Software Firewalls

19K

Solutions

20K

Contributors

Software firewalls, also known as host-based firewalls, provide a layer of software on one host that controls network traffic in and out of that single machine. Most operating systems now include firewall software, but many available software firewalls include central distribution, antivirus systems and disaster recovery.

Share tech news, updates, or what's on your mind.

Sign up to Post

Microsoft Products not signing into the new network.

Hello all, we implemented a new network, that is behind a firewall.
when I image a machine newly, I try to open outlook , it fails to connect, I tries onedrive, same thing. word and excel can't activate.
I connect to a different wifi (without the firewall and corporate connectivity) they all work fine. I activate and authnitcate and configure all products fine.
I switch back to corporate, they continue to work fine, for hours, or days. and suddenly the error happens again.
I have to switch to unprotected wifi, open the applications (or at least one of them) and get back to corporate network, where all will work fine again for a while.

I am thinking of the following scnarios:

1- it could be one of the many firewall rules missing on the firewall. that is used to authenticate or check the license of MS products.
2- expected it could be outdated drivers of WLAN, I updated those, but problem continued.


any ideas where should I start looking?
0
Learn Ruby Fundamentals
LVL 13
Learn Ruby Fundamentals

This course will introduce you to Ruby, as well as teach you about classes, methods, variables, data structures, loops, enumerable methods, and finishing touches.

Hi Experts,

I am trying to apply 4 firewall rules through Intune policy. I followed the instuctions in this link https://docs.microsoft.com/en-us/windows/security/threat-protection/windows-firewall/create-windows-firewall-rules-in-intune. After assignment the admin center shows that the policy is applied without error (user and device).

However the device does not have the firewall rules applied. When I try to troubleshoot I find no details in the admin center and also not details in C:\ProgramData\Microsoft\IntuneManagementExtension\Logs\.

Where can I find something useful to start troubleshooting? Does someone have a better instruction how to apply a firewall policy?

Regards,
Mark
0
We have Win10 machines on our domain with Private and Public firewalls turned on. I do not wish to debate turning FW's on or off - we have company FWs on the domain and will not be changing the FWs to on or off.

I have popups telling me to turn on the Domain FW and other popups for the Win10 FW. I need to TURN THESE POPUPS OFF - we will not be changing our FW settings - i just need these FW settings to go away.

I cannot find a definitive way via group policy to do this. I need ALL firewall popups turned off, not just certain types of FW notifications - all of them.

Help.
0
Hello,
I have MikroTik 1036 and I configure hotspot on it.
MikroTik gateway is pfsense with squid proxy  http and https
now I can check the ip logging on access.log on squid without any problem  but I want to make the log related to user who is authenticated on MikroTik hotspot.
how I can do it ?
should I use radius server ?
thanks.
0
HI Experts,
I cannot get out of Rommon mode, from my ASA 5505

Launching BootLoader...
Default configuration file contains 1 entry.

Searching / for images to boot.

No images in /
Error 15: File not found

unable to boot an image


Default configuration file contains 1 entry.

Searching / for images to boot.

No images in /
Error 15: File not found

unable to boot an image


Failsafe booting engaged.
Default configuration file contains 1 entry.

Searching / for images to boot.

No images in /
Error 15: File not found

unable to boot an image



CISCO SYSTEMS
Embedded BIOS Version 1.0(12)13 08/28/08 15:50:37.45

Low Memory: 632 KB
High Memory: 507 MB
PCI Device Table.
Bus Dev Func VendID DevID Class              Irq
 00  01  00   1022   2080  Host Bridge
 00  01  02   1022   2082  Chipset En/Decrypt 11
 00  0C  00   1148   4320  Ethernet           11
 00  0D  00   177D   0003  Network En/Decrypt 10
 00  0F  00   1022   2090  ISA Bridge
 00  0F  02   1022   2092  IDE Controller
 00  0F  03   1022   2093  Audio              10
 00  0F  04   1022   2094  Serial Bus         9
 00  0F  05   1022   2095  Serial Bus         9

Evaluating BIOS Options ...
Launch BIOS Extension to setup ROMMON

Cisco Systems ROMMON Version (1.0(12)13) #0: Thu Aug 28 15:55:27 PDT 2008

Platform ASA5505

Use BREAK or ESC to interrupt boot.
Use SPACE to begin boot immediately.
Boot interrupted.

