Quantcast
Channel: Sophos User Bulletin Board
Viewing all 14361 articles
Browse latest View live

2 easy question

April 26, 2015, 2:16 pm
$
0
0
hi everyone,
I have two simple questions thank you in advance for your attention,

1) there is a system to see all ip connected to the router?
And those in which the DHCP assigned IP manually?

2) Currently I have to test the product license "Home use only" 50 Max User.
What exactly is 50 User?
the IP that can simultaneously connect to the router?
If I connect with a laptop and is assigned an IP and I always unplug it after 50 devices can use?
I ask this because in the "Licenses - Ip Addresses Active" there is' a list of ip used by devices that are connected to the router does not quite understand what it means to that list

Thanks in advance
Roby
Search

RP Routing With Cisco SG200 and UTM

April 26, 2015, 6:38 pm
$
0
0
I am still trying to navigate my way through transitioning to the UTM and a managed network. What an interesting experience so far!

Next on my list is multicast packet routing. My intended goal is to manage which VLANs and/or clients would be able to access which multicast-dependent devices/services multicast messages. One example would be allowing a Sonos to be controlled by a guest network - even though they are on different VLANs.

I have read that this challenge requires an RP Router - something that is brand new to me.

After some searching around online and within my Cisco SG200 switch, I am still confused as to whether I have everything I need to pull this off (other than the current know-how - which I know I don't have yet).

If anyone who is familiar with this topic and/or Cisco switches could help, it would be greatly appreciated.

Does the SG200-26 have what I need to work with the UTM to route multicast from one device or network to another device or network?

The manual is here and contains a "multicast" section. I am still trying to parse the information.
https://www.cisco.com/c/dam/en/us/td...e/78-21139.pdf

UTM9.308-16 Routing to VLAN Gateway

April 26, 2015, 7:54 pm
$
0
0
Hello,

I am attempting to replicate my fully working existing pfsense firewall with a UTM9 system. I am using ESX5.5 and passing a lag (with 2 interfaces) through trunking several VLANs including my Internet connection and local LANs. This has been working very well with pfsense for a year but with much encouragement from a friend I'm trying the UTM. I'm close, but not quite.

Support pics: https://www.dropbox.com/sh/zftlw6qj0...zGsS3_a?dl=0#/

Note: Attaching them in groups of 5 in following posts also.. #security

Basically I have the following:

eth0, eth1 aggregated into lag0
eth2 Guest Network (physical interface) - DHCP enabled
eth3 Management (physical OOB management network interface) - DHCP enabled
lag0 Trunk which carries the following vlans:

VLAN10-Shed1 - DHCP Enabled
VLAN5-Home - DHCP Enabled
VLAN666-NBN - Set to Dynamic IP and IPv4 Default GW

The internet connection is brought to the UTM via VLAN666, it is assigned via DHCP a single IP address and is set to be the Default Gateway

VLAN 5 and 10 as well as Guest are just seperate Networks for isolating different devices on seperate subnets assigned with varying DHCP settings.

Everything seems great, all the interfaces come up including VLAN666 which is assigned my IP address from the ISP (I have NBN in Australia) and the default gateway shown (Please note I removed the last 2 octets for privacy on the images, they are there and correct).

The only problem is I have no internet connectivity. I've tried all sorts of rules and playing with routes (which i know shouldnt need to be done). The rules shown in the pic are from the default of a UTM setup with the wizard and simply should work.

Fault finding:

You can see the firewall live log shows it's functioning wanting to pass the correct traffic (DNS and web)

A ping check of the gateway fails with the support tool which is odd, something to note though when checking the 'Ping over Inferface' dropdown theres the choice of Use Closest Route, Guest, Management and Trunk only. Interesting, no VLAN interfaces. Could this be the issue?

At this stage after quite a bit of experimentation I'm not certain that this isn't a bug of some sort. Routing my internet traffic via a default gateway on a trunked vlan interface.

Now, I know this works.. I do it now with pfsense and I can turn off the UTM interfaces and power up pfsense and away it goes perfectly. I'm close with UTM, but if anyone could help I'd much appreciate it.

I _could_ bring out VLAN 666 on a single port from the switch to a single physical interface on the ESX host and pass it through as a single interface to UTM, but given pfsense works fine with the inbound vlan/gateway I would have expected UTM to do at least the same no?

