Expiring Today—Celebrate National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x

Software Firewalls

19K

Solutions

19K

Contributors

Software firewalls, also known as host-based firewalls, provide a layer of software on one host that controls network traffic in and out of that single machine. Most operating systems now include firewall software, but many available software firewalls include central distribution, antivirus systems and disaster recovery.

Share tech news, updates, or what's on your mind.

Sign up to Post

I am interested in installing Sophos XG firewall home edition on a PC. the following link has been given to me by Sophos as a link for the free download.

Link for Sophos XG firewall home Edition

I am somewhat nervous however as the site issues a warning to the effect that any existing operating system will be erased when installing the product. I understand this bit I am not sure what will happen if I click the Get Started button on the Sophos web site.
I would hope that an image file would be downloaded that I could burn to a CD/DVD and then use to install the product on a PC with no OS on it.
I wish to be assured that clicking on the Get Started button won't result in the XG firewall being installed on my PC and wiping out the my PC.
0
Introducing the WatchGuard 420 Access Point
Introducing the WatchGuard 420 Access Point

WatchGuard's newest access point includes an 802.11ac Wave 2 chipset, providing the fastest speeds for VoIP, video and music streaming, and large data file transfers. Additionally, enjoy the benefits of strong security as the 3rd radio delivers dedicated WIPS protection!

I've got a 5545x that I'm configuring for remote access VPN.  I've done a few 5506's but this is my first 5545.

I initially started with AnyConnect. I could get the client connected, but I couldn't get a ping response.  The client statistics showed control data was being exchanged.  Client data was being sent, but not received.

I wiped and reconfigured and got the exact same results.   Then I tried configuring IPSec for the legacy VPN Client because I can always get that to work. :-)

Exact same results.  Client connects fine but no data.  "show cry ipsec sa" shows pkts decap are increasing but pkts encaps are not.  

I figure that I'm just missing something and I've been looking at it for so long that I'm just not seeing it. Hoping someone can look at this and see a typo or a missing statement that I'm missing.

I've stripped out all the non-essentials and sanitized the output.  If I got overzealous with the stripping and cleaning, let me know and I'll repost.

Thanks.

Don

P.S.  I've added a bunch of... junk that I don't usually have while throwing things at this to see if something sticks.


ip local pool RA_VPN_POOL 192.168.255.1-192.168.255.62 mask 255.255.255.192
ip local pool AnyConnect_VPN_Pool 192.168.255.129-192.168.255.254 mask 255.255.255.192
!
object network VPN-Nets
 subnet 192.168.255.0 255.255.255.0
!
object-group network Inside-Networks
  network-object 10.10.0.0 255.255.0.0
 network-object 192.168.0.0 255.255.0.0
!

Open in new window

0
I have a user that is abusing their privileges and would like to block services internally. A user wished to have the Dish Network application installed on their laptop to use while traveling. There has been reports that the use was using the application in the office while on the network. I wish to block services to this application while on the internal network. I currently have Palo Alto firewalls on the network. How do i block this service from my internal network?
0
Dear, we have a public server. how can we block remote desktop service to its public IP address? and allow only to its local IP?

I tried in Firewall advance setting, set the scope, but did not help.
0
I am new to PA firewalls and wonder what's other's opinions compare to Ciscos please.  I heard they are user-friendly but security guys hate them.  They can be very pricey as well.
Thanks in advance!
0
Hi Team,
 
            I need a data tracker software free tool.I want to find which IP address/machine/user use upload/download amount of data.
I need a software tool for this monitoring.So can you please suggest me best tool free version.
0
Inherited computers from another IT company that have Trend Micro Security Agent installed on them without the uninstall password, does anyone know how to go about changing the password to uninstall. It's causing network issues.
0
I am running ubuntu 14, using the built in FTP server.
When I try to connect to it, it connects, but I get this error below

Status:      Connection established, waiting for welcome message...
Status:      Logged in
Status:      Retrieving directory listing...
Status:      Server sent passive reply with unroutable address. Using server address instead.
Command:      LIST
Error:      Connection timed out after 20 seconds of inactivity
Error:      Failed to retrieve directory listing

Yes, I know I can change the setting in filezilla to active mode and then it would work, but that does not solve my problem.  I have a computer running a script FTP'ing files to my linux box, and it stopped working.
The only thing I did yesterday is disable and enable the firewall on the linux box, and it almot seems since then, it stopped working.

I'm thinking the problem is on the linux box?
0
I am using Linux, trying to connect to my ftp server using service-U in a remote data center.  I have an always on vpn connection to the data center. From a windows box, I can ftp just file to the server,  it from the Linux box, I keep on getting this error message.


First it says:
Connected to 10.2.x.x
421, service not available, remote server has closed connection

So I looked at the logs on my ftp connection and I didnt see any connection attempt.

Is this a Linux issue or my firewall, I'm thinking it's my firewall.
0
Hello Team,

I used to have my vpn tunnels using sonicwall to sonicwall. Some of my remote offices are hiding behind a natted static public ip address and the wan interface of the sonicwall has a private ip address assigned. When using sonicwall to sonicwall a public vpn tunnel can still be accomplished in this scenario when specifying the PEER IKE IP (private ip of the wan interface) on the sonicwall on the other site along with the public ip. This is refereed to as NAT Traversal.

Now we're moving to Checkpoint in our primary site where all our remote offices connect to, so we need to have a checkpoint to sonicwall VPN and so far it works fine except on the sites that are using NAT Traversal. How can we apply this same PEER IKE IP concept in the checkpoint connecting to the sonicwall with a private ip address in the WAN interface.

