EFW Support
Welcome,
Guest
. Please
login
or
register
.
Did you miss your
activation email?
Wednesday 27 November 2024, 12:09:03 pm
1 Hour
1 Day
1 Week
1 Month
Forever
Login with username, password and session length
CLICK HERE
for the The official Endian Roadmap and Issue tracker
14261
Posts in
4377
Topics by
6517
Members
Latest Member:
Sandro
Search:
Advanced search
EFW Support
Support
EFW SMTP, HTTP, SIP, FTP Proxy Support
EFW block port 80 on one ip address
0 Members and 2 Guests are viewing this topic.
« previous
next »
Pages:
[
1
]
Author
Topic: EFW block port 80 on one ip address (Read 27632 times)
rosol
Jr. Member
Offline
Posts: 8
EFW block port 80 on one ip address
«
on:
Wednesday 19 August 2015, 09:27:56 pm »
Hello.
I'm finishing testing Endian on VMware.
It's commercial version - my support is disabled currently :-(
Endian is in 3.0.5 version and last update is 08-10-2015
I'm getting issue like in subject.
Firewall has rule to allow with IPS traffic on port 80 to RED.
And all traffic on 80 port works fine, web pages display correctly expect one ip address.
This blocked ip address on 80 port isn't blocked on 443 port.
IDS is enabled but with default rules, i mean it's not blocking but it's in listening and reporting state.
When i've turned off outgoing connections of FW, got the same issue, this specified ip address is still blocked on 80 port.
Do you have ane advice how to fix it or check what's blocking this ip address on 80 port only?
Thank you.
Logged
rosol
Jr. Member
Offline
Posts: 8
Re: EFW block port 80 on one ip address
«
Reply #1 on:
Wednesday 19 August 2015, 09:30:01 pm »
I've forgot.
On IDS logs got only this one:
Date: Aug 19 13:24:34 Name: (portscan) TCP Portsweep
Priority: n/a Type: n/a
IP info: 192.168.1.124:n/a -> 195.78.66.217:n/a
References: none found SID: n/a
This 195.78.66.217 ip address is blocked on 80 port only.
Other ones are pass through.
Logged
Gabriel GHEORGHIU
Full Member
Offline
Gender:
Posts: 57
Re: EFW block port 80 on one ip address
«
Reply #2 on:
Thursday 20 August 2015, 04:58:40 pm »
Hi
rosol
,
Did you open port 80 on 195.78.66.217?
Best regards,
Gabriel
Logged
rosol
Jr. Member
Offline
Posts: 8
Re: EFW block port 80 on one ip address
«
Reply #3 on:
Thursday 20 August 2015, 07:13:01 pm »
Hello.
FW policy says that all outgoing traffic on 80 port is allowed with IPS.
Additionally i've created rule to open 80 port on this 195.78.66.217 blocked ip address as first rule.
Still got the same issue.
Logged
Gabriel GHEORGHIU
Full Member
Offline
Gender:
Posts: 57
Re: EFW block port 80 on one ip address
«
Reply #4 on:
Thursday 20 August 2015, 07:33:57 pm »
Hello,
Can you draw a schematic of your configuration (how are you using EFW 3.0.5)?
Logged
rosol
Jr. Member
Offline
Posts: 8
Re: EFW block port 80 on one ip address
«
Reply #5 on:
Thursday 20 August 2015, 08:15:48 pm »
Hello.
Below is schema:
Internal network-->FW-->Internet
Very easy :-)
FW is as virtual machine.
Logged
Gabriel GHEORGHIU
Full Member
Offline
Gender:
Posts: 57
Re: EFW block port 80 on one ip address
«
Reply #6 on:
Thursday 20 August 2015, 09:50:17 pm »
Hello,
Ok.
I saw that on 195.78.66.217 are open only the ports 21, 80, 443.
Maybe on that server are allowed, by the firewall in front of it, connections only on port 443 (https) and all conections that are coming on port 80 (hhtp) are dropped or redirected to 443.
(When I have used MS ForfrontTMG, for Webmail access, I have allowed only connections to https, using redirection of port 80 to 443).
Logged
rosol
Jr. Member
Offline
Posts: 8
Re: EFW block port 80 on one ip address
«
Reply #7 on:
Thursday 20 August 2015, 09:56:56 pm »
Hello.
No, you're wrong.
This ip address on port 80 has worked fine and from others ip addresses i'm able to open this web page.
Now i'm in contact to support of this host due to perhaps block my traffic on port 80.
Thank you for help.
Logged
Gabriel GHEORGHIU
Full Member
Offline
Gender:
Posts: 57
Re: EFW block port 80 on one ip address
«
Reply #8 on:
Thursday 20 August 2015, 10:09:37 pm »
You are welcome!
Logged
Pages:
[
1
]
« previous
next »
Jump to:
Please select a destination:
-----------------------------
Announcements
-----------------------------
=> Project News
=> Latest News and Updates
-----------------------------
Support
-----------------------------
=> General Support
=> Installation Support
=> EFW SMTP, HTTP, SIP, FTP Proxy Support
=> VPN Support
=> Hardware Support
-----------------------------
Development
-----------------------------
=> EFW Wishlist
=> Contribute Your Customisations & Modifications
Page created in 0.094 seconds with 19 queries.
Powered by SMF 1.1 RC2
|
SMF © 2001-2005, Lewis Media
Design by
7dana.com