Regards..

PP

Attached Images
File Type: jpg Dashboard.jpg (98.0 KB)
File Type: png DHCP.PNG (79.8 KB)
File Type: jpg DNS.jpg (73.5 KB)
File Type: png Firewall Log.PNG (79.0 KB)
File Type: jpg Firewall.jpg (57.4 KB)

Viewing FULL Urls in Web Usage Report UTM 9.310

April 26, 2015, 9:12 pm
$
0
0
Hi,

I have been asked to retrieve the web logs for a particular user in a particular time frame but we actually need to see the full Urls they have visited. For example, when I add a filter of user and time it shows that googlevideo.com is their top site but I want to actually see which YouTube Urls they went to in that period. Can anyone point me in the right direction to see these?

Cheers,
Brendan

Detected Tx Unit Hang

April 27, 2015, 2:14 am
$
0
0
Hallo zusammen,

ich betreibe einen ESXi 6.0.0 (Build 2615704) mit einer VM für die UTM (v9.310-11) und zwei Debian 7.8 VMs, auf der einen läuft ein Apache und auf der anderen VM läuft der MySQL Server.

Auf dem Server sind rund 10 Webseiten die alle kaum Ressourcen benötigen.
Mein externes Monitoring meldete mir heute gegen 06:15 Uhr das die beiden Server nicht mehr auf Ping / HTTP Anfragen reagierten.

Die UTM selbst ist zu dem Zeitpunkt auch gestartet gewesen
hat aber nichts mehr durchgelassen, ein Restart der VM behebte das Problem.

Daraufhin habe ich mir die Logdateien der UTM angeschaut und bin in der
kernel.log schliesslich fündig geworden:

