehen nicht zu "Blackholen" sondern in Quarantäne zu verschieben?


Viele Grüße
Frank

SSL VPN - Auth failed

July 3, 2014, 12:43 am
$
0
0
Hallo,

ich nutze schon recht lange den SSL VPN Client. Bisher gab es auch keine Probleme. Von heute auf morgen kann ich mich aber nicht mehr Verbindung. Laut Log heißt es nur "auth-failure".

Der Login erfolgt über AD-Benutzer, Benutzername und Passwort haben sich definitiv nicht verändert.
Der Admin sagte nur das mein Benutzer als einziger (wieso auch immer) lokal angelegt war und hat ihn nun nochmal mit dem AD-Synchronisiert.

Bei anderen Mitarbeiter funktioniert es weiterhin.

Neuinstallation des Client, Systemwiederherstellung, Testen eines anderen Benutzers und auch der Test an einem zweiten Notebook brachte keine Besserung. Updates beim Router kann ich ebenfalls ausschließen.

Ich bin mit meinen Ideen so langsam am Ende. Hat jemand einen Tipp für mich?

Nachfolgend das Log. IP und Benutzer habe ich entfernt.

Thu Jul 03 09:27:12 2014 OpenVPN 2.3.0 i686-w64-mingw32 [SSL (OpenSSL)] [LZO] [IPv6] built on Jun 6 2014
Enter Management Password:
Thu Jul 03 09:27:12 2014 MANAGEMENT: TCP Socket listening on [AF_INET]127.0.0.1:25341
Thu Jul 03 09:27:12 2014 Need hold release from management interface, waiting...
Thu Jul 03 09:27:13 2014 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:25341
Thu Jul 03 09:27:13 2014 MANAGEMENT: CMD 'state on'
Thu Jul 03 09:27:13 2014 MANAGEMENT: CMD 'log all on'
Thu Jul 03 09:27:13 2014 MANAGEMENT: CMD 'hold off'
Thu Jul 03 09:27:13 2014 MANAGEMENT: CMD 'hold release'
Thu Jul 03 09:27:17 2014 MANAGEMENT: CMD 'username "Auth" "***X"'
Thu Jul 03 09:27:17 2014 MANAGEMENT: CMD 'password [...]'
Thu Jul 03 09:27:17 2014 WARNING: Make sure you understand the semantics of --tls-remote before using it (see the man page).
Thu Jul 03 09:27:17 2014 NOTE: OpenVPN 2.1 requires '--script-security 2' or higher to call user-defined scripts or executables
Thu Jul 03 09:27:17 2014 Socket Buffers: R=[65536->65536] S=[65536->65536]
Thu Jul 03 09:27:17 2014 Attempting to establish TCP connection with [AF_INET]***.xx.xx.xx:*** [nonblock]
Thu Jul 03 09:27:17 2014 MANAGEMENT: >STATE:1404372437,TCP_CONNECT,,,
Thu Jul 03 09:27:18 2014 TCP connection established with [AF_INET]***.xx.xx.xx:***
Thu Jul 03 09:27:18 2014 TCPv4_CLIENT link local: [undef]
Thu Jul 03 09:27:18 2014 TCPv4_CLIENT link remote: [AF_INET]***.xx.xx.xx:***
Thu Jul 03 09:27:18 2014 MANAGEMENT: >STATE:1404372438,WAIT,,,
Thu Jul 03 09:27:18 2014 MANAGEMENT: >STATE:1404372438,AUTH,,,
Thu Jul 03 09:27:18 2014 TLS: Initial packet from [AF_INET]***.xx.xx.xx:***, sid=6bfe907d 8cfc6a9a
Thu Jul 03 09:27:18 2014 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
Thu Jul 03 09:27:19 2014 VERIFY OK: depth=1, C=de, <nachfolgend entfernt>
Thu Jul 03 09:27:19 2014 VERIFY X509NAME OK: C=de, <nachfolgend entfernt>
Thu Jul 03 09:27:19 2014 VERIFY OK: depth=0, C=de, <nachfolgend entfernt>
Thu Jul 03 09:27:21 2014 Data Channel Encrypt: Cipher 'AES-128-CBC' initialized with 128 bit key
Thu Jul 03 09:27:21 2014 Data Channel Encrypt: Using 128 bit message hash 'MD5' for HMAC authentication
Thu Jul 03 09:27:21 2014 Data Channel Decrypt: Cipher 'AES-128-CBC' initialized with 128 bit key
Thu Jul 03 09:27:21 2014 Data Channel Decrypt: Using 128 bit message hash 'MD5' for HMAC authentication
Thu Jul 03 09:27:21 2014 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 1024 bit RSA
Thu Jul 03 09:27:21 2014 [Juniperus] Peer Connection Initiated with [AF_INET]***.xx.xx.xx:***
Thu Jul 03 09:27:22 2014 MANAGEMENT: >STATE:1404372442,GET_CONFIG,,,
Thu Jul 03 09:27:23 2014 SENT CONTROL [Juniperus]: 'PUSH_REQUEST' (status=1)
Thu Jul 03 09:27:23 2014 AUTH: Received control message: AUTH_FAILED
Thu Jul 03 09:27:23 2014 SIGUSR1[soft,auth-failure] received, process restarting
Thu Jul 03 09:27:23 2014 MANAGEMENT: >STATE:1404372443,RECONNECTING,auth-failure,,
Thu Jul 03 09:27:23 2014 Restart pause, 5 second(s)