Ethernet0/1
MAC Address: 442b.03ec.75b2
Link…
0
Im new to azure and have created my first VM.

I've created a network security group to create some rules. I don't see a way to create object groups?

So if I have a group of public IPs I would like to apply the rules to. In future when I went to add or remove IPs that can access my VM, all I need to do is update the object group and all the rules will be up to date.

Sorry if this is a noob question, it's quite a standard feature of my firewalls.
0
I've been finding Windows 10 Firewall rule sets on some computers that look strange.  I have the need for:
- comparing rules for a "new" computer with a "golden standard".
- comparing a "golden standard" with the Default rules.
- bringing a "new" computer that deviates from the golden standard into the "same" configuration.
etc.

One problem that I can foresee is that the "new" computer may have application installs that changed the firewall rules and I probably don't want to destroy those settings.
This argues that this is *no* golden standard set of rules.

Now, I can conjure up ways of doing this from scratch but wonder if someone knows of or has a process or some tool that has already dealt with issues like this?
No point in reinventing the wheel, eh?

I searched the web but seemed to only find firewall control sorts of programs - as distinct from firewall analysis and management at the text level.

I've thought about a process like this:
1) Set a "new" computer's firewall to Default
2) Run a script to add a standard set of rules or to modify the Default rules.
The first step is easy.
Coming up with the second step may be harder than simply looking at differences.....

The only case in point that I can describe - and maybe this is the only thing I need to look at - all of the File and Printer Sharing rules for Profile:Domain were missing and need to be restored.  
I think being able to do only this would be useful and I've done it by …
1
Hi

We use windows 10 and I have, and application installed on our workstations and it connects to a financial software that is hosted on the cloud.
Users are able to open the application and do a normal invoice. But when they do a purchase order invoice, it throws an error saying your network connection has been lost.
At the moment the Firewall is enabled on all the workstations through group policy and our domain controllers are on Windows 2012 R2
I would like to disable the firewall on the group policy so that the client PCs firewall is in TurnOff condition and see if I am able to do a purchase order invoice.
Please see the attached snapshot and  post me tutorials as how-to turnoff the firewall on the workstations.
Workstation-firewall-status.png
0
I have a SolarWinds Orion server monitor that I want to make accessible from the public web. I am doing everything- AD authentication, SSL, etc.  the web server works perfectly on the LAN but where I am having a problem is when I cross the firewall. I have to share a public IP with other applications, so i have to use port forwarding. I have a rule that redirects traffic on the public IP address coming over port 8788 to port 443 on the web server. do I need to redirect anything to port 80, and is there a particular port I must use?
when I attempt to sign in to the web server over the public IP, it authenticates then gives me a 404. any ideas? sounds like it needs 80 as well as 443, but I’m not sure how to configure this. thanks I appreciate the help!
0
What is the best  way to block websites using Pfsense?
Pfsense has SquidgGuard , we attempted using that , but it does not work as expected ( Some websites do not get blocked , etc)

We are using the Blacklists ( Shalla-list) , but it does not seem to be working.

Is there any other package/app we should install ?
Or maybe the right way to configure this on the PFSENSE.


Best Regards,
0
Exploring SharePoint 2016
LVL 13
Exploring SharePoint 2016

Explore SharePoint 2016, the web-based, collaborative platform that integrates with Microsoft Office to provide intranets, secure document management, and collaboration so you can develop your online and offline capabilities.

Hello,
 I have two ASA 5525-X firewalls (in HA configuration) with Firepower. I'm asking for help on whether we'd be able to establish Traffic Shaping to guarantee bandwidth for FTP traffic.  We have a 1Gb connection recently added and would like to guarantee 900Mbs for FTP when needed, but allow other traffic to utilize the connection otherwise.
0
Trying to upgrade a server 2012 VM running in VMWare to be a BackUp Domain Controller.

Keep getting prerequisites failing due to ports 88,389,636,3268 and 3269 being in use.

