Software Firewalls

19K

Solutions

20K

Contributors

Software firewalls, also known as host-based firewalls, provide a layer of software on one host that controls network traffic in and out of that single machine. Most operating systems now include firewall software, but many available software firewalls include central distribution, antivirus systems and disaster recovery.

Here is the scenario:

We have 5 MPLS sites all with the same carrier and they each have a Windows DC (Hyper-V) at each location. 3 of the sites replicate properly back to our Head office DC and to the other ones properly.  2 of them do not.  When digging into the issue extensively it is throwing DNS issue notices. So I have taken wireshark captures on the two sites interfaces and can see port 53 (DNS) traffic coming into the interfaces at both sites fine, but when I try to telnet to said DC: IE telnet 10.1.4.16 53 I cant.  I have removed all antivirus software, turned off all software firewalls and there is no Firewall between sites as they are via trusted interfaces between sites.  

So my question is how can I see DNS traffic coming into the interfaces on port 53, but I am not able to telnet to that port?? but on the other sites I can???

What am I missing here??

PLEASE HELP!!!
0
We have enquiry about SonicWall SMA 410 and customer are using SMA 410 in Hong Kong with RSA Authentication .They want us to provide the services to setup  SonicWall SMA 410 in China.

Please advice usually to setup this devices is need to take how long and what are the question should i aware and ask question to customer .I have no experience on setup this devices ,hope that expert here can give me some hints here.
0
Hi expert

anyone know the necessary port for a client pc or member server link to Windows 2012 AD?

below function is needed
1. windows login
2. login script
3. time sync and gpo update
4. dns service

i find many sites, but not really understand some terms on the service

appreciate if u can list for me

thanks
0
Hi,

We have a SonicWall TZ350 firewall installed in our office connected to our router.

We would like to be notified every month by email of what has been blocked by SonicWall without needing to access the SonicWall web interface.

How do we set this up?

Thanks,
Robbie
0

Checkpoint cli Query, How many rules are installed


I have a Checkpoint MDS Cluster,  and I can make query for Netwok Object , any rules etc.

for an Example

cpmiquery attr ""network_objects"" ….

wich command or script musst be used, to quere the number of all Rules per Firewall are installed in the MDS
0
Hello,
I have squid on pfsense I addess this config to squid:
access_log udp:// ip:port squid
also I have a rsyslog server that is savelog in MySQL db.
everything's is work fine but from host field show the request timestamp
I try to change log format but I didn' deal with it !
anyone can help my to make the first could save the host name or any word so I can filter it on MySQL ?
thanks.
thanks.
0
My application is in DMZ and trying to access a database in the private network behind the firewall . What rules shall be applied in the Firewall for secure access to the database from the application server
0
Hello,

I wanted to know how I can block my home connection from reaching YouTube.  I have AT&T internet and they provided their own router/modem BGW210-700; however, I don't know how to block the site I need to...  I can get into the settings of the device, but can't locate where to block.  Also, is there another option to do this?  I called their customer service, but I feel like I'm talking martian talk with them.
0
Hi,

We are looking for a wired firewall solution for our office.

High robustness is the most important requirement for our firewall solution.

There are features such as multiple VPN connections which are nice but not as important.

What would you recommend as a very good firewall solution for office with following requirements:

- Highly Robust solution
- For small office (less than 10 PCs)
- Secure remote connections to office PCs
- Secure Office 365 network connectivity
- Support our network internet speeds: last test got 37.7mb/s download, 38.4mb/s upload, 17ms latency

Thanks,
Robbie
0
How can I allow my user to access social media sites. Now when they
 try to access Facebook Instagram or Linked in. They get a error message saying the page is unavailable
0
Hello,
how I can block ip in ubuntu regarding list file ?
thanks.
0
We have Win10 machines on our domain with Private and Public firewalls turned on. I do not wish to debate turning FW's on or off - we have company FWs on the domain and will not be changing the FWs to on or off.

I have popups telling me to turn on the Domain FW and other popups for the Win10 FW. I need to TURN THESE POPUPS OFF - we will not be changing our FW settings - i just need these FW settings to go away.

I cannot find a definitive way via group policy to do this. I need ALL firewall popups turned off, not just certain types of FW notifications - all of them.

Help.
0
HI Experts,
I cannot get out of Rommon mode, from my ASA 5505

Launching BootLoader...
Default configuration file contains 1 entry.

