Welcome, Guest. Please login or register.
Did you miss your activation email?
Sunday 18 April 2021, 09:30:12 pm

Login with username, password and session length

The Latest Endian Firewall is now available for download HERE
14085 Posts in 4293 Topics by 6184 Members
Latest Member: nivaldo
Search:     Advanced search
Pages: [1] 2 3 4 5 ... 10
 1 
 on: Today at 12:47:51 am 
Started by nivaldo - Last post by nivaldo
Hi folks, I need to restrict the access to SOME not all users to a especific IP address. I´ve tried to do so by setting the Advanced Options on his configuration, "Force only those networks" and "network behind the client" to 192.168.10.10/32 witch is the IP that I want to authorize the access, but had no luck. The client stills access all my network resources. Any idea how can I achieve this configuration?

Regards,
Nivaldo

 2 
 on: Yesterday at 05:38:58 am 
Started by akehlert - Last post by hadexx
Brute Force Attack - Non stop ssh login attempts

I am running EFW, lastest up.
I am getting hit by a brute force atatck of constant ssh logins attempts.

How do I automatically block those IP's



 if you try to block access only to known IPs or at least only of your country.

 3 
 on: Yesterday at 05:37:01 am 
Started by hadexx - Last post by hadexx
TCP: 4244,5222,5223,5228,5242
TCP/UDP: 59234, 50318
UDP: 3478,45395

All works video and calls

 4 
 on: Friday 16 April 2021, 05:15:09 am 
Started by beto2p - Last post by beto2p
No Endian 3.3.5 o clamav não está atualizando as definições de vírus.
O conexão com a internet está ok. Consigo pingar para database.clamav.net e resolver o host.
Tenho três clientes com esta verão 3.3.5 que atualizei recentemente.
Na 3.3.0 está ok!

Can"t download daily.cvd from database.clamav.net
reshclam (6307) Giving up on database.clamav.net...
freshclam (6307) Update failed. Your network may be down or none of the mirrors listed in /etc/clamav/freshclam.conf is working. Check http://www.clamav.net/doc/mirrors-faq.html for possible reasons.
clamd (14069) SelfCheck: Database status OK.

 5 
 on: Monday 08 March 2021, 05:40:51 pm 
Started by miki22 - Last post by miki22
little note, the 192.168.0.X segment is on the GREEN interface

 6 
 on: Monday 08 March 2021, 08:23:05 am 
Started by miki22 - Last post by miki22
Good evening
A customer calls me because he has to access his crm from the outside.
From the internal network he accesses his crm with the local ip, then:
192.168.0.86:81/login.aspx

So I go to the Endian firewall, the latest version and set, on the item: "Port Forwarding NAT"

Incoming IP: Any Uplink
TCP + UDP: 81
Destination ip: 192.168.086
TCP + UDP: 81
-> NAT
-> Active

Anything. Does not work.

So I go to the item: "Access to the system"

Source ip = white
Source interface = Any
service = personalized
tcp + udp = 81
Consent

Anything. Does not work.

Anyone know what the problem is?
Thank you

 7 
 on: Monday 08 March 2021, 08:11:13 am 
Started by miki22 - Last post by miki22
ok i try to review the problem, thanks a lot for the reply!

 8 
 on: Saturday 20 February 2021, 07:53:04 pm 
Started by thaobn20 - Last post by thaobn20
1. Description
I've two Endian version 3.3.4. i'm using Authentication type PSK(Abc123456)


Options

2. Environment
01. Endian 1: Setup with Active Directory

02. Endian 2: New setup not connect AD

3. Logs (when available / if related to the issue)
Quote
ipsec up SYMC
initiating Main Mode IKE_SA SYMC[14] to 1x.x.x.244
generating ID_PROT request 0 [ SA V V V V V ]
sending packet: from 192.168.1.9[500] to 1x.x.x.244[500] (448 bytes)
received packet: from 1x.x.x.244[500] to 192.168.1.9[500] (156 bytes)
parsed ID_PROT response 0 [ SA V V V V ]
received XAuth vendor ID
received DPD vendor ID
received Cisco Unity vendor ID
received NAT-T (RFC 3947) vendor ID
generating ID_PROT request 0 [ KE No NAT-D NAT-D ]
sending packet: from 192.168.1.9[500] to 1x.x.x.244[500] (308 bytes)
received packet: from 1x.x.x.244[500] to 192.168.1.9[500] (308 bytes)
parsed ID_PROT response 0 [ KE No NAT-D NAT-D ]
local host is behind NAT, sending keep alives
remote host is behind NAT
generating ID_PROT request 0 [ ID HASH N(INITIAL_CONTACT) ]
sending packet: from 192.168.1.9[4500] to 1x.x.x.244[4500] (108 bytes)
received packet: from 1x.x.x.244[4500] to 192.168.1.9[4500] (92 bytes)
parsed INFORMATIONAL_V1 request 369591745 [ HASH N(AUTH_FAILED) ]
received AUTHENTICATION_FAILED error notify
establishing connection 'SYMC' failed

ERROR
parsed INFORMATIONAL_V1 request 369591745 [ HASH N(AUTH_FAILED) ]
received AUTHENTICATION_FAILED error notify

Can you help me? Thank so much

 9 
 on: Friday 19 February 2021, 08:41:31 pm 
Started by bvillers - Last post by justme
if its accessing a port forward you need to add it there as first rule, "Advanced" section and you add the IP in "Allow From" and DROP

 10 
 on: Friday 19 February 2021, 08:40:11 pm 
Started by akehlert - Last post by justme
the free version does not support fail2ban, but it could be installed manually and run using /var/efw/inithooks/start.local at startup, then you can use CUSTOMINPUT to block things

Pages: [1] 2 3 4 5 ... 10
Page created in 0.047 seconds with 15 queries.
Powered by SMF 1.1 RC2 | SMF © 2001-2005, Lewis Media Design by 7dana.com