Code:
kernel.log
2015:04:27-06:15:42 utm kernel: [1115617.596637] e1000 0000:02:00.0 eth0: Detected Tx Unit Hang
2015:04:27-06:15:42 utm kernel: [1115617.596637]  Tx Queue            <0>
2015:04:27-06:15:42 utm kernel: [1115617.596637]  TDH                  <bf>
2015:04:27-06:15:42 utm kernel: [1115617.596637]  TDT                  <c0>
2015:04:27-06:15:42 utm kernel: [1115617.596637]  next_to_use          <c0>
2015:04:27-06:15:42 utm kernel: [1115617.596637]  next_to_clean        <bf>
2015:04:27-06:15:42 utm kernel: [1115617.596637] buffer_info[next_to_clean]
2015:04:27-06:15:42 utm kernel: [1115617.596637]  time_stamp          <11126b01b>
2015:04:27-06:15:42 utm kernel: [1115617.596637]  next_to_watch        <bf>
2015:04:27-06:15:42 utm kernel: [1115617.596637]  jiffies              <11126b287>
2015:04:27-06:15:42 utm kernel: [1115617.596637]  next_to_watch.status <0>
2015:04:27-06:15:45 utm kernel: [1115620.431242] e1000 0000:02:00.0 eth0: Detected Tx Unit Hang
2015:04:27-06:15:45 utm kernel: [1115620.431242]  Tx Queue            <0>
2015:04:27-06:15:45 utm kernel: [1115620.431242]  TDH                  <bf>
2015:04:27-06:15:45 utm kernel: [1115620.431242]  TDT                  <c0>
2015:04:27-06:15:45 utm kernel: [1115620.431242]  next_to_use          <c0>
2015:04:27-06:15:45 utm kernel: [1115620.431242]  next_to_clean        <bf>
2015:04:27-06:15:45 utm kernel: [1115620.431242] buffer_info[next_to_clean]
2015:04:27-06:15:45 utm kernel: [1115620.431242]  time_stamp          <11126b01b>
2015:04:27-06:15:45 utm kernel: [1115620.431242]  next_to_watch        <bf>
2015:04:27-06:15:45 utm kernel: [1115620.431242]  jiffies              <11126b54c>
2015:04:27-06:15:45 utm kernel: [1115620.431242]  next_to_watch.status <0>
2015:04:27-06:15:45 utm kernel: [1115620.899151] e1000 0000:02:00.0 eth0: Detected Tx Unit Hang
2015:04:27-06:15:45 utm kernel: [1115620.899151]  Tx Queue            <0>
2015:04:27-06:15:45 utm kernel: [1115620.899151]  TDH                  <bf>
2015:04:27-06:15:45 utm kernel: [1115620.899151]  TDT                  <c0>
2015:04:27-06:15:45 utm kernel: [1115620.899151]  next_to_use          <c0>
2015:04:27-06:15:45 utm kernel: [1115620.899151]  next_to_clean        <bf>
2015:04:27-06:15:45 utm kernel: [1115620.899151] buffer_info[next_to_clean]
2015:04:27-06:15:45 utm kernel: [1115620.899151]  time_stamp          <11126b01b>
2015:04:27-06:15:45 utm kernel: [1115620.899151]  next_to_watch        <bf>
2015:04:27-06:15:45 utm kernel: [1115620.899151]  jiffies              <11126b5c1>
2015:04:27-06:15:45 utm kernel: [1115620.899151]  next_to_watch.status <0>
2015:04:27-06:15:47 utm kernel: [1115622.429701] e1000 0000:02:00.0 eth0: Reset adapter
Code:
ethtool -k eth0
Features for eth0
rx-checksumming: off
tx-checksumming: on
      tx-checksum:-ipv4: off [fixed]
          tx-checksum-ip-generic: on
          tx-checksum-ipv6: off [fixed]
          tx-checksum-fcoe-crc: off [fixed]
          tx-checksum:-sctp: off [fixed]
scatter-gather: on
      tx-scatter-gather: on
          tx-scatter-gather-fraglist: off [fixed]
tcp-segmentation-offload: on
      tx-tcp-segmentation: on
          tx-tcp-ecn-segmentation: off [fixed]
          tx-tcp6-segmentation: off [fixed]
udp-fragmentation-offload: off [fixed]
generic-segmentation-offload: on
generic-recieve-offload: on
large-recieve-offload: off [fixed]
rx-vlan-offload: on
tx-vlan-offload: on [fixed]
ntuple-filters: off [fixed]
receive-hashing: off [fixed]
highdma: off [fixed]
rx-vlan-filter: on [fixed]
vlan-challenged: off [fixed]
tx-lockless: off [fixed]
netns-local: off [fixed]
tx-gso-robust: off [fixed]
tx-fcoe-segmentation: off [fixed]
tx-gre-segmentation: off [fixed]
tx-udp_tnl-segmentation: off [fixed]
tx-mpls-segmentation: off [fixed]
fcoe-mtu: off [fixed]
tx-nocache-copy: off
loopback: off [fixed]
rx-fcs: off
rx-all: off
tx-vlan-stag-hw-insert: off [fixed]
tx-vlan-stag-hw-parse: off [fixed]
tx-vlan-stag-filter: off [fixed]
Im Hostsystem ist übrigens eine Intel 82574L verbaut.
Über die Google Suche habe ich bereits gelesen dass man GRO, GSO und TSO deaktivieren soll als Workaround allerdings soll das zu Performanceverlust führen. Habt ihr vielleicht noch eine andere Idee?



Viele Grüße

DasBill

C2/Generic-A FP

April 27, 2015, 3:01 am
$
0
0
Hi,

C2/Generic-A triggered when I was trying to talk to a VPS that we have rented off-net (and which we've been renting for the best part of a year at this point, but which I guess I only just tried to talk to from behind a sophos UTM).

How can I get the false positive removed from the database?

Phil

Endpoint Protection

April 27, 2015, 3:14 am
$
0
0
Hello
I have FullGuard license for my UTM 425 and want to use the endpoint protection feature. I just want to be sure that there is no limit in using this feature. for example is there any limitation in number of users ?

Checking aktive IP Adresses for licensing

April 27, 2015, 4:12 am
$
0
0
Hi volks,

by using the command count_active_ip.plx --showcount via a ssh session on my UTM 525, there will be shown all direct connected Networks with REDs. One Network not shown is connected directly as well. But only for routing to the rest of the Network. And all IPs bhind this network are not counted with the command above. Does anybody know why? or how i can count them? I have to choose the right licensing for my software UTM.

