Hardware Firewalls

23K

Solutions

10

Articles & Videos

20K

Contributors

Hardware-based firewalls provide more sophisticated protection for inbound and outbound traffic than the simple Windows software firewall or the basic NAT firewalls found in routers. These devices implement techniques such as stateful packet inspection, deep packet inspection, and content filtering; and may include built-in antivirus and anti-malware protection.

Share tech news, updates, or what's on your mind.

Sign up to Post

hello, anyone familiar with RouterOS? I'm trying to passthrough PPTP to my VPN server. Unfortunately I'm not well versed in this particular firewall and its setup.. At the moment I have accept for 1723 and GRE setup but it also requires a NAT command as well.. Any help would be appreciated.
0
Is your NGFW recommended by NSS Labs?
Is your NGFW recommended by NSS Labs?

Ours is! NSS Labs Next Generation Firewall Test gives the WatchGuard Firebox M4600 a "Recommended" rating! Curious where your NGFW landed on the  Security Value Map? See the map and download the full report today!

please advise
I need to be able to run the executable (installer for cisco anyconnect)
security-warning.PNG
0
I've got a Watchguard 500 series at the main office and a 2 series at a home office.  I've needed to setup a VPN between the two devices to get an IP phone to function properly.  

With the current home office setup I have one interface set as 'external' and connect the cable modem directly here.  Then I have a 2nd interface as 'trusted' which connects to the users home router.  The phone and computer connect to the home router and the VPN works fine.

At the new home office location however the home equipment is a cable modem/router combo - so I have no dedicated WAN port - just 4 LAN ports.

Maybe I'm over thinking this but I'm stumped on how to configure this with the different home router/cable modem combo.

I've been using 'mixed' mode and am wondering if I need to be using 'drop in' mode - ?
0
Dear guys, I have this scenario:
- The original IP network which ISP provide: 13.14.24.160/28 (no worry, it's fake)
- I don't know why the IT guy who worked here before request ISP to split that network to 2 subnets: 13.14.24.160/29 and 13.14.24.168/29
- However, I was handover the instructions to get Internet for LAN network as the attached picture without any other explanation

Can anyone help me to answer these?
- Please explain the way end-users in LAN network to go the Internet. Which IP network should we configure in users' PCs?
- Please give me some ideas that clarify the purpose of the splitting?
- Can I place the pfSense firewall in the Router position? If so, is there any device/configuration we need to focus?

Many thanks as always!
Diagram.png
0
I'm in the market for a new router.  I want a hardware DMZ.  I currently have a NetGear ProSafe FVS338, which is fine except for it lacks a hardware DMZ.
I do not need VPN support.
The other feature I'm interested in is ease of setup.  It doesn't need to be dummy-proof (i.e.  I don't want a "wizard" to do the setup for me).   I just don't want to deal with configuration like what's required for a SonicWall, with a completely un-intuitive UI and setup.
And no bells and whistles that require subscriptions / fees, por favor.

Please only post responses based on your personal experience.  I can Google for routers on my own time... looking for actual real-life recommendation here.
0
Dear All

I have a new Mikrotik cloud core router, I need some help, please.

Interface one - ISP

Interface Two - Network Switch DHCP Scope 192.168.88.**

Interface, 12,11,10 & 9 Brideged together for DL380 Gen 9 NIC Team DHCP Scope? 192.168.89.**

I would like to be able to ping anything in any of the two networks, but I can't seem to figure this part out and need a little help, please.

Thanks
Alex
0
My colleague was trying to configure the ASA firewall's management IP but somehow the prompt went and said that the wizard will factory reset the whole ASA firewall, is there anyway to recover back the configuration?