WAF zeigt die Seite nicht komplett an

July 3, 2014, 4:10 am
$
0
0
Hallo

Ich habe das Problem, dass ich ein NAS von Synology habe und dort über die Photo Station 6 die Seite öffentlich machen will. Leider wird die Seite aber nicht richtig bzw. unvollständig angezeigt.

Bei der Sophos UTM habe ich die Version 9.203-3

Hier mal das LOG
2014:07:03-13:00:17 Firewall-1 reverseproxy: srcip="xx.***.***.123" localip="xx.***.***.123" size="1095" user="-" host="xx.***.***.123" method="GET" statuscode="200" reason="-" extra="-" exceptions="-" time="40218" url="/photo/" server="meine.domain.de" referer="-" cookie="PHPSESSID=jk69mfto81slu0slonbq9gsoa4" set-cookie="-"
2014:07:03-13:00:17 Firewall-1 reverseproxy: srcip="xx.***.***.123" localip="xx.***.***.123" size="0" user="-" host="xx.***.***.123" method="GET" statuscode="304" reason="-" extra="-" exceptions="-" time="9749" url="/photo/scripts/uistrings.php" server="meine.domain.de" referer="http://meine.domain.de/photo/" cookie="PHPSESSID=jk69mfto81slu0slonbq9gsoa4" set-cookie="-"
2014:07:03-13:00:17 Firewall-1 reverseproxy: srcip="xx.***.***.123" localip="xx.***.***.123" size="0" user="-" host="xx.***.***.123" method="GET" statuscode="304" reason="-" extra="-" exceptions="-" time="16582" url="/photo/tinymce/tinymce.min.js" server="meine.domain.de" referer="http://meine.domain.de/photo/" cookie="PHPSESSID=jk69mfto81slu0slonbq9gsoa4" set-cookie="-"
2014:07:03-13:00:17 Firewall-1 reverseproxy: srcip="xx.***.***.123" localip="xx.***.***.123" size="0" user="-" host="xx.***.***.123" method="GET" statuscode="304" reason="-" extra="-" exceptions="-" time="26075" url="/photo/photo_new/flexcroll/flexcroll.js" server="meine.domain.de" referer="http://meine.domain.de/photo/" cookie="PHPSESSID=jk69mfto81slu0slonbq9gsoa4" set-cookie="-"
2014:07:03-13:00:17 Firewall-1 reverseproxy: srcip="xx.***.***.123" localip="xx.***.***.123" size="0" user="-" host="xx.***.***.123" method="GET" statuscode="304" reason="-" extra="-" exceptions="-" time="30388" url="/photo/css/flexcrollstyles.css" server="meine.domain.de" referer="http://meine.domain.de/photo/" cookie="PHPSESSID=jk69mfto81slu0slonbq9gsoa4" set-cookie="-"
2014:07:03-13:00:17 Firewall-1 reverseproxy: srcip="xx.***.***.123" localip="xx.***.***.123" size="0" user="-" host="xx.***.***.123" method="GET" statuscode="304" reason="-" extra="-" exceptions="-" time="32352" url="/photo/photo_new/ext-3/resources/css/ext-all.css" server="meine.domain.de" referer="http://meine.domain.de/photo/" cookie="PHPSESSID=jk69mfto81slu0slonbq9gsoa4" set-cookie="-"
2014:07:03-13:00:17 Firewall-1 reverseproxy: srcip="xx.***.***.123" localip="xx.***.***.123" size="0" user="-" host="xx.***.***.123" method="GET" statuscode="304" reason="-" extra="-" exceptions="-" time="52151" url="/photo/photo_new/ext-3/ux/ux-all.js" server="meine.domain.de" referer="http://meine.domain.de/photo/" cookie="PHPSESSID=jk69mfto81slu0slonbq9gsoa4" set-cookie="-"
