Seite 1 von 1
running a trace route through securepoint provides not info
Verfasst: Mi 16.01.2008, 17:59
von ajl119
Outbound access has been configured to allow anything to anything.
However when running a 'tracert' (From internal windows machine) or 'traceroute' (From internal linux machine), no hop or router information is provided as it should be!
Surely 'icmp-traceroute' etc.. should be allowed back as it is an outbound connection and therefore established and related.
Thanks in advance
running a trace route through securepoint provides not info
Verfasst: Mi 16.01.2008, 18:00
von ajl119
Outbound-Zugang konfiguriert wurde, damit etwas zu tun.
Jedoch, wenn Sie einen "tracert" (Aus internen Windows-Maschine) oder "Traceroute" (Aus internen Linux-Rechner), keine Hop-oder Router-Informationen ist, wie er sein sollte!
Sicherlich "icmp-traceroute" usw.. Sollten die Möglichkeit zurück, da es sich um eine ausgehende Verbindung und somit festgestellt und damit zusammenhängende.
Vielen Dank im Voraus
running a trace route through securepoint provides not info
Verfasst: Do 17.01.2008, 10:26
von achim
there is a post describing how to enable/allow traceroute:
http://www.securepoint.de/support/topic.php?id=370
in english:
- log in to the Security Manager (SM)
- choose Firewall -> Services (Dienste)
- create a new group "tracert"
- find the service "icmp-time-exeeded" and rename it in "icmp-time-exeeded-related"
- create a new service "tracert": UDP, sourceport
65535, destinationport: 33434:33523
drag the following services into the group "tracert"
- tracert
- icmp-time-exeeded-related
- icmp-echo-reply
- icmp-echo-req
make a rule in: "Firewall -> Portfilter"
rule:
from: Internal_Network -> Interntet; group: "tracert"
should work
achim
running a trace route through securepoint provides not info
Verfasst: Do 17.01.2008, 22:03
von ajl119
That is great. Thank you, it worked perfectly :-)
65535, destinationport: 33434:33523