Doing netstat -anpo TCP | findstr /i XXXX where XXXX = above port reports no processes apart from

TCP    0.0.0.0:88             0.0.0.0:0              LISTENING       4

Any ideas ?
0
Hi,

I'm in the process of moving my radius server used for authenticating VPN clients from my local network to Azure. I've migrated the IAS settings and added the new server in System -> Servers, but when I test the authentication against the server in Azure, I get this error:

"The following input errors were detected:
Authentication failed."

I can authenticate against the local radius server.

Setup:
OPNsense firewall
v. 18.7.10_4-amd64
IP address 172.16.12.2

Radius
Windows Server 2012 R2
IP address 10.100.10.11

I can't ping 10.100.10.11 from the firewall, so it must have something to do with the communication from the local firewall to Azure and maybe a missing firewall rule, but what am I missing in the process? Should I create a new server here VPN: OpenVPN: Servers with another IPv4 Tunnel Network pointing to the 10.100.11.x network? I'm also uncertain if it has something to do with certificates.

There is no problem communicating from my local machine and servers to the network in Azure.

Thanks in advance,
Ronnie
Firewall_rules_OpenVPN.JPG
VPN_OpenVPN_Servers.JPG
Firewall_Rules_WAN.JPG
0
Hello!

I need to "solve" a puzzle regarding network infrastructure , iptables and few services.

first things first.

Its a three-headed network , with CentOS as firewall through iptables in the middle.. That machine has 3 network cards

enp0s3 -> NAT 10.0.2.15
enp0s8 -> LAN 192.168.3.1
enp0s9 -> DMZ 192.168.103.1

There is Client1 192.168.3.2
There is a Server1 on 192.168.103.2 -> HTTP - FTP - SSH - Squid

The ruleset i'm struggling with how to achive.

Http and Https from the Lan network to go through firewall (Where iptables rules are located) go to the DMZ reach Squid , check for the ACLs within Squid service and if allowed go to the internet and retrieve HTTP back to the LAN network

Apparently is easier to do it if its only from 1 interface , but i cant make it work in my VM environment so way less implement it in the real network.
0
I'm stuck with the following problem : a remote computer is connected to our network via VPN, so the computer is on another subnet. I need to be able to open a remote desktop on a local windows 10 computer. If the firewall is disable, all ok, if the windows 10 firewall in on, can't connect. I'm pretty sure it's because the remote computer is on another subnet. I tried to open a remote desktop on a Windows 2008R2, and that work. So probably Windows 10 extra security is not letting a different address to connect.

What do I need to change in Windows 10's firewall ?
0
Dear Experts, I'm installing Snort in an Exchange server but got this fatal error when loading the snort.conf file.

Can you please check and suggest?  How can I fix this directory? Many thanks!

Capture.PNGsnort.conf
0
hello
i have captive portal that is work under pfsense
is there any software for windows and andriod can installed and authentece instead of web browsing like sohpos ?
thanks.
0
Hello everyone,


I have a Cisco ASA 5516 with two inside interfaces. One is for customer LAN and another is for a few branch offices connected via a router that is connected to the 2nd Inside interface (All those offices are in the same building connected by a FO backbone. Customer is going to replace an old ASA 5510 where almost the same config already works.  

LAN network is 192.168.0.0/24 connected to 1/3 on ASA

Branch Offices are connected to 192.168.2.0/24 connected to 1/4 on ASA
 
I want to be able to ping and have unrestricted traffic between them.

Currently I have a laptop connected to int 1/3 and another one connected to Int 1/4 but no ping.

Someone please help!

Here's the configuration

ASA Version 9.8(2)17
!
hostname ASAFCHFW
domain-name mydomain.com
enable password $sha512$5000$pt2nRGQbSXA8K3vdow+Ztg==$kGNfDJREqQCQ+jO7m0bxmQ== pbkdf2
names
no mac-address auto

!
interface GigabitEthernet1/1
nameif Outside
security-level 0
ip address x.x.x.131 255.255.255.240
!
interface GigabitEthernet1/2
nameif DMZ
security-level 10
ip address 172.16.31.1 255.255.255.240
!
interface GigabitEthernet1/3
nameif Inside
security-level 100
ip address 192.168.0.2 255.255.255.0
!
interface GigabitEthernet1/4
nameif Branch_Office
security-level 100
ip address 192.168.2.1 255.255.255.0
!
interface GigabitEthernet1/5
shutdown
no nameif
no security-level
no ip address
!
interface GigabitEthernet1/6
shutdown
no nameif
no …
0
Hi,

I have a bare metal server and a VPS in one of the well known UK data centres running CentOS 7.  The bare metal server runs some ERP software that is accessible via a web browser (using SSL of course) however there is still the occasional use of an old client-side application that uses the telnet protocol to talk to the ERP system/server as well as printing requirements - Linux to networked IP printers on the LAN.  