2014:07:03-13:00:17 Firewall-1 reverseproxy: srcip="xx.***.***.123" localip="xx.***.***.123" size="0" user="-" host="xx.***.***.123" method="GET" statuscode="304" reason="-" extra="-" exceptions="-" time="32161" url="/photo/jwplayer/jwplayer.js" server="meine.domain.de" referer="http://meine.domain.de/photo/" cookie="PHPSESSID=jk69mfto81slu0slonbq9gsoa4" set-cookie="-"
2014:07:03-13:00:17 Firewall-1 reverseproxy: srcip="xx.***.***.123" localip="xx.***.***.123" size="0" user="-" host="xx.***.***.123" method="GET" statuscode="304" reason="-" extra="-" exceptions="-" time="65981" url="/photo/photo_new/ext-3/adapter/ext/ext-base.js" server="meine.domain.de" referer="http://meine.domain.de/photo/" cookie="PHPSESSID=jk69mfto81slu0slonbq9gsoa4" set-cookie="-"
2014:07:03-13:00:17 Firewall-1 reverseproxy: srcip="xx.***.***.123" localip="xx.***.***.123" size="0" user="-" host="xx.***.***.123" method="GET" statuscode="304" reason="-" extra="-" exceptions="-" time="61174" url="/photo/photo_new/ext-3/ext-all.js" server="meine.domain.de" referer="http://meine.domain.de/photo/" cookie="PHPSESSID=jk69mfto81slu0slonbq9gsoa4" set-cookie="-"
2014:07:03-13:00:17 Firewall-1 reverseproxy: srcip="xx.***.***.123" localip="xx.***.***.123" size="0" user="-" host="xx.***.***.123" method="GET" statuscode="304" reason="-" extra="-" exceptions="-" time="47426" url="/photo/photo_new/syno_photo_main.js" server="meine.domain.de" referer="http://meine.domain.de/photo/" cookie="PHPSESSID=jk69mfto81slu0slonbq9gsoa4" set-cookie="-"
2014:07:03-13:00:17 Firewall-1 reverseproxy: srcip="xx.***.***.123" localip="xx.***.***.123" size="0" user="-" host="xx.***.***.123" method="GET" statuscode="304" reason="-" extra="-" exceptions="-" time="59135" url="/photo/photo_new/ext-3/ux/ux-all.css" server="meine.domain.de" referer="http://meine.domain.de/photo/" cookie="PHPSESSID=jk69mfto81slu0slonbq9gsoa4" set-cookie="-"
2014:07:03-13:00:17 Firewall-1 reverseproxy: srcip="xx.***.***.123" localip="xx.***.***.123" size="0" user="-" host="xx.***.***.123" method="GET" statuscode="304" reason="-" extra="-" exceptions="-" time="49688" url="/photo/photo_new/ext-3/resources/css/xtheme-gray-syno.css" server="meine.domain.de" referer="http://meine.domain.de/photo/" cookie="PHPSESSID=jk69mfto81slu0slonbq9gsoa4" set-cookie="-"
2014:07:03-13:00:17 Firewall-1 reverseproxy: srcip="xx.***.***.123" localip="xx.***.***.123" size="0" user="-" host="xx.***.***.123" method="GET" statuscode="304" reason="-" extra="-" exceptions="-" time="40566" url="/photo/photo_new/css/imageChooser.css" server="meine.domain.de" referer="http://meine.domain.de/photo/" cookie="PHPSESSID=jk69mfto81slu0slonbq9gsoa4" set-cookie="-"