Thank you.
0
2017 Webroot Threat Report
2017 Webroot Threat Report

MSPs: Get the facts you need to protect your clients.
The 2017 Webroot Threat Report provides a uniquely insightful global view into the analysis and discoveries made by the Webroot® Threat Intelligence Platform to provide insights on key trends and risks as seen by our users.

Been trying to upgrade the ios on ASA 5525s from 8.6 to 9.44. To do so there is first the need to upgrade to 9.04 and than to 9.44 but when the upgade to 9.0 was done a lot of config on the asa went missing; including nat rules, object network and access list entries etc. Any ideas why it happened.

Kind regards
0
Hi,

forgot windows 10  laptop password on old laptop to get into laptop. How do i reset or get into this old laptop. please advise
0
Hi,

I really need a help and guidance on how to go about setting up a wifi hotspot at our Cafe. We have regular customers which comes every morning to have cup of coffee and little snack. Normally, customers comes while they have their coffee for about 10 to 20 minutes and then go.

I would like to offer a Free Wifi to all my customers who comes to my cafe for coffee for 10 or 20 minutes.

I should be able to print out a wifi voucher which they can use to access the internet on their mobile phones or laptop. But usually it'll be just a mobile phone. The internet will be stricted ONLY to checking emails online and or Facebook - nothing else. It should not allow them to download softwares, torrents, since we dont have unlimited data to our ISP.

Remember, that after 20 minutes, the voucher should die out. And it can only works to one mobile phone.

Anyway's that is the plan and i hope i can get answers on how to proceed and going forward.

Thank you and i look forward to comments.

Kindest,
Bakaka
0
I've been asked to turn on logging for code ASA-6-302014.  According to Cisco it's the Teardown TCP connection.
I have logging enabled and have set notifications  for syslog ID 302014.  I can't seem to get ASA-6-302014 to show in my log files, but I get ASA-5-302014.  Is this the same thing?

Our ASA is a 5520 8.2(1) 

Thanks,

Eric
0
In Palo Alto Networks there is a test sec policy command that will let me know whether the traffic from source A to dest B for port C will pass or be denied. i.e. test sec policy 10.10.10.100 to 10.10.20.100:80 ALLOW (or DENY). Is there a similar function within VMWare NSX?
0
Hello,

If I have ASA active/standy and I want to upgrade the iOS version on the primary, do I need to also upgraded on the standby or will it do it on its own.
0
hi ASA 9.1 (4)

make an audio call through ASA - weird on rare occasion i can hear audio. - then same call majority of times no audio.
the call is made from tablet inside lan  to phone on inside on LAN- it goes out ASA through to internet and back in through asa.
sip and h323 and skinny inspect ON. - Ive tried turning off makes no difference.

ports for audio open  8500-8598 UDP - how can it be a port issue if it works on occasion? unless some dynamic port happening?
is it something to do with NAT ?

thanks
0
Hello - we upgraded from a 5510 ASA to a 5516 recently.  On our old 5510, the home page of the ASA would present the ASDM tool.  the 5516 does not do this.  After spending an hour reading the Getting Started guide and online, I find lots of information about how the ASDM works - but hardly any help on how to actually launch the tool.  Need some help from the experts.  thanks
0
Hi Experts,

I am currently looking for a managed, software or hardware firewall option for a business grade internet connection and WAN. I don't know much about firewalls beyond what is available on your average home computer and I am a little unsure where to start.

Please can you tell me your thoughts on what is best for a business.

If I were to purchase a unit, is this something that can easily be learned, administered and managed in house or is this something that requires a real specialist?
Should I use a software, hardware firewall, or a managed offering?
What sort of costs can I expect for a reasonable solution?
What should I look out for?

Any expert advise would be most appreciated.

Thank you

Jim
0
Free Tool: Subnet Calculator
LVL 10
Free Tool: Subnet Calculator

The subnet calculator helps you design networks by taking an IP address and network mask and returning information such as network, broadcast address, and host range.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

Is there a way to block an entire folder including the .exe everything inside a folder from connecting to the internet? If Windows 10's Firewall can't is there another Firewall that can?
0
I have been seeing quite a bit of traffic attempts from a specific ip address to access the above described firewall
how can I block this specific ip address without just blocking all?
0
Hi, we are preparing the rules for Zone-based Policy Firewall on Router c3925, however we need to confirm which traffic usually pass through a router, so that the rule will not block/allow any useful/bad traffic. So can we have a method to see it?

Is there a way other than: "show ip cache flow", "sh ip traffic" ?  

Many thanks in advance,
0
Hi, we are having Router Cisco 3925 between LAN and WAN, however it seems like the money is required for AnyConnect VPN on Cisco 3925. We found that pfSense (Free) can be deployed to serve VPN connections however we need to understand its pros and cons.
-So can anyone explain please?
-Should we deploy it or purchase license for AnyConnect?
-Do you know any free Cisco VPN solution that we can configure inside our C3925?

Our priority is:
- Compatible with current environment with minimum impacts to about 400 users
- Easy to configure and troubleshoot
- Price  

Many thanks in advance,
0
I have a new customer the VPN going straight to the customer was working fine with Comcast crappy router, I install a pfsense and created a rule under nat for VPN, setup server with a static IP etc. somehow this does not work. any help greatly appreciated
0
hi I need some assistance setting up the wan on a new pfsense appliance, I followed the instructions somehow I still can't browse.
how do I setup the wan on this, most tutorials show an older version of pfsense and honestly I'm a total noob on pfsense.
0

Software Firewalls

19K

Solutions

19K

Contributors

Software firewalls, also known as host-based firewalls, provide a layer of software on one host that controls network traffic in and out of that single machine. Most operating systems now include firewall software, but many available software firewalls include central distribution, antivirus systems and disaster recovery.