He did not backup but the firewall is left running and never turned off.
0
Dear Experts,

Does anyone know how to configure the default gateway for the Management Interface?
0
We have a Barracuda spam/Firewall 300 here that's got about 30,000 blocked/deferred messages in the outbound queue that I need to get deleted. I can't even bring up the outbound queue in queue management. I spent over an hour with Support and they cant connect with the guy couldn't figure out how to connect with it....that's a different issue. How can I clear these out? Its killing our mail throughput?? I know its got SSH but I can't connect to it. I'm not local to the system but I've got full admin rights. I cant even pull the export out of it.
0
In a Palo Alto networks firewall, how can you see which member of an HA pair is Active?
0
Industry Leaders: We Want Your Opinion!
Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

One of our locations has  Sonic wall TZ 300w. There are 2 subnets set up on this appliance :

X0 LAN - 192.168.40.xxx
X3 LAN - 192.168.50.xxx (Mitel 5000)

we need to be able to access the software on the X3 LAN from the primary LAN X0. So far I can ping the Phone subnet but when launching the Mitel software connection failed:

anyone with Mitel experience and sonic wall or any phone system with Sonic wall that can help us set this up? Both X3 and X0 are in the same zone.
0
I have a watchguard M400 (Fireware XTM 11.10) Firewall/Router with about 14 Branch Office VPN'c coming into it. We have a new software these BOVPN's need to access. There are two application servers running the software. I would like to load balance the connections to these servers. Can someone point me in the correct direction?
0
Hello Everyone!

We had some security cameras installed and the installer asked me to open port 8000 for the dvr.  We have a Sonicwall 1260 Pro and I followed the instructions for port forwarding.  I created the service for both TCP/UDP, port 8000 and then created the group.  I used the public server wizard to allow public access to the camera ip.  After everything was complete I used the site, http://www.yougetsignal.com/, to check if port 8000 was open.  Unfortunately, the port is still closed.  I'm stuck figuring what I could be doing wrong.  We do have 2 static ips for the site.  The other ip is used for the fax machine line.  i don't know if this could cause the problem.  Any help is appreciated.

Router: SonicWall 1260 Pro
ISP: Cox
WAN: 72.205.202.66
Camera IP: 192.168.168.62
Port: 8000
img.png
0
We currently have a Dell Sonic Firewall that is our firewall as well as our company router.  This is our main router for all of our sites in the company.  We have 16.  We implemented through our EMR (Electronic Medical Records) software an upload to a billing company.  They in turn configure and print bills and send them out to our customers.  This has worked fine for over two years.  When this was implemented, we were not required to make any firewall changes at all.

A week ago, the user doing this procedure received an error that the file could not be uploaded.  She called the EMR company, who in their effort to troubleshoot the problem, changed the upload method from ftp to sftp.  She then tried to upload and she got an additional error that port 22 was unable to send.  Seeing that error, the EMR said that the problem has to do with our firewall.  I spoke with the billing company who tried to do a trace route to our external IP.  They were unsuccessful, but I was able to do a trace route to them.  The only caveat is that the user can do this procedure from home with no problem.

I am willing to make firewall changes if necessary, I just don't know what they would be or why it is necessary now, if no one has made any changes other than the upload method from ftp to sftp.

Please help.  I am desperate.
0
Recently we added a new TPG IPVPN Connection (MPLS Network with Hosted Firewall) to eth2 on our watchguard but cant get it to work properly (see attached picture)

For some reason i cannot ping any Sydney LAN IP Addresses (on 10.50.2.0/24 network) from QLD Office to Sydney Office.

What do i need to enable / configure on the wathguard so i can ping internal lan addresses from qld office ?

QLD Office LAN is on 10.4.26.0/24 network.
Sydney office LAN is on 10.50.2.0/24 network

From QLD office I can ping 210.10.228.14,210.10.228.13, 10.252.0.6, 10.252.0.5 OK, but if I try to ping the Watchguard LAN IP Address 10.50.2.90 or another device in the same Sydney network from QLD Office it times out. Any ideas ???