2014:07:03-13:00:17 Firewall-1 reverseproxy: srcip="xx.***.***.123" localip="xx.***.***.123" size="0" user="-" host="xx.***.***.123" method="GET" statuscode="304" reason="-" extra="-" exceptions="-" time="63185" url="/photo/css/SuperBoxSelect.css" server="meine.domain.de" referer="http://meine.domain.de/photo/" cookie="PHPSESSID=jk69mfto81slu0slonbq9gsoa4" set-cookie="-"
2014:07:03-13:00:17 Firewall-1 reverseproxy: srcip="xx.***.***.123" localip="xx.***.***.123" size="0" user="-" host="xx.***.***.123" method="GET" statuscode="304" reason="-" extra="-" exceptions="-" time="57606" url="/photo/photo_new/css/black.css" server="meine.domain.de" referer="http://meine.domain.de/photo/" cookie="PHPSESSID=jk69mfto81slu0slonbq9gsoa4" set-cookie="-"
2014:07:03-13:00:17 Firewall-1 reverseproxy: srcip="xx.***.***.123" localip="xx.***.***.123" size="0" user="-" host="xx.***.***.123" method="GET" statuscode="304" reason="-" extra="-" exceptions="-" time="39788" url="/photo/photo_new/css/flashUploadDataView.css" server="meine.domain.de" referer="http://meine.domain.de/photo/" cookie="PHPSESSID=jk69mfto81slu0slonbq9gsoa4" set-cookie="-"
2014:07:03-13:00:17 Firewall-1 reverseproxy: srcip="xx.***.***.123" localip="xx.***.***.123" size="0" user="-" host="xx.***.***.123" method="GET" statuscode="304" reason="-" extra="-" exceptions="-" time="57184" url="/photo/photo_new/css/smallScreen.css" server="meine.domain.de" referer="http://meine.domain.de/photo/" cookie="PHPSESSID=jk69mfto81slu0slonbq9gsoa4" set-cookie="-"
2014:07:03-13:00:17 Firewall-1 reverseproxy: srcip="xx.***.***.123" localip="xx.***.***.123" size="0" user="-" host="xx.***.***.123" method="GET" statuscode="304" reason="-" extra="-" exceptions="-" time="69163" url="/photo/photo_new/css/style.css" server="meine.domain.de" referer="http://meine.domain.de/photo/" cookie="PHPSESSID=jk69mfto81slu0slonbq9gsoa4" set-cookie="-"
2014:07:03-13:00:17 Firewall-1 reverseproxy: srcip="xx.***.***.123" localip="xx.***.***.123" size="0" user="-" host="xx.***.***.123" method="GET" statuscode="304" reason="-" extra="-" exceptions="-" time="112380" url="/photo/include/client_string.php" server="meine.domain.de" referer="http://meine.domain.de/photo/" cookie="PHPSESSID=jk69mfto81slu0slonbq9gsoa4" set-cookie="-"
2014:07:03-13:00:17 Firewall-1 reverseproxy: srcip="xx.***.***.123" localip="xx.***.***.123" size="466" user="-" host="xx.***.***.123" method="GET" statuscode="200" reason="-" extra="-" exceptions="-" time="66741" url="/photo/include/custom_css.php" server="meine.domain.de" referer="http://meine.domain.de/photo/" cookie="PHPSESSID=jk69mfto81slu0slonbq9gsoa4" set-cookie="-"