Searching / for images to boot.

No images in /
Error 15: File not found

unable to boot an image


Default configuration file contains 1 entry.

Searching / for images to boot.

No images in /
Error 15: File not found

unable to boot an image


Failsafe booting engaged.
Default configuration file contains 1 entry.

Searching / for images to boot.

No images in /
Error 15: File not found

unable to boot an image



CISCO SYSTEMS
Embedded BIOS Version 1.0(12)13 08/28/08 15:50:37.45

Low Memory: 632 KB
High Memory: 507 MB
PCI Device Table.
Bus Dev Func VendID DevID Class              Irq
 00  01  00   1022   2080  Host Bridge
 00  01  02   1022   2082  Chipset En/Decrypt 11
 00  0C  00   1148   4320  Ethernet           11
 00  0D  00   177D   0003  Network En/Decrypt 10
 00  0F  00   1022   2090  ISA Bridge
 00  0F  02   1022   2092  IDE Controller
 00  0F  03   1022   2093  Audio              10
 00  0F  04   1022   2094  Serial Bus         9
 00  0F  05   1022   2095  Serial Bus         9

Evaluating BIOS Options ...
Launch BIOS Extension to setup ROMMON

Cisco Systems ROMMON Version (1.0(12)13) #0: Thu Aug 28 15:55:27 PDT 2008

Platform ASA5505

Use BREAK or ESC to interrupt boot.
Use SPACE to begin boot immediately.
Boot interrupted.

Ethernet0/1
MAC Address: 442b.03ec.75b2
Link…
0
Im new to azure and have created my first VM.

I've created a network security group to create some rules. I don't see a way to create object groups?

So if I have a group of public IPs I would like to apply the rules to. In future when I went to add or remove IPs that can access my VM, all I need to do is update the object group and all the rules will be up to date.

Sorry if this is a noob question, it's quite a standard feature of my firewalls.
0
Hi

We use windows 10 and I have, and application installed on our workstations and it connects to a financial software that is hosted on the cloud.
Users are able to open the application and do a normal invoice. But when they do a purchase order invoice, it throws an error saying your network connection has been lost.
At the moment the Firewall is enabled on all the workstations through group policy and our domain controllers are on Windows 2012 R2
I would like to disable the firewall on the group policy so that the client PCs firewall is in TurnOff condition and see if I am able to do a purchase order invoice.
Please see the attached snapshot and  post me tutorials as how-to turnoff the firewall on the workstations.
Workstation-firewall-status.png
0
I have a SolarWinds Orion server monitor that I want to make accessible from the public web. I am doing everything- AD authentication, SSL, etc.  the web server works perfectly on the LAN but where I am having a problem is when I cross the firewall. I have to share a public IP with other applications, so i have to use port forwarding. I have a rule that redirects traffic on the public IP address coming over port 8788 to port 443 on the web server. do I need to redirect anything to port 80, and is there a particular port I must use?
when I attempt to sign in to the web server over the public IP, it authenticates then gives me a 404. any ideas? sounds like it needs 80 as well as 443, but I’m not sure how to configure this. thanks I appreciate the help!
0
What is the best  way to block websites using Pfsense?
Pfsense has SquidgGuard , we attempted using that , but it does not work as expected ( Some websites do not get blocked , etc)

We are using the Blacklists ( Shalla-list) , but it does not seem to be working.

Is there any other package/app we should install ?
Or maybe the right way to configure this on the PFSENSE.


Best Regards,
0
Hello,
 I have two ASA 5525-X firewalls (in HA configuration) with Firepower. I'm asking for help on whether we'd be able to establish Traffic Shaping to guarantee bandwidth for FTP traffic.  We have a 1Gb connection recently added and would like to guarantee 900Mbs for FTP when needed, but allow other traffic to utilize the connection otherwise.
0
Trying to upgrade a server 2012 VM running in VMWare to be a BackUp Domain Controller.

Keep getting prerequisites failing due to ports 88,389,636,3268 and 3269 being in use.

Doing netstat -anpo TCP | findstr /i XXXX where XXXX = above port reports no processes apart from

TCP    0.0.0.0:88             0.0.0.0:0              LISTENING       4

Any ideas ?
0
Hi,

I'm in the process of moving my radius server used for authenticating VPN clients from my local network to Azure. I've migrated the IAS settings and added the new server in System -> Servers, but when I test the authentication against the server in Azure, I get this error:

"The following input errors were detected:
Authentication failed."