I would like to use a hardware firewall in offices with either a VPN gateway running in the cloud or perhaps on the bare metal server running CentOS7.

Can anyone please advise me on the best way of achieving this?

Thanks
0
JavaScript Best Practices
LVL 13
JavaScript Best Practices

Save hours in development time and avoid common mistakes by learning the best practices to use for JavaScript.

How do I set port forwarding to connect my exchange server with the public ip of my mail.domain?

Do I need Routing and Remote Access Service (RRAS)  If so do I put it on a DC01, DC02, Gate, Exchange or create a new Server to put it on?
0
My attempts to build iptables rules are failing and I need some help.

I have two external IP addresses (27.92.104.166, 27.92.104.164 - not the real ip addresses...) that will send traffic on tcp port 30505 to my network on its external interface (28.29.28.72 - also not real) which needs to be forwarded to an internal server (10.17.2.9 listening on port 8080).

I started with a simple INPUT rule

iptables --append INPUT --match tcp --protocol tcp --src 27.92.104.166 --sport 30505 --dst 10.17.2.9 --dport 8080 --jump ACCEPT
iptables --append INPUT --match tcp --protocol tcp --src 27.92.104.164 --sport 30505 --dst 10.17.2.9 --dport 8080 --jump ACCEPT

Open in new window


But this is not enough since I also need some kind of FORWARD rule and perhaps a PREROUTING rule, and NAT may play some kind of part in this as well.  There are tons of sites out there with examples that do not match my case so I am floundering in the dark.

I am trying to learn iptables as quickly as I can but can someone point me in the right direction on this particular case?

Many thanks!
0
Is there an IP address block list manager for the latest versions of OS X similar to Peer Block or Peer Guardian?  I need the ability to block communication between my Mac and thousands of IP addresses without slowing things down.  The block list manager should be able to import a list containing hundreds of thousands of IP addresses in a common format and prevent incoming and outgoing communication between the Mac and IP addresses in the list.
0
Adding a 2016 Web Application Proxy into DMZ.

Question is I already have 2 x 2012 WAPs in a cluster. For the new 2016 WAP I just want 1 x pass through http and https proxy for an internal web server. Now The question is - I understand that WAP must install adfs when its installed (even though i don't need any authentication) - Will the 2016 WAP automatically join the current 2012 cluster. Will it cause any issues? Or can I have it stand alone outside the  current cluster ?

The reason I want a new 2016 WAP is the native http to https redirection. Thanks
0
I am working on making a website hosted on a local server only accessible by domain admins. The host name is http://<servername>:8080. I have tried creating different windows firewall rules  with the action set if the connection is secure. Tried by group, username, or computer but anytime I have that rule set it to "secure" it is blocked by the firewall.


Is this because the website its is http? Any other methods I can try?

windows server 2012 R2
0
Windows Server Firewall Rule to allow 1 local LAN IP and 1 Remote WAN IP RD into server on a particular port

I wish to allow a LAN IP user into the server, and a remote user into the server. Have created the rule on the required
port but as soon as I populate the allowed remote IP address in scope options all LAN users are blocked. If I enter a
value in allowed LAN users - remote IP's are blocked.

Only works if both local and remote are set to allow any.

I previoulsy entered similar question and was told to do using powershell but could not work it out .
0

Software Firewalls

19K

Solutions

20K

Contributors

Software firewalls, also known as host-based firewalls, provide a layer of software on one host that controls network traffic in and out of that single machine. Most operating systems now include firewall software, but many available software firewalls include central distribution, antivirus systems and disaster recovery.

Top Experts In
Software Firewalls
<
Monthly
>