Thanks
Search

Live AV Look-ups in Email Protection

April 27, 2015, 4:13 am
$
0
0
Hello,

I would like to ask you about new feature:
Quote:
Live AV Look-ups in Email Protection
Introduced previously in UTM 9.2 for Web Protection, Live AV look-ups now come to UTM Email Protection. This option will improve the malware detection rates by consulting the cloud infrastructure from SophosLabs in real-time for possible threat matches. Look-ups that fail will still be scanned by the AV engine, and as part of our global feedback network unknown files will be sampled for execution and deep analysis by SophosLabs to benefit the global community while allowing you to tap the knowledge gained by these events worldwide.
What actually is sent to SophosLabs?

How do I turn it off? Haven't found any settings in Email Protection -> SMTP..

Management -> System settings -> Scan Settings -> Advanced Threat Protection Options -> Send suspicious content to SophosLabs for analysis

?

Firmware version: 9.310-11

HTTP Proxy Stops Responding

April 27, 2015, 4:36 am
$
0
0
Hello

I've opened a case with Sophos premium support, but I thought I'd post the problem here as well to see if anyone has any suggestions.

A few times per day we're getting "Proxy server not responding". I managed to catch it in the live log today, and this is the last few lines before it stops responding:

2015:04:27-11:40:34 sophosutm httpproxy[5759]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="parse_address" file="util.c" line="464" message="getaddrinfo: passthrough6.fw-notify.net: Name or service not known"
2015:04:27-11:40:34 sophosutm httpproxy[5759]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="confd_config_filter" file="confd-client.c" line="3384" message="failed to resolve passthrough6.fw-notify.net, using 2a01:198:200:680::8080"
2015:04:27-11:40:34 sophosutm httpproxy[5759]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="read_request_headers" file="request.c" line="1567" message="Read error on the http handler 1746 (Input/output error)"
2015:04:27-11:40:34 sophosutm httpproxy[5759]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="read_request_headers" file="request.c" line="1567" message="Read error on the http handler 971 (Input/output error)"
2015:04:27-11:40:34 sophosutm httpproxy[5759]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="read_request_headers" file="request.c" line="1567" message="Read error on the http handler 448 (Input/output error)"
2015:04:27-11:40:34 sophosutm httpproxy[5759]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="confd_network_filter" file="confd-client.c" line="1851" message="failed to get network: Operation not permitted (req=[{ "id": 399308, "method": "get_object", "params": [ "" ] }])"
..... [few more of the same]
2015:04:27-11:40:37 sophosutm httpproxy[5759]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="aptp_reload" file="aptpscanner.c" line="133" message="reloading ATP pattern"


Clients are configured to use the utm as a proxy, and transparently, but both have problems.

Any ideas appreciated!

Matt

Webserver Protection Verständnissproblem

April 27, 2015, 7:17 am
$
0
0
Hey Leute,

ich kämpfe mal wieder mit dem Webserver Protection Modul und stehe vor einem Problem das ich bisher so noch nicht hatte. Folgende Konstellation:

#1 Virtuellen Webserver erstellt welcher per https auf eine Domäne "subdomände.domände.de" verweist. Zertifikat wurde in der UTM selbst erstellt.

#2 Echten Webserver erstellt welcher per http mit der UTM kommuniziert.

Soweit sogut, die externe Kommunikation läuft verschlüsselt per HTTPS, hinter der UTM geht es dann per HTTP weiter, das funktioniert auch wunderbar.

Nun benötigt der Webserver einen 2. Port um Fileservices bereit zu stellen, unter NAT hätte ich jetzt einfach eine 2. NAT Regel erstellt. Im Webserver Modul ist mir dazu leider nichts vernünftiges eingefallen :-/

Cu, Abyss_X

Conditional parent proxy

April 27, 2015, 7:51 am
$
0
0
Hi,
Is it possible to parameter parent proxy for a list of URL . I am able to parameter it all URL requested by specific user or by specific source ip address but I would like to use parent proxy only for few URL accessed by this user or by this source.
I am using version 9.310-11
Thanks

Setup proxy for specific devices

April 27, 2015, 10:33 am
$
0
0
I try to make a setup where only specific pc’s are using the proxy all other devices are allowed to connect to the internet directly.
I made a rule to block port 80/433 access as source i define the specific pc that has to use the proxy.
But when i enable the proxy i don’t have Internet on the other devices where I do not setup the proxy.
What I’m doing wrong?

