EFW Support

Support => EFW SMTP, HTTP, SIP, FTP Proxy Support => Topic started by: asghardurrani on Tuesday 29 August 2017, 11:06:30 pm



Title: Outgoing firewall configuration
Post by: asghardurrani on Tuesday 29 August 2017, 11:06:30 pm
Hi everyone,

I have installed 3.2.2, Under the Firewall Outgoing Traffic i have DENY all outgoing ports and simply allowed ports that i want. After all these configs i have noticed that Most of HTTPS sites are not working.

Under the HTTP proxy: Configuration i simply made my GREEN subnet not transparent and HTTPS sites are start working.

Can anyone please tell me how do i fix this issue while my GREEN subnet is keep on transparent.

Thanks,


Title: Re: Outgoing firewall configuration
Post by: Dark-Vex on Wednesday 30 August 2017, 08:22:15 pm
You need to enable the HTTPS Proxy while using trasparent, in the HTTP Proxy section there is the tab "HTTPS Proxy", click on generate certificate and then make a tick on "Enable HTTPS Proxy" and the save.
After that you need to import the generated certificate on the browser otherwise you will receive the certificate error

(https://preview.ibb.co/knTrwk/Selection_999_023.png) (https://ibb.co/gwzybk)
img upload (https://it.imgbb.com/)


Title: Re: Outgoing firewall configuration - sip packets
Post by: ipcorpsac on Thursday 14 September 2017, 12:50:54 pm
Hi, I get this drop package when pbx tells to Ip phone that the call has been ended by the destination, ¿who can explain this?

ulogd[2806]: nf_ct_sip: dropping packet IN= OUT=eth2 MAC= SRC=202.202.12.62 DST=190.23.12.13 LEN=359 TOS=00 PREC=0x00 TTL=127 ID=32417 DF PROTO=UDP SPT=5060 DPT=5060 LEN=339 MARK=1fe0

Origin sip server: 202.202.12.62
Destination: 190.23.12.13