Kann mir da jemand einen Tipp geben?

Installing a new RED50 (Not connecting to the remote VPN)

July 3, 2014, 4:25 am
$
0
0
Hello,

I'm new here (and kind of a newbie) so please bear with me and forgive any mistakes that I make.

So I'm trying to install a new RED50 device into our existing network (current config is as follows : LAN -> DLink DES-1024D SWITCH -> Cisco 8600 series router > Dlink switch connected to the internet via a fiber optic connection).
The RED50 is currently connected to the first switch (DES-1024D) via the LAN1 port, and to the second switch via the WAN1 port (I also tried connecting the WAN1 port to the Cisco router).
This is what happens when I power the RED50 :
- Power LED is green.
- LAN1 and WAN1 Link LEDs are green.
- LAN1 and WAN1 Activity LEDs are blinking orange.
- The normal messages on the screen start to show up (Starting RED >ID ***.. > Network Setup > Try WAN1 > Try Prov. Server > Network Setup > Try WAN2 > Try Prov. Server then it shuts down and restarts...)

I didn't want to change the Cisco router's configuration before posting (The tech who was here before me did the configuration and he left before giving me any idea about how he configured it).

Any idea about what issue and what might be causing it?

Thanks a lot in advance for any kind of help.

Windows Update - Solved?

July 3, 2014, 5:24 am
$
0
0
I have been reading quite a bit on this issue and a lot of people are pointing to the Web Filtering with SSL and Transparent mode. After trying all the proposed solutions and having limited success, I got to do some old fashion debugging. TCPDUMP and DISABLE ALL functions but what is needed.

So off with IPS, APP Control, Web Filtering, Advanced threat protection, etc.

All that was left was the Firewall functions.

After Turning on one item. Failing updates, turning off that item and going to the next. I found the culprit.

The issue seems to be with the Application Control. I have not found the cause within application control but I am still investigating the issue.

UTM Home Edition Error

July 3, 2014, 9:08 am
$
0
0
When trying to download the UTM Home Edition --- after entering user information it goes to an error message. Tried from a couple computers and had a coworker try. Can anyone help?:confused:

Wildcard hostheader in Virtual Webserver

July 3, 2014, 10:19 am
$
0
0
Hello

I have 3 Real webservers setup under Web Application Firewall.

The i have made 6 virtual webservers.

3 with https and 3 with http

They have all be configured the same. and with

*.sub1.domain.com
*.sub2.domain.com
*.sub3.domain.com

Both for http and https

All https://*.sub(1-3).domain.com works fine with wildcard.
And 2 of them also works with http, but the third give this error in the log.

Sophos reverseproxy: [Thu Jul 03 15:05:43.293325 2014] [url_hardening:error] [pid 31157:tid 3006712688] [client 1.1.1.1:60067] Hostname in HTTP request (35.sub3.domain.dk) does not match the server name (sub1.domain.com)

if i stop the sub1 http rule, it just changes to sub2 and if i stop sub2, it says.

(35.sub3.domain.dk) does not match the server name (sub3.domain.com)

it is like the wildcard on that one site dosent work. i have deleted the site and recreated it many times, made clones of the working, but cant get it to work.

Hope you guys have an idea where to look.

Best Regards
Stefan
Search

RED Problem

July 3, 2014, 10:25 am
$
0
0
Hallo,

wir haben ein Problem bei einem etwas exotischen Setup:

Unsere Umgebung: UTM9 auf einer Sophos Hardware. Aktuellst Version. Ein paar RED-Boxen dazu.

Die UTM9 hat ihre Default Route ins LAN (eth0), was historische Gründe hat. Früher wurde die UTM nur als IPsec Endpunkt genutzt, wobei die Gegenstellen über statische Gatewayrouten verbunden waren. Der Internetverkehr sollte (und soll nach wie vor) Richtung LAN gesendet werden. Somit hatten wir also seither nur die Option, feste öffentliche IP-Gegenstellen zu erreichen.

Das Gleiche galt seither auch für verbundene RED Boxen: so lange Diese an Internetnanschlüssen statisch/öffentlich verbunden waren klappte Dies einwandfrei.

Nun zum Problem:

Um RED-Boxen auch von variablen öffentlichen Adressen aus verbinden zu lassen wurde folgendes getan: Die UTM bekam auf dem, über unseren ISP ans Internet angebundene Interface eth1 eine zweite Adresse verpasst. Auf dem ISP router wurde ebenfalls die Next-Hop Adresse des neuen Subnetztes angelegt, um Internetverkehr auf einer weiteren öffentlichen Adresse von der UTM ausgehend zu ermöglichen.