Open Ports 232, 123, 37

April 27, 2015, 2:45 pm
$
0
0
I'm new to Sophos and firewalls, I'm using Sophos to try to get a little smarter about firewalls. Pretty sure my issue has to do with port forwarding, I'm using Sophos home edition and a Vera 3 Home Controller (static IP address 192.162.1.x) The Sophos firewall is working fine with allowing me to surf the internet with both wired devices (desktop PC etc) and also my wireless devices (using a D-Link AP), unfortunately the Vera 3 is not working with the firewall (Vera is a wired device). I contacted Vera 3 tech support and their responds back was: "Can you open ports 232, 123 and port 37 for the Vera unit."
I'm assuming when they say 'open' they mean port forwarding, using the documents/suggestions on this website and others I've attempted numerous times to configure port forwarding on the Sophos and have failed miserable (several times :o ) Would someone be willing to walk me thru how to forward these 3 ports?
Thanks!!

Unnecessary DNS syslog messages

April 27, 2015, 2:56 pm
$
0
0
I'm seeing logs for rule 60011 which is overflowing my syslog server. These logs originate from one subnet to another internal subnet for my internal DNS server, is there a way to disable these logs specifically or turn off rule 60011? See https://www.sophos.com/en-us/support...se/115029.aspx for what rule 60011 is.

Here's a look at some of the logs:
Apr 27 17:38:53 <HOSTNAME> 2015: 04:27-17:38:53 <HOSTNAME> ulogd[9028]: id="2014" severity="info" sys="SecureNet" sub="packetfilter" name="DNS request" action="DNS request" fwrule="60011" initf="eth1.200" srcmac="00:0c:29:86:4a:dd" dstmac="00:30:18:c3:aa:50" srcip="10.0.1.196" dstip="10.0.1.4" proto="17" length="67" tos="0x00" prec="0x00" ttl="64" srcport="50238" dstport="53"
Apr 27 17:38:53 <HOSTNAME> 2015: 04:27-17:38:53 <HOSTNAME> ulogd[9028]: id="2014" severity="info" sys="SecureNet" sub="packetfilter" name="DNS request" action="DNS request" fwrule="60011" initf="eth1.200" srcmac="00:0c:29:86:4a:dd" dstmac="00:30:18:c3:aa:50" srcip="10.0.1.196" dstip="10.0.1.4" proto="17" length="67" tos="0x00" prec="0x00" ttl="64" srcport="36427" dstport="53"
Apr 27 17:38:57 <HOSTNAME> 2015: 04:27-17:38:57 <HOSTNAME> ulogd[9028]: id="2014" severity="info" sys="SecureNet" sub="packetfilter" name="DNS request" action="DNS request" fwrule="60011" initf="eth1.200" srcmac="00:0c:29:86:4a:dd" dstmac="00:30:18:c3:aa:50" srcip="10.0.1.196" dstip="10.0.1.4" proto="17" length="56" tos="0x00" prec="0x00" ttl="64" srcport="59690" dstport="53"
Apr 27 17:39:01 <HOSTNAME> 2015: 04:27-17:39:01 <HOSTNAME> ulogd[9028]: id="2014" severity="info" sys="SecureNet" sub="packetfilter" name="DNS request" action="DNS request" fwrule="60011" initf="eth1.200" srcmac="00:0c:29:86:4a:dd" dstmac="00:30:18:c3:aa:50" srcip="10.0.1.196" dstip="10.0.1.4" proto="17" length="72" tos="0x00" prec="0x00" ttl="64" srcport="49798" dstport="53"
Apr 27 17:39:01 <HOSTNAME> 2015: 04:27-17:39:01 <HOSTNAME> ulogd[9028]: id="2014" severity="info" sys="SecureNet" sub="packetfilter" name="DNS request" action="DNS request" fwrule="60011" initf="eth1.200" srcmac="00:0c:29:86:4a:dd" dstmac="00:30:18:c3:aa:50" srcip="10.0.1.196" dstip="10.0.1.4" proto="17" length="72" tos="0x00" prec="0x00" ttl="64" srcport="49798" dstport="53"
Apr 27 17:39:02 <HOSTNAME> 2015: 04:27-17:39:02 <HOSTNAME> ulogd[9028]: id="2014" severity="info" sys="SecureNet" sub="packetfilter" name="DNS request" action="DNS request" fwrule="60011" initf="eth1.100" srcmac="f4:6d:04:ef:e0:8e" dstmac="00:30:18:c3:aa:50" srcip="10.0.1.4" dstip="10.0.1.1" proto="17" length="74" tos="0x00" prec="0x00" ttl="64" srcport="46934" dstport="53"
Search

UTM reporting Exceeding licensing usage, but I don't have more than 50 IPs!

