EFW Support

Support => General Support => Topic started by: darkzslayers on Thursday 06 October 2016, 03:42:27 pm



Title: Can't access web server from inside (local network-green)
Post by: darkzslayers on Thursday 06 October 2016, 03:42:27 pm
hello....
i need access my headquarters web server from our branch..
they have given specify ip address with port...
i already create a rule on port forwarding, but still can't access... i can't even ping my headquarters ip from inside...
did i miss something?

iam newbie on this firewall field


Title: Re: Can't access web server from inside (local network-green)
Post by: darkzslayers on Thursday 03 November 2016, 06:43:39 pm
hello...
that anybody can help me to resolve this problem, i will pay for whom helped me solve


Title: Re: Can't access web server from inside (local network-green)
Post by: Gabriel GHEORGHIU on Saturday 05 November 2016, 03:40:39 am
You said that you created a port forward rule for the web server. Where? On which server? Not on your UTM!

You need to access the web server which is in other location, from your location?
If yes and for that web server you have other port asigned than 80 and/or 443, you must create on your UTM an outgoing rule to that port.
Check the outgoing rules.


Title: Re: Can't access web server from inside (local network-green)
Post by: darkzslayers on Monday 21 November 2016, 02:27:59 pm
hii gabriel..

yup, that web server out from my UTM...
correct me if wrong, that port forwarding it for outside user to access inside UTM web server right..
in my case, i want access outside web server...
i already create rule on outgoing traffic like attachment. still not working.
that i miss something?


Thanks for your concern, sorry for bad english


Title: Re: Can't access web server from inside (local network-green)
Post by: darkzslayers on Monday 21 November 2016, 02:39:01 pm
attachment its missing.... ??? outgoing traffic

Source   Destination        Service                      Policy      Remark      Actions
GREEN   RED                     TCP+UDP/443            ALLOW                                          1st rule
                                          TCP+UDP/50443
                                          TCP+UDP/8443
                                          TCP+UDP/3220
                                          TCP+UDP/3200
                                          TCP+UDP/3201
                                          TCP+UDP/3230
                                          TCP+UDP/8080

GREEN    10.38.206.90       TCP+UDP/443           ALLOW                                           2nd rule
              10.38.206.13        TCP+UDP/50443
              10.38.206.20        TCP+UDP/8443
              10.38.206.93        TCP+UDP/3220
              10.38.206.85        TCP+UDP/3200
              10.38.206.26        TCP+UDP/3201
              10.38.206.86        TCP+UDP/3230
              10.38.206.78        TCP+UDP/8080
              10.38.206.102 


Title: Re: Can't access web server from inside (local network-green)
Post by: Gabriel GHEORGHIU on Tuesday 22 November 2016, 05:06:17 am
Hi darkzslayers,

- that port forwarding is for outside user to access inside UTM web server -  right, is not your case

I think the service is TCP/port:

Source: GREEN / Destination: RED / Service: TCP/your_webserver_port


Title: Re: Can't access web server from inside (local network-green)
Post by: darkzslayers on Wednesday 23 November 2016, 02:18:51 pm
u mean like this gabriel

Source   Destination        Service                      Policy      Remark      Actions
GREEN   RED                      TCP/443                 ALLOW                                          1st rule
                                          TCP/50443
                                          TCP/8443
                                          TCP/3220
                                          TCP/3200
                                          TCP/3201
                                          TCP/3230
                                          TCP/8080

already done, but still cant access that webserver...
that anything related on routing table?
if i by pass UTM, everything going fine


Title: Re: Can't access web server from inside (local network-green)
Post by: Gabriel GHEORGHIU on Wednesday 23 November 2016, 05:56:15 pm
Yes.

I read that you cannot even ping your website.
Maybe your website is blocked by a rule.

Maybe your UTM proxy settings are wrong, but I presume that you can browse other websites.
Try to bypass transparent proxy on UTM for your website:
Proxy -> HTTP -> Configuration -> Bypass transparent proxy -> Bypass transparent proxy to SUBNET/IP: your IP website.

Your website use SSL?
If yes, try to put the port of the website in:
Proxy -> HTTP -> Configuration -> Allowed ports and ssl ports

Also I read that sometime it works with "Keep original source IP address in not transparent mode", disabled.


Title: Re: Can't access web server from inside (local network-green)
Post by: darkzslayers on Wednesday 23 November 2016, 07:40:08 pm
yeep...

u right, ican't ping that website and can access other...
i've disable proxy, coz i didn't know purpose of proxy and some website cannot access if i enable the proxy...


done with proxy setting and ssl, but still don't work...
need disable that proxy, i can't access this website if proxy enable


Title: Re: Can't access web server from inside (local network-green)
Post by: darkzslayers on Wednesday 23 November 2016, 07:43:11 pm
yeep...

u right, ican't ping that website and can access other...
i've disable proxy, coz i didn't know purpose of proxy and some website cannot access if i enable the proxy...


done with proxy setting and ssl, but still don't work...