Hardware Firewalls





Hardware-based firewalls provide more sophisticated protection for inbound and outbound traffic than the simple Windows software firewall or the basic NAT firewalls found in routers. These devices implement techniques such as stateful packet inspection, deep packet inspection, and content filtering; and may include built-in antivirus and anti-malware protection.

Share tech news, updates, or what's on your mind.

Sign up to Post

my asa 5510 is unable to run post. i am tryping to configure it using putty but it is showing nothing with just a blank screen
Announcing the Most Valuable Experts of 2016
Announcing the Most Valuable Experts of 2016

MVEs are more concerned with the satisfaction of those they help than with the considerable points they can earn. They are the types of people you feel privileged to call colleagues. Join us in honoring this amazing group of Experts.

The product will come with its' operating system only , for training, does palo alto offer the service 30 days evaluation (like Microsoft) when expire you have to re-install it again.
how can I find out if my Fortinet firewall 60B is passing traffic on certain ports in both directions?
my scenario:
Fortinet 60B
application server internally that has port 9000 open
from all outside port tests we see port 9000 open
how can I tell certainly that the problem is either the firewall blocking port 9000 or these is some other problem.
I am trying to see if also if syslog messages will show the port 9000 discards
all help is greatly appreciated
I am new to  ASA firewall concept, I would like to know that  ASA firwall works  based on interface name or IP address, for an example if the traffic comes from outside(internet), and if we want all traffic to (inside) office network, do we need to say any IP address within specific range goes to inside interface ?  For an example how do we allow VPN traffic through firewall?
my zyxel usg every time that I reboot charge in config one .zysh(I can read this in my logs),never I setup into it a script,then I am worried about this,nothing in the gui appears,I do not see nothing in start up config but couple of moths ago my cpu was working with 70%, it's not usual(no more than 25%, And now after finish configurate again start up config bad appears and the usg use the lastgood config, and l2tp doesn't work at all 'peer connection failed',

Many thanks
I opened a case with Sonicwall but no word yet.

I was just curious if anyone had the answer, I know this scarcely requires an expert lol but.....

I booted up a machine with an old NetExtender rev from 2014 and it forced me to update the client when I connected to my NSA 4600  and it installed 8.6.256.

But I can't find any place to download that version, MySonicwall.com only has 8.0.241.
All my equipment is under maintainence and I was curious if anyone had the setup file for that build.

I tried uninstalling NetExtender and downloading setup from my NSA but it just re-installed 8.0.241.

On a related topic can  update the version stored on my NSA 4600 or is that just part of the firmware build.


I plan to move somewhere where Google FIber is offered and host a website using a server I bought.

I'm reading three books on Ubuntu Server, and I'm assuming I should buy a business firewall.

Can someone explain how they work compared to software firewall, if you should run both, and link to some possible products that would be good for a web server.

Dear All,

Is there a complete list of Address Objects that I can add into my Foritgate firewall policy?
I need some help. I have a client that has moved into an office and is sharing their space. There is cat5e structured network around the building. There is a router with DHCP turned off providing the buildings owners with an internet connection to their network. What I want to do is connect my client's existing switch and windows server 2012 essentials r2 server (which is both a domain controller and a DHCP server) to the existing router (building owner's router) so that I can share the internet connection to my client. Essentially I will break out all of the ports on the network that my client will be using and connect to my client's switch. That switch then connects to my client's windows server. The existing network and all settings work just no internet connection. The server has two NIC cards if that helps at all. The building owner runs their own windows DHCP and domain controller server. Essentially the only physical connection between the two networks would be through the building owner's router. The router does have available ports. Any suggestions?
I'm quite new with Firewalls and need some quick configuration tips, make zywall up and run with some basic open ports browsing, email (port 995), chat, youtube. Would like to know what do I get out-of-the-box when I start and switch on for first time my new Zywall usg100
Independent Software Vendors: We Want Your Opinion
Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Dear Experts,

We configured the management ip address for the firepower.