Die UTM wurde nun mit einer statischen policy Route ausgestattet, die Jeden Verkher von dieser neue hinzugefügten IP-Adresse mit Dienst ANY and ziel ANY über den Next Hop des ISP routen soll.

Eine testweise eingekaufte neue RED Box wollte sich zunächst nicht verbinden. Als wir aber den Eintrag "Source interface" in der Policy Route auf ANY stellten, klappte die Verbindung der RED sofort.

RED ist nun über die zum eth1 hinzugefügte Verbindung verbunden, steht im Status auf grün. Die anderen statischen Tunnel und RED Verbindungen laufen auf die eth1 primär zugeordnete Adresse. Ping auf die Adresse des REd-Interface klappt, aber alles was an dem Switch der RED angeschlossen wurde funktioniert nicht.

Das ist der Stand.

Gruß und Danke im Voraus

Current Pattern Version 0 after migrating to new hardware

July 3, 2014, 1:39 pm
$
0
0
I have migrated to new hardware and restored my backup config. I am running on my own hardware with firmware version 9.203-3.
I have attached a copy of my Up2Date log when I ask the system to perform an update. Also attached is a copy of my version screenshot.

I have restarted the server, but no change with that.

Attached Images
File Type: jpg Pattern version 0.JPG (39.1 KB)
File Type: jpg Up2Date log.JPG (52.1 KB)

German Translation

July 3, 2014, 11:49 pm
$
0
0
Hello Folks,

has anyone already done german translations of the SPX textuals and would like to share?

Cheers,

DiePlage

Emails being moved to the trash in my Hotmail email account

July 4, 2014, 3:13 am
$
0
0
Hello. I have a new Mac Mini 2.5 GHz with Mac OS X 10.9.3, running Safari 7.0.4 and Sophos Anti Virus 9.0.11. I have a Hotmail account which I use for advertising and advocacy stuff (fortunately that it's nothing more important given the situation) and emails keep getting put in the trash without my intervention. They are always advocacy emails about women's issues that I have never seen until I find them in my trash. I have a USB camera but it hasn't been plugged in for months, and a Bluetooth keyboard and mouse which I wonder if it is the weak point. Wi fi is turned off. The keyboard and mouse were given to me by someone I trust before I bought the computer.

Because of this I checked my recent activity for the Hotmail account and found recent (as of a couple of weeks ago) failed login attempts from Russia, so I turned on 2 factor authentication and changed my password to a ten digit random collection of upper and lower case letters, numbers & special characters (it had been a random combination upper and lower case letters, numbers & special characters before but it was only 8 digits and hadn't been changed in a long time). That was on 15/6/14 and today I found another email in the trash from 28/6/14. There are no suspicious logins in my recent activity.

Any thoughts or suggestions as to what to do next? Thank you.

Extreme Bandwith Usage

July 4, 2014, 3:17 am
$
0
0
Hello today I was find some strange bandwitch usage on my lan interface.
I try to check what could it be and I only found Unclassified application/category with load 6GB
How can I found more about this. See attach

Attached Images
File Type: png unclassified.png (67.0 KB)

xbox one connectivity issue

July 4, 2014, 6:44 pm
$
0
0
I use the sofphos utm9 software on a stand alone pc as my firewall

Odd problem with a familiar flair.
I have a pair of xbox ones (assigned to diff address and diff names naturally).
I have done the correct port forwarding.
They connect to live just fine, games play just fine. online chat, skype etc work well. BUT..

The system cant patch, new games cant download , current games cant patch, and of course I can't download apps or patch them. They simply wont. It times out with an error.

If I bypass the firewall it works fine. None of the issues occur.

Once apps are installed they work fine (incl movies) but if they need a patch it stops them again.
The odd thing.
This happened a few years ago with the xbox 360 and a firewall patch resolved after someone posted it.

Is there a work around? Is it a known issue or am I the first to bring it up?