Sydney Office Watchguard Configuration is as follows:

I have 3 interfaces setup on my Watchguard x750e firewall with following parameters:

Eth0: IP: 210.10.228.14 (External) - This is connected to a ISP Managed Cisco 1900 Series Router. This is a routed subnet services TPG NBN Conneciton.
Gateway: 210.10.228.13
NetMask:255.255.255.252

Eth1: IP: 10.50.2.90 (Trusted)
Netmask: 255.255.255.0

Eth2: IP: 10.252.0.6 (External) - This is connected to a TPG NTU and is a IPVPN Connection. This also requires RIPv2 and has dynamic routing setup.
Gateway: 10.252.0.5
Netmask: 255.255.255.252
Dynamic Routing Configuration:
1. Enabled Dynamic Routing is enabled.
2. Enable RIP is enabled
Rip Configuration :
router rip
network 10.252.0.4/30
network …
0
The VPN Connection has been giving us issues the last 2 days.
When connected, we are able to access the shared folder and edit/add/delete files. Sometimes an error comes up that says: There is a problem accessing \\servername\SharedFolder.
This has only been happening when using the VPN connection. This error will display a few times and will go away but will come back. I have been pinging the server at the same time as the error so I don't think the server is losing connection.

Any help is appreciated.
0
hi experts,

 user's can't get to this website www.spotify.com. i already checked firewall and web filter and it's not blocked there. I ran out of ideas
0
I have been seeing quite a bit of traffic attempts from a specific ip address to access the above described firewall
how can I block this specific ip address without just blocking all?
0
Hi, we are preparing the rules for Zone-based Policy Firewall on Router c3925, however we need to confirm which traffic usually pass through a router, so that the rule will not block/allow any useful/bad traffic. So can we have a method to see it?

Is there a way other than: "show ip cache flow", "sh ip traffic" ?  

Many thanks in advance,
0
Retailers - Is your network secure?
Retailers - Is your network secure?

With the prevalence of social media & networking tools, for retailers, reputation is critical. Have you considered the impact your network security could have in your customer's experience? Learn more in our Retail Security Resource Kit Today!

Need to create a read-only accounts for users to access the ASA with ASDM.

In order to do this, I need to enable AAA authentication.  Currently I have other local accounts the ASA. Will enabling AAA authentication affect those accounts?

Thank you.
0
Hi, we are having Router Cisco 3925 between LAN and WAN, however it seems like the money is required for AnyConnect VPN on Cisco 3925. We found that pfSense (Free) can be deployed to serve VPN connections however we need to understand its pros and cons.
-So can anyone explain please?
-Should we deploy it or purchase license for AnyConnect?
-Do you know any free Cisco VPN solution that we can configure inside our C3925?

Our priority is:
- Compatible with current environment with minimum impacts to about 400 users
- Easy to configure and troubleshoot
- Price  

Many thanks in advance,
0
Any idea how to block a external IP  / range of IP in Fortigate 100D /

Thx
0
I have 5 IP/s available from my ISP. One IP is for am internal website (registered at godaddy) and we are using 1 for our router IP that I plan to use for port forwarding (VPN, RDP). I am unable to assign the Wan interface to 2 different IP's. Could not find answer in manual.
0
I have a new customer the VPN going straight to the customer was working fine with Comcast crappy router, I install a pfsense and created a rule under nat for VPN, setup server with a static IP etc. somehow this does not work. any help greatly appreciated
0
Hi,

Having an issue with Fortigate 60D using IPsec vpn and 2FA (FortiToken or email).

Vpn is configured for split tunnel.
When dialing the vpn using the FortiClient, I'm asked for username and password.
After supplying the credentials I'm asked for the FortiToken code (or code sent by email).
The problem is that from the moment it asks for the 2FA code and until I supply it, all networks are disconnected in the dialing computer,
and are restored only after supplying the code.
Is this a normal behavior or something wrong in my config ?


Thanks.
0

Hardware Firewalls

23K

Solutions

10

Articles & Videos

20K

Contributors

Hardware-based firewalls provide more sophisticated protection for inbound and outbound traffic than the simple Windows software firewall or the basic NAT firewalls found in routers. These devices implement techniques such as stateful packet inspection, deep packet inspection, and content filtering; and may include built-in antivirus and anti-malware protection.