We can see the tab appearing at the top but the button did not appear.

We restarted the firewall and the tab also disappeared.

When we go back to view the ip of the sourcefire, it is there.

How do we get the firepower tab and button to reappear.

Do we need to configure the access-list?
Dear Experts,

I want to activate the FirePower license but how do I do so?

I know I have to configure the IP address but somehow when I did that, it somehow factory resets the whole ASA 5516-X firewall.

How do I get the FirePOWER tab to appear and activate the license?

how to block ransomeware in firewall , and what are the configuration has to do.

I have a Sonicwall TZ 300 firewall being used as a gateway router for a network. The IP address scope is on the X0 interface.

I would like to setup another network with the SAME IP address scope of etc.. on the X2 interface to build and test another server which is eventually going to replace the server on the X0 interface. This second network has to be isolated from the the X0 interface so the two servers/networks can exist without seeing each other. Is this possible? How can I do this if so?

I have it working now as long as I use another IP scheme ( but I want to use the same IP scope to make it easier to transition to the new server down the line.
Hi, My concern is that Can i use SRX series Firewall as a Router
hello, anyone familiar with RouterOS? I'm trying to passthrough PPTP to my VPN server. Unfortunately I'm not well versed in this particular firewall and its setup.. At the moment I have accept for 1723 and GRE setup but it also requires a NAT command as well.. Any help would be appreciated.
please advise
I need to be able to run the executable (installer for cisco anyconnect)
Dear All

I have a new Mikrotik cloud core router, I need some help, please.

Interface one - ISP

Interface Two - Network Switch DHCP Scope 192.168.88.**

Interface, 12,11,10 & 9 Brideged together for DL380 Gen 9 NIC Team DHCP Scope? 192.168.89.**

I would like to be able to ping anything in any of the two networks, but I can't seem to figure this part out and need a little help, please.

One of our locations has  Sonic wall TZ 300w. There are 2 subnets set up on this appliance :

X0 LAN - 192.168.40.xxx
X3 LAN - 192.168.50.xxx (Mitel 5000)

we need to be able to access the software on the X3 LAN from the primary LAN X0. So far I can ping the Phone subnet but when launching the Mitel software connection failed:

anyone with Mitel experience and sonic wall or any phone system with Sonic wall that can help us set this up? Both X3 and X0 are in the same zone.
What, When and Where - Security Threats from Q1
What, When and Where - Security Threats from Q1

Join Corey Nachreiner, CTO, and Marc Laliberte, Information Security Threat Analyst, on July 26th as they explore their key findings from the first quarter of 2017.

I have a watchguard M400 (Fireware XTM 11.10) Firewall/Router with about 14 Branch Office VPN'c coming into it. We have a new software these BOVPN's need to access. There are two application servers running the software. I would like to load balance the connections to these servers. Can someone point me in the correct direction?
Recently we added a new TPG IPVPN Connection (MPLS Network with Hosted Firewall) to eth2 on our watchguard but cant get it to work properly (see attached picture)

For some reason i cannot ping any Sydney LAN IP Addresses (on network) from QLD Office to Sydney Office.

What do i need to enable / configure on the wathguard so i can ping internal lan addresses from qld office ?

QLD Office LAN is on network.
Sydney office LAN is on network

From QLD office I can ping,,, OK, but if I try to ping the Watchguard LAN IP Address or another device in the same Sydney network from QLD Office it times out. Any ideas ???

Sydney Office Watchguard Configuration is as follows:

I have 3 interfaces setup on my Watchguard x750e firewall with following parameters:

Eth0: IP: (External) - This is connected to a ISP Managed Cisco 1900 Series Router. This is a routed subnet services TPG NBN Conneciton.

