Cyberoam CR15wi - FTP Responses Getting Blocked By Firewall
Jan 26, 2012
We have a Cyberoam CR15wi hardware firewall at my company and it seems to be interfering with FTP to our website. I won't go into precise details but Filezilla, Dreamweaver 5.5, and GoLive CS's FTP utilities all will put a file up onto our web hosting company's server then indicate that the server didn't send a response so it assumes the file never got there. The file does in fact get uploaded intact though so it seems the server's response itself is the thing that's getting blocked. This problem occured with two different web hosts and FTP works perfectly with the same software and same FTP settings from my home connection so it's definitely us.
My college uses cyberoam for all network security. On windows i can successfully log into my account without any problem. But when I do the same on ubuntu(tried on various versions but failed!), the client returns "You are not allowed to login from this machine." I did the same thing as the instructions from the website said, but failed.
i created a blockyoutube policy , when someone types youtube.com, system tells him he cannot access the website. But when a client types https:// he gains normal access .
I have recently installed a new Cisco SG 300-10 switch--running in layer 3 mode--to function as a basic router for a new subnet installed at one of my company sites. When we attempt to ping devices on the 15.120.204.0 subnet from the 230.20.1.0 subnet, each device gives 2 responses and then times out continuously after that. If we wait long enough (thus far, an undetermined period of time) and reattempt to ping the same devices, the same thing occurs. Otherwise, we get nothing but timeouts. This occurs regardless of where we connect in the 230.20.1.0 subnet including VLAN1 on the SG 300-10. However, if we connect into VLAN 2 on the switch and assign a static IP, those same devices respond continuously. I was thinking that this must be a security setting of some kind but I'm unable to locate anything in the SG 300-10 that would appear to cause this.
After some wireshark, I see that when I have a vLan on the switch, only win7 gets IP, my macbook doesn't, sniffing to the bootp, I see that the DHCP sends NAK and after I only have DISCOVER & OFFER...
When I get the same switch and the same router and take out the vLan on the switch, everybody get an IP. What's the deal with this switch and vLans and Mac OS x ? Do I have to setup something else ?
i've had my netgear wireless router for about a year now.i went to facebook and i recieved a message on a red and black screen t hat said this site has been blocked by netgear fire wall. i've never changed any of my setting since i got this router so i'm not sure why all of a sudden certain sites have been blocked.. i've tried logging into my account to try to change my settings using my default username and password but it keeps saying that i dont have access.
The schools network has blocked facebook and stuff like that.Now ,i tried with UltraSurf and Tor,but it's still not working.How can i get passed the firewall?
I'm trying to get a Curl Response from an outside server, however I noticed I cant neither PING the server in question nor connect to it.I tried disabling the iptables firewall but I had no success.My server is running behind a Cisco Linksys WRTN310N Router with the DD-wrt firmware Installed. In which I already disabled the firewall.
Here are my network settings:
Ifconfig eth0 Link encap:Ethernet HWaddr 00:26:b9:76:73:6b inet addr:192.168.1.120 Bcast:192.168.1.255 Mask:255.255.255.0 inet6 addr: fe80::226:b9ff:fe76:736b/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
[code]......
This gets an empty result array. This function however works well in the previous server where the script was hosted before. No modifications where made whatsoever
I keep getting an error when trying to use the Microsoft Link layer Topology discovery. It claims there the is either network delays or an incompatible router on the network.
Actual error:
"Responses from other devices on the network are delayed or there is an incompatible router on the network"
I have 2 RV042 routers, one for each of our network connections. So I am assuming this is the source of the error.
I've been trying to open ports 5800 and 5900 for UltraVNC and checking them with online port checkers, but they are always listed as closed. I've even tried taking town windows firewall, my router firewall (although as soon as I disable and apply, it automatically switches back to enabled again), and also DMZ'ing my router. I wonder if it might have something to do with my new modem, but in the config page for that, the advanced settings are locked out. the modem is an arris TM722G, and the router is a linksys wrt-54G with DDWRT firmware.
I'm running windows 7 x64 and using a static local IP, I want to be able to use DynDNS to connect to UltraVNC.
We are trying to get Teamviewer to work on our WAN, from the log traffic from the PC's to our Cisco IronPort Web Filter it looks like the ASA Firewall is blocking the traffic. We have opened everything we can open on our Cisco IronPort Web Filter and I have a Cisco TAC case open and they said it appears the ASA Firewall must be blocking the traffic.
i'm triyng to establish a vpn ipsec tunnel between my cisco2801 and a cyberoam equipment, at the end point.Debugging isakmp, i have this output, where xxx.xxx.xxx.xxx is the remote peer address, and yyy.yyy.yyy.yyy is mine.What can i try?
Apr 1 14:48:12.542: ISAKMP:(0): SA request profile is (NULL)Apr 1 14:48:12.542: ISAKMP: Created a peer struct for xxx.xxx.xxx.xxx, peer port 500Apr 1 14:48:12.542: ISAKMP: New peer created peer = 0x661C2D4C peer_handle = 0x80000003Apr 1 14:48:12.542: ISAKMP: Locking peer struct 0x661C2D4C, refcount 1 for isakmp_initiatorApr 1 14:48:12.542: ISAKMP: local port 500, remote port 500Apr 1 14:48:12.542: ISAKMP: set new node 0 to QM_IDLE Apr 1 14:48:12.542: insert sa successfully sa = 66DF4F5CApr 1 14:48:12.542: ISAKMP:(0):Can not start Aggressive mode, trying Main mode.Apr 1 14:48:12.542: ISAKMP:(0):found peer pre-shared key matching xxx.xxx.xxx.xxxApr 1 14:48:12.542: ISAKMP:(0): constructed NAT-T vendor-07 IDApr
We use SecurityMetrics as our vendor for PCI compliance scanning. Of all our servers, only the video server fails their scan, and this is their result: "This scan is inconclusive. Though your server had open ports, we were unable to connect to any of them successfully. There is a high probability that some type of firewall or scan-detection software is blocking us from accurately scanning your server. Please configure any firewall or software that would interfere with our scans to allow all traffic from SecurityMetrics" Our streaming video server is our only public-facing server that has port tcp/udp 1755 open (for the mms protocol). All our other servers behind this firewall pass the test, but they only have standard email and http ports open. I am assuming that their scan of port 1755 triggers some sort of threat detection on the ASA. (I have "Basic Threat Detection" enabled only.)