April 27, 2015, 5:02 pm
$
0
0
Hello,

This past days I've received numerous emails telling me that I'm exceeding the allowed number of IPs in my installation.

My network is using addresses from 192.168.0.1 to 192.168.7.255, but that's just to have the servers, clients and other equipment segmented. My DHCP server only assigns addresses from 192.168.2.0 to 192.168.6.255. I have checked the server and it has maybe 20 IPs assigned. All of them on the 192.168.2.x range (which is what is expected).

But checking the list of assigned IPs on Sophos, it shows a lot of, for instance, 192.168.1.x addresses. I don't have *any* machine using that range in my network. It also shows some addresses in the 192.168.7.x range that doesn't exist (I can't do ping to any of those addresses).

I have already cleaned the list of active IPs, first thing I did on the morning, andjust 5 minutes ago I received another email, and the list shows again what, as far as I can see, are non-existent IPs on my installation.

What can be happening? I'm sure there are no users accessing, for instance, my WiFi, but just to be sure, I have already changed the password. Today it's been actually very few users connected, counting VMs and so on, maybe 10 different IPs.

Thanks for your help

Multiwan error

April 27, 2015, 6:35 pm
$
0
0
I posted a while back asking how to setup my multiwan situation and didnt get many replies but from the few i did get i managed to get something that is semi working but it is getting annoying so i am asking for your help. I am using the UTM as a virutal machine. i did a passthrough for the NIC carrying in my WAN connection from cable company. the other adapters are all virtual which connected to my LAN. I also have and LTE Modem. i have it attached to an asus wifi router. there are two reasons why i dont have it attached to sophos.. 1: i am not certain i could get it setup properly with the drivers and such 2: i have had my server witht he UTM crash before so the backup connection woudlnt work either. This way i have both hardware and connection redundancy.

my UTM is 192.168.1.1 and my asus router is 192.168.1.254. Other than turning off dhcp everything else is set to default settings. that means it also has NAT enabled.

so to setup multilink i created a virtual nic that is attached to my lan with the IP address 192.168.1.253 and assigned the default gateway under that interface as 192.168.1.254..

all behavior works normally but after a few mins the backup lte connection link state goes to error and wont work untill the asus router is restarted.. not sure why it does that.. help?

SAA installation

April 27, 2015, 9:23 pm
$
0
0
Hi everyone,
I want to use SAA for client Authentication but my problem is that users do no have software installation permission. Is there a way to install it without adding them to local administrators group?

App control

April 27, 2015, 9:42 pm
$
0
0
Hi again,
Is there any way to block using some application to some users, with web filtering feature enabled?

dumme Frage - externe IP - internes Netz

April 28, 2015, 4:18 am
$
0
0
Hey Leute,

beim rumspielen mit der Webserver Protection bin ich eben auf etwas gestoßen was mir schon länger bekannt ist wofür ich aber keine schlüssige Erklärung habe. Vielleicht kann ja jemand etwas Licht ins Dunkel bringen :)

Man nehme eine öffentliche IP, baue sich eine DMZ und stelle einen wie auch immer gearteten Webserver in die DMZ. Jetzt richtet man die Webserver Protection auf das externe Interface ein und alles ist schick.

Von außen ist der Server über die Öffentliche IP erreichbar und von innen würde man einfach eine entsprechende Firewall Rule einrichten um vom internen Netz auf den Server zu kommen.

Nun wäre es ja grundsätzlich schöner auch vom Internen Netz die öffentliche IP sowie das Webserver Protection Modul zu nutzen. Die UTM lässt den Traffic allerdings nicht zu und im Logfile erscheinen etwas verwirrende Einträge (Anhang). Die IP 80.XX.XX.105 ist übrigens nicht das Externe WAN Interface sondern das Interface hinter dem der Webserver hängt, Webadmin ist nicht von außen erreichbar und liegt auch nicht auf der 443.



Cu, Abyss_X

Attached Images
File Type: jpg LOG.jpg (23.7 KB)
Viewing all 14361 articles
Browse latest View live
Search