I can authenticate against the local radius server.

Setup:
OPNsense firewall
v. 18.7.10_4-amd64
IP address 172.16.12.2

Radius
Windows Server 2012 R2
IP address 10.100.10.11

I can't ping 10.100.10.11 from the firewall, so it must have something to do with the communication from the local firewall to Azure and maybe a missing firewall rule, but what am I missing in the process? Should I create a new server here VPN: OpenVPN: Servers with another IPv4 Tunnel Network pointing to the 10.100.11.x network? I'm also uncertain if it has something to do with certificates.

There is no problem communicating from my local machine and servers to the network in Azure.

Thanks in advance,
Ronnie
Firewall_rules_OpenVPN.JPG
VPN_OpenVPN_Servers.JPG
Firewall_Rules_WAN.JPG
0
Hello!

I need to "solve" a puzzle regarding network infrastructure , iptables and few services.

first things first.

Its a three-headed network , with CentOS as firewall through iptables in the middle.. That machine has 3 network cards

enp0s3 -> NAT 10.0.2.15
enp0s8 -> LAN 192.168.3.1
enp0s9 -> DMZ 192.168.103.1

There is Client1 192.168.3.2
There is a Server1 on 192.168.103.2 -> HTTP - FTP - SSH - Squid

The ruleset i'm struggling with how to achive.

Http and Https from the Lan network to go through firewall (Where iptables rules are located) go to the DMZ reach Squid , check for the ACLs within Squid service and if allowed go to the internet and retrieve HTTP back to the LAN network

Apparently is easier to do it if its only from 1 interface , but i cant make it work in my VM environment so way less implement it in the real network.
0
I'm stuck with the following problem : a remote computer is connected to our network via VPN, so the computer is on another subnet. I need to be able to open a remote desktop on a local windows 10 computer. If the firewall is disable, all ok, if the windows 10 firewall in on, can't connect. I'm pretty sure it's because the remote computer is on another subnet. I tried to open a remote desktop on a Windows 2008R2, and that work. So probably Windows 10 extra security is not letting a different address to connect.

What do I need to change in Windows 10's firewall ?
0
Dear Experts, I'm installing Snort in an Exchange server but got this fatal error when loading the snort.conf file.

Can you please check and suggest?  How can I fix this directory? Many thanks!

Capture.PNGsnort.conf
0
hello
i have captive portal that is work under pfsense
is there any software for windows and andriod can installed and authentece instead of web browsing like sohpos ?
thanks.
0
Hello everyone,


I have a Cisco ASA 5516 with two inside interfaces. One is for customer LAN and another is for a few branch offices connected via a router that is connected to the 2nd Inside interface (All those offices are in the same building connected by a FO backbone. Customer is going to replace an old ASA 5510 where almost the same config already works.  

LAN network is 192.168.0.0/24 connected to 1/3 on ASA

Branch Offices are connected to 192.168.2.0/24 connected to 1/4 on ASA
 
I want to be able to ping and have unrestricted traffic between them.

Currently I have a laptop connected to int 1/3 and another one connected to Int 1/4 but no ping.

Someone please help!

Here's the configuration

ASA Version 9.8(2)17
!
hostname ASAFCHFW
domain-name mydomain.com
enable password $sha512$5000$pt2nRGQbSXA8K3vdow+Ztg==$kGNfDJREqQCQ+jO7m0bxmQ== pbkdf2
names
no mac-address auto

!
interface GigabitEthernet1/1
nameif Outside
security-level 0
ip address x.x.x.131 255.255.255.240
!
interface GigabitEthernet1/2
nameif DMZ
security-level 10
ip address 172.16.31.1 255.255.255.240
!
interface GigabitEthernet1/3
nameif Inside
security-level 100
ip address 192.168.0.2 255.255.255.0
!
interface GigabitEthernet1/4
nameif Branch_Office
security-level 100
ip address 192.168.2.1 255.255.255.0
!
interface GigabitEthernet1/5
shutdown
no nameif
no security-level
no ip address
!
interface GigabitEthernet1/6
shutdown
no nameif
no …
0

Software Firewalls

19K

Solutions

20K

Contributors

Software firewalls, also known as host-based firewalls, provide a layer of software on one host that controls network traffic in and out of that single machine. Most operating systems now include firewall software, but many available software firewalls include central distribution, antivirus systems and disaster recovery.