How to block external IP address

July 4, 2014, 7:55 pm
$
0
0
Dear All,

Could you please let me know how to block external IP address who is trying to login to our UTM 9. Just want to block the IP 56.45.X.X. As I am new and learning. Please let me know the steps how to do it. Thank you.
Search

AP 30 wird nicht erkannt

July 5, 2014, 7:33 am
$
0
0
Hallo,

mein Access Point AP 30 wird nicht erkannt. Das Standby LED blinkt langsam, habe in der Knowledgebase gelesen, dass das bei unkonfigurierten Geräten der Fall ist oder wenn es nicht angeschlossen ist. Das Gerät sendet auch keine SSID usw. aus. Habe das dazu auch keine Anleitung bekommen, wird das Gerät nur über die UTM konfiguriert oder kommt man da auch anderst drauf? Im Live Log steht folgendes:

2014:07:05-16:22:33 utm awed[5894]: [MASTER] SIGTERM received, sending SIGTERM to siblings, exiting
2014:07:05-16:24:06 utm awed[13121]: [MASTER] awed_ng starting
2014:07:05-16:24:06 utm awed[13121]: [MASTER] access point firmware available: AP10:5026 AP50:5026 AP5:1 AP30:5026

use UTM to connect to a paid OpenVPN service

July 5, 2014, 8:53 pm
$
0
0
I'm trying to do something I don't even know if possible...

I would like to have the UTM act as an OpenVPN client, ( like my laptop does ) and connect to a paid OpenVPN service ,

then, have a specific computer on my internal network , be able to reach local resources like normal, but, have it's internet traffic forced inside the VPN tunnel created between the UTM and the paid service .

I did try (not knowing if it would work,) to create a new SSL connection as a client,
and stopped at the 'upload config file' step, because,
the .ovpn file has to have the paths specified ,
so where do I put the following files:?
ca.crt,
client.crt
client.key

but first thing first:

can this be done ?

Thanks

traffic between interfaces

July 5, 2014, 9:30 pm
$
0
0
I have been trying to pass traffic between a couple of internal vlan interfaces, but am having a hard time getting it to work.

Basically, I have 2 vlans set up on a single hardware interface and each works fine on its own for communication to the external network. Each one has its own /24 subnet. The vlans are defined on a procurve switch, and the interfaces on the UTM map to each of the vlan IDs.

So, I added 2 firewall rules to permit any service from one interface to the other (network definition #1 -> any service -> network definition #2) and vice versa. But, it doesnt work. I cant ping or telnet between the 2. Do I need a bridge or a route? I thought the UTM establishes routes automatically for any network directly attached to it.

Thanks.

How to Exclude PC from Web Filter Only by MAC?

July 5, 2014, 10:31 pm
$
0
0
Hey folks,

First time using Sophos UTM (but not new to UTM). I am finally happy to find a UTM for the home market :)

So here is my situation. I want to enable web filtering in my home network, but I want to exclude my laptop. I am currently running in Transparent mode, with no sort of AD or Authentication, on UTM 9.2

I have seen post were people were able to exclude IP, but I cannot static IP my laptop. I take the laptop to various networks, and rely on DHCP to make my life easier.

I was able to add my Mac's MAC to the Network Definitions > MAC Addresses, but I can't figure out how to use it in the exception.

When I look at the exception, I see the ability to add users and groups.

Could any point me the right direction. I just want to exclude my laptop via MAC Address from web filtering, but want to make sure it still gets the AV Scan protection and stuff.

Any information or guidance you can provide would be greatly appreciated.

- Ton

Teamviewer Alternativen?

July 5, 2014, 10:51 pm
$
0
0
Fernwartungsspezialist TeamViewer unter neuem Eigentümer - heise online http://heise.de/-2250174
Das Teamviewer schon immer bedenklich war ist klar. Nur bettelt die Löung jetzt ja gerade um Ablösung.
Mein Problem:
Ich habe Zielserver an 378 Kb Leitungen. Teamviewer bekommt das hin aber andere Lösungen brechen da regelrecht zusammen . Wie schaut es aktuell mit dem Html Vpn aus. Die letzen Versuche von mir waren mehr als bescheiden was Geschwindigkeit schin auf normalen Dsl-Leitungen anging.
Welcher Client ist ggf. per VPN Einwahl brauchbar (378kb)?
Gruss
Viewing all 14361 articles
Browse latest View live
Search