We have an ASA 5520 in HA. (version 8.X upgraded to 9.1 (1))We used Wizzard to configure VPN clientless and portal. Also, configured manually we have the same issue: We can access to the portal using IP address of Lan interface but not with outsides (2 ISP). The clientless VPN is enable on the public interface and no packets rejected in logs.We try to modify the Crypto map created by default to replace "any" to "any" by "any" to "our public IP" (We see that is recommended by Cisco) It works for 10 minutes.(strange..) but after 10 minutes the active member crashs.. only a reboot with previous configuration was good.We try to investigate but each time we modify Crypto maps, the firewall is going bad.
I have an ASA5510 with 8.3 and a Cisco PIX525 (retiring). The ASA was for VPN traffic only while the PIX was for all other Internet traffic. I'm trying to move all the traffic to the ASA5510 so I used the PIX to ASA migration tool. I migrated the PIX rules over to the ASA5510, however we can't receive email and there is no external access to our internal websites. But the VPN connections remain intact and internal users can get out to the internet.
When I run Packet Tracer on my outside (incoming rules) the packets are dropped at the inside interface. What am I missing?
I've just bought a ASA 5505 to project my LAN. I've already use Cisco router in the past but it's the first time with ASA line.Everythings work except one major point, the return traffic is blocked by the system… I don't really understand how the zone based firewall is supposed to work but it seems OK by default, my LAN side is allowed to talk with the Internet but Internet is not allowed to directly call my LAN. The NAT is setup to use the IP of my outside interface.When I try to ping a public server, the ASA debug log show me that the communication can go out the network, with the good translation, then go back to the ASA from the public server and here, the ASA block it because the communication is not allowed.I've only found two workaround:
-allow inside trafic with static rules, and I say NO ;
-disable the zone based feature by settings all zone to the 0 level…
How I'm supposed to make my state-full firewall work with zone based feature?
Each of these has Windows 7, Avast! Anti-VirusToday I was working on a website on PC#1. When I attempted to upload the files via FTP, the connection failed repeatedly. When I went onto PC#2 it worked first time.I also tried to launch World of Warcraft on PC#1, this failed. It worked first time on PC#2.Websites work fine, so port 80 appears to be okay.I have reset my router to factory settings. ipconfig /release /renear /flushdns all made no difference.
My Company Website IP Gets blocked on my Internet Connection and i have to disconnect and Reconnect to the ISP to solve the problem, all other sites work fine only my website address gets blocked, we use emails of our company site and this may be the reason, but i cant fix the issue
setup a web server at home but just found out yesterday that my ISP is blocking port 80 on my network and they won't open it unless i upgrade my internet service... which i am not sure if there is any other way get this solved. If I port forward my site at my web server to (let say) 85, when someone type [URL] (with 80 by default), will it be somewhat in the cloud or some server to NAT 80 to 85 at my site? In short, can one type [URL] instead of [URL] ?
I have seen several cases where ISP's block traffic on both UDP and TCP ports 135-139 even in core firewalls. Port 135 should be Microsoft EPMAP service and ports 136-139 should be NetBIOS services. However, why do ISP's sometimes block traffic on those ports?
My internet provider have blocked a website. I know there is a way to bypass the block and go to the website, without using websites such as Hide My ***! Free Proxy and Privacy Tools - Surf The Web Anonymously.
For some time, I cannot access some websites. It gives me a 401 the web site is blocked by the administrator. I use a d-link router and my brother is the administrator. He told me he hasn't blocked anything. We tried to reset the router but it still gives me the 401 problem.I think it isn't a router problem. I have tried using my laptop and tried to access some sites. It still gives me the error so i dont think it's a computer related problem. I have tried to ping it. It still doesn't work. I have also tried to erase all the cookies and cache. The problem is still there. How can I fix this? My operating system is Windows XP Professional version 2002 service pack 2.
For several days, I have not been able to access any Wordpress.com websites and my blog is located on Wordpress. I can access every other website on the internet. I live in Nicaragua and my ISP is Intel. Everyone else can access my blog, however I am blocked from all wordpress.com sites. I can access my blog through a free proxy service, so I know my blog has been blocked. If I change my IP by paying for a proxy service?
I have a brother who frequently blocks my internet access, and he does it while maintaining his own connection so he's not unplugging the router or anything. He also blocks it from his own computer, meaning he doesn't take out my wireless card or anything like that. I was wondering how to counter this and get my internet back whenever he blocks it, or prevent it.
I have a home server running CentOS 5 and is accessible over SSH (port 22).When I am at work I am behind a firewall that blocks all ports except the ones needed. So port 22 is blocked to the outside world.Is there a way for me to get an SSH connection to my server? (ie: SSH tunneling or so?)by the way, websites with advanced web based SSH javascript(s) such as serFISH are blocked as well.