Eth1: IP: (Trusted)

Eth2: IP: (External) - This is connected to a TPG NTU and is a IPVPN Connection. This also requires RIPv2 and has dynamic routing setup.
Dynamic Routing Configuration:
1. Enabled Dynamic Routing is enabled.
2. Enable RIP is enabled
Rip Configuration :
router rip
network …
I have an Engenius EAP600 which I have configured only for Guest Wifi. I wanted to separate the clients that connect to that AP to only allow internet access and block any kind of local network access. The AP is connected to a Layer3 Cisco Switch which then connects to an ASA-5505 firewall. I'm a little rusty on VLAN could someone help with the commands for the Switch and the ASA to set this up?
Hi im facing a problem basically we are replacing our cisco router with asr 1001 for the internet connection.

While creating the PPPOE configuration i noticed that pppoe-client is not working on the interface which im trying to configure for WAN side interface.

I appreciate if someone has experience with regards to this router. and can guide me with the full configuration for pppoe.

Thank you
I have the above phone trying to VPN with a Dell SonicWall TZ400. When I put in the VPN information, listed below, the phone fails and gives me error codes that Phase 2 no response. I will list the three error codes I also see, if anyone can point me in the right direction.


SonicWall VPN Settings:

Policy Type: Tunnel Interface
Authentication Method: IKE using Preshared Secret

IPsec Primary Gateway Name or Address:

IKE Authentication:

Local IKE ID: Domain Name
Peer IKE ID: Domain Name

IKE (Phase 1) Proposal:

Exchange: Aggressive Mod
DH Group: 2
Encryption: 3DES
Authentication: SHA1
Life Time: 28800

IPsec (Phase 2) Proposal:

Protocol: ESp
Encryption: 3DES
Authentication: SHA1
Enable Perfect Forward Secrecy: Checked
DH Group: 2
Life time: 28800

In advanced tab, the only thing checked is Keep Alive.


Server: 50.XX.XX.209
PSK: *****
IKE Parameters: DH2-3DES-SHA1
IPSEC Parameters: DH2-3DES-SHA1
VPN Start Mode: Boot

Password Type: N/A
Encapsulation: RFC
IKE Parameters: DH2-3DES-SHA1
IPSEC Parameters: DH2-3DES-SHA1

Copy TOS: No
File Srvr: Blank
QTest: Disable
Connectivity Check: Never


IKE Phase1 received notify
Error Code: 3997698:18
Module: NOTIFY:305

IKE Phase2 no response
Error code: 397700:0
Module: IKMPD:353

IKE Phase2 no response
Error code: 3997700:0
Module: IKECFG:1184
I had this question after viewing Windows Remote Desktop through PIX 515.

I am trying to get the group LaptopWiFi to access TMServers using RDP, I have set static IP's for the laptops but I cannot seem to get traffic through the PIX firewall.

PIX Version 6.3(5)
interface ethernet0 auto
interface ethernet1 100full
nameif ethernet0 outside security0
nameif ethernet1 inside security100
enable password XXXXXXXXXXX encrypted
passwd XXXXXXXXXX encrypted
hostname TMILPix506
fixup protocol dns maximum-length 512
fixup protocol ftp 21
fixup protocol h323 h225 1720
fixup protocol h323 ras 1718-1719
fixup protocol http 80
fixup protocol rsh 514
fixup protocol rtsp 554
fixup protocol sip 5060
fixup protocol sip udp 5060
fixup protocol skinny 2000
fixup protocol smtp 25
fixup protocol sqlnet 1521
fixup protocol tftp 69
name TMDC2
name IL_FBServer
name IL_FBServer2
name IL_FBServer3
name TMFTP
object-group network TMServers
  network-object host
  network-object host TMDC2
  network-object host
  network-object host
  network-object host
  network-object host
  network-object host TMFTP
object-group network LaptopWiFi
  network-object host
  network-object host

Hardware Firewalls





Hardware-based firewalls provide more sophisticated protection for inbound and outbound traffic than the simple Windows software firewall or the basic NAT firewalls found in routers. These devices implement techniques such as stateful packet inspection, deep packet inspection, and content filtering; and may include built-in antivirus and anti-malware protection.