Hi,
I'm having some troubles with my internal network (192.168.69.0/24) in accessing internet through SecurePoint, this is acting as my default gateway (192.168.69.80).
SecurePoint has this configuration:
eth0 --> 80.x.x.54 (as public ip)
eth1 --> 192.168.69.80 (as private ip).
I followed the instructions from the How_to_Basic_Configuration_security_Manager_R3.pdf file, my conf is like this:
Network Objects:
name --> IP-Address - Maske - Zone
======================================
internet --> 0.0.0.0 - 0 - external
InternalNet --> 192.168.69.0 - 24 - internal
InteralFw --> 192.168.69.80 - Host - firewall-internal
Firewall Rules:
From group -- To Group -- Service Group -- Action
=====================================================
InternalNet -- internet -- default-internet -- ACCEPT
InternalNet -- InternalFw -- dns -- ACCEPT
# show rule
14;Grp-RedInterna;internet;default-internet;1;ACCEPT;NONE;;;;
15;Grp-RedInterna;Grp-Firewall Interno;dns;1;ACCEPT;NONE;;;;
I also enabled HIDE-NAT like this:
NAT Object --> IntenalNet
NAT Relationship --> 80.x.x.54
Destination --> any
Disabled "Exclude this hide nat relation"
But unfortunatelly I'm not able to browse internet, DNS resolvs fine but some packets are dropped and is nt running ok.
Firewall Log: (drop messages)
May 5;10:31:30;192.168.69.80;Firewall DROP;IN=eth1 OUT= MAC=00:30:48:8f:fe:7d:00:19:b9:67:25:7b:08:00 SRC=192.168.69.191 DST=192.168.69.80 LEN=48 TOS=0x00 PREC=0x00 TTL=128 ID=21128 DF PROTO=TCP SPT=48633 DPT=8080 WINDOW=65535 RES=0x00 SYN URGP=0;
May 5;10:31:39;192.168.69.80;Firewall DROP;IN=eth1 OUT= MAC=00:30:48:8f:fe:7d:00:19:b9:67:25:7b:08:00 SRC=192.168.69.191 DST=192.168.69.80 LEN=48 TOS=0x00 PREC=0x00 TTL=128 ID=21131 DF PROTO=TCP SPT=48633 DPT=8080 WINDOW=65535 RES=0x00 SYN URGP=0;
May 5;10:32:55;192.168.69.80;Firewall DROP;IN=eth1 OUT= MAC=00:30:48:8f:fe:7d:00:19:b9:67:25:7b:08:00 SRC=192.168.69.191 DST=192.168.69.80 LEN=48 TOS=0x00 PREC=0x00 TTL=128 ID=21329 DF PROTO=TCP SPT=48638 DPT=8080 WINDOW=65535 RES=0x00 SYN URGP=0;
May 5;10:33:15;192.168.69.80;Firewall DROP;IN=eth1 OUT= MAC=00:30:48:8f:fe:7d:00:19:b9:67:25:7b:08:00 SRC=192.168.69.191 DST=192.168.69.80 LEN=48 TOS=0x00 PREC=0x00 TTL=128 ID=21360 DF PROTO=TCP SPT=48653 DPT=8080 WINDOW=65535 RES=0x00 SYN URGP=0;
Is there anything else I missed?
Thanks for your help.
Best Regards,
David
Firewall Rules
Moderator: Securepoint
Hi,
is it possible that you have configured a proxy at your workstation?
When you have configured it you should create an new rule like this
InternalNet -- InternalFw -- Proxy (Port 8080) -- ACCEPT
Please try it an write some feadback
A.Rietz
is it possible that you have configured a proxy at your workstation?
When you have configured it you should create an new rule like this
InternalNet -- InternalFw -- Proxy (Port 8080) -- ACCEPT
Please try it an write some feadback
A.Rietz
Some people want it to happen, some wish it would happen, others make it happen.
Hi,
you were right, now it's working, I checked my browser (firefox) configuration and "non proxy settings" were enabled, however I added the rule you said before and I am able to browse right now without any problem, therefore some proxy conf was set into my browser (Firefox) and I missed it.
Thanks a lot for your help.
Regards,
David
you were right, now it's working, I checked my browser (firefox) configuration and "non proxy settings" were enabled, however I added the rule you said before and I am able to browse right now without any problem, therefore some proxy conf was set into my browser (Firefox) and I missed it.
Thanks a lot for your help.
Regards,
David