 |
 |
Senior Member
|
Join Date: Jan 2013
Posts: 103
|
|
01-04-2013, 01:46 AM
Question About SkyDrive and Ports
I am trying to figure out how to allow all outbound ports and block ones I do not want. Also trying to get skydrive to work with sophos and unable to get it to communicate any suggestions?
|
 |
Grandis Professorem Astaro
|
Join Date: Mar 2007
Location: Oklahoma City
Posts: 14,293
|
|
01-04-2013, 04:12 PM
Hi, Michael, and welcome to the User BB!
By default, the firewall blocks all traffic. For example, when you activate Web Filtering in a Transparent mode, WebAdmin creates an (invisible) firewall rule allowing outbound port-80 traffic for the Hosts/Networks in 'Allowed networks' on the 'Global' tab. If you did the default installation, the wizard had WebAdmin create a rule 'Allow : Internal (Network) -> Web Surfing -> Any'.
Inbound traffic also is blocked by default. The ASG/UTM is a stateful firewall - instead of making firewall rules to let requested traffic in, it uses a connection tracker and automatically allows responses to requests it has sent. In general, you won't need firewall rules to let desired traffic in unless you have a server you want to open to the public.
Cheers - Bob
PS Although this question isn't affected, it's always a good idea to include the exact version you're using - 9.004-34?
__________________
ACE V7 - Astaro Preferred Partner since V3
Sophos Gold Solution Partner
www.MediaSoftUSA.com
Addicted to my iPhone!
|
|
Moderator
|
Join Date: Jul 2001
Location: southern California
Posts: 8,528
|
|
01-04-2013, 06:45 PM
Hi, if you want to allow ALL outbound traffic, you can create a PacketFilter rule:
Source: Internal Network
Service: ANY
Destination: Internet
ALLOW
You can look at the PacketFilter, WebSecurity AKA ContentFilter, and IPS logs if traffic is still blocked.
Barry
__________________
http://JobOyster.com
http://DealBert.net
End-user since v1.x - ASL 8.3x, HP DL145, 1GB RAM, 6 gigE NICs, 50-IP Platinum License
- ASL 7.5x, HP DL360G5, Xeon 5160, 3GB, RAID, gigE NICs, 50-IP Platinum License
- ASL 9.0x, 17-watt fanless mini-ITX system: MSI IM-945GSE-A Atom n270, 2GB RAM, Morex T3310 case. 2 Intel GigE, 3 VLANs. 80G 5200rpm 2.5" HD.
Netgear GS108T gigE VLAN switch & Astaro AP30 Access Point with VLANs.
100-IP Home Power User License. 15/5mbit FiOS internet.
|
|
Senior Member
|
Join Date: Jan 2013
Posts: 103
|
|
01-04-2013, 06:46 PM
Thank you That Works  Another issue I am running into is I can not access my internal network over L2TP. I can browse the web fine but no Internal Network Access.
|
|
Moderator
|
Join Date: Jul 2001
Location: southern California
Posts: 8,528
|
|
01-04-2013, 06:49 PM
Hi,
I posted about the same time as you, so make sure you see my post above.
You'll need a rule to allow your L2TP Pool to access the Internal Network (or you can check the 'Auto PacketFilter Rule' option in the VPN configuration).
Barry
__________________
http://JobOyster.com
http://DealBert.net
End-user since v1.x - ASL 8.3x, HP DL145, 1GB RAM, 6 gigE NICs, 50-IP Platinum License
- ASL 7.5x, HP DL360G5, Xeon 5160, 3GB, RAID, gigE NICs, 50-IP Platinum License
- ASL 9.0x, 17-watt fanless mini-ITX system: MSI IM-945GSE-A Atom n270, 2GB RAM, Morex T3310 case. 2 Intel GigE, 3 VLANs. 80G 5200rpm 2.5" HD.
Netgear GS108T gigE VLAN switch & Astaro AP30 Access Point with VLANs.
100-IP Home Power User License. 15/5mbit FiOS internet.
|
|
Senior Member
|
Join Date: Jan 2013
Posts: 103
|
|
01-04-2013, 06:57 PM
Sorry I seen your earlier post about that time to. Under what configuration window please forgive me I am still learning this great product. Testing it on a old computer before I build a permanent PC for it. If not could you please attach a screen shot of where you are talking about.
|
|
Moderator
|
Join Date: Jul 2001
Location: southern California
Posts: 8,528
|
|
01-04-2013, 07:34 PM
Hmm, I guess only some of the VPNs have that option...
Create a PacketFilter rule:
Source: VPN Pool (L2TP)
Service: ANY
Destination: ANY
ALLOW
Barry
__________________
http://JobOyster.com
http://DealBert.net
End-user since v1.x - ASL 8.3x, HP DL145, 1GB RAM, 6 gigE NICs, 50-IP Platinum License
- ASL 7.5x, HP DL360G5, Xeon 5160, 3GB, RAID, gigE NICs, 50-IP Platinum License
- ASL 9.0x, 17-watt fanless mini-ITX system: MSI IM-945GSE-A Atom n270, 2GB RAM, Morex T3310 case. 2 Intel GigE, 3 VLANs. 80G 5200rpm 2.5" HD.
Netgear GS108T gigE VLAN switch & Astaro AP30 Access Point with VLANs.
100-IP Home Power User License. 15/5mbit FiOS internet.
|
|
Senior Member
|
Join Date: Jan 2013
Posts: 103
|
|
01-06-2013, 01:39 AM
Where is the packet filter location at in the UTM?
|
 |
Senior Member
|
Join Date: Sep 2012
Location: DaHoam
Posts: 264
|
|
01-06-2013, 10:07 AM
'Network Protection' >> 'Firewall'
__________________
Catch the giant and have a nice day!
GMF IFoS inc.
- 6x 220 Rev.4 - ASG 8.309
- 4x 220 Rev.5 - UTM 9.006-5
- 1x 120 Rev.5 - UTM 9.005-16 Active/Passive
- 1x RX300S5 2xIntel(R) Xeon(R) CPU E5310 @ 1.60GHz 8GB Ram - ASG 8.308 Active/Passive 100 IPs
- 1x RX100S7 1xIntel(R) Xeon(R) CPU E3-1220 V2 @ 3.10GHz 8GB Ram - ASG 8.308 Active/Passive 250 IPs
- 1x vmware UTM 9.006-5 HomeLicense
- 15x RED 10
- 1x ACC 3.002
|
|
Senior Member
|
Join Date: Jan 2013
Posts: 103
|
|
01-06-2013, 09:15 PM
Ok sky drive was working than it has stopped working. It keeps saying checking for changes any idea what Might be wrong?
|
| Thread Tools |
|
|
| Display Modes |
 Linear Mode
|
Posting Rules
|
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
HTML code is Off
|
|
|
All times are GMT. The time now is 12:47 PM.
|
