FW: Question regarding endian firewall

classic Classic list List threaded Threaded
2 messages Options
Reply | Threaded
Open this post in threaded view
|

FW: Question regarding endian firewall

Prabhjot Singh Teharia

 

Hi Everyone,

 

I am facing a problem in my network which is as follows:

 

1.       we are using endian firewall 2.5.0 in our office.

 

2.       Internet is given to green zone all using proxy. HTTP PROXY >>> Not Transparent (Green Zone)

 

 

We are also using another juniper firewall in our network. All computers are using Juniper as their default gateway address.

Problem is if any person having IP within Green Zone set endian firewall as its default gateway then gets full access of internet. (having admin rights)

 

For example:

 

IP configuration of a computer:

 

Juniper Firewall: 192.168.0.1

 

Endian Firewall: 192.168.0.2

 

Basic computer IP Config:                                                                           

IP address: 192.168.0.100

Subnet mask: 255.255.255.0

Gateway: 192.168.0.1 (Juniper)

 

Altered IP Config:

IP address: 192.168.0.100

Subnet mask: 255.255.255.0

Gateway: 192.168.0.2 (Endian)

 

ANY SOLUTION TO THIS PROBLEM?

 

Till now I tried to disable few outgoing firewall rules as below:

 

Tried disabling http (80) and https (443) traffic outgoing firewall rules but nothing happened.

 

Unfortunately I don’t have good command in Linux.

 

Any Help will be greatly appreciated.

 

Thanks in advance.

 

 

Regards,

 

Prabhjot Singh Teharia  |  Network Administrator  |  Ext.: 1133

 


------------------------------------------------------------------------------
Transform Data into Opportunity.
Accelerate data analysis in your applications with
Intel Data Analytics Acceleration Library.
Click to learn more.
http://pubads.g.doubleclick.net/gampad/clk?id=278785231&iu=/4140
_______________________________________________
Efw-user mailing list
[hidden email]
https://lists.sourceforge.net/lists/listinfo/efw-user
Reply | Threaded
Open this post in threaded view
|

Re: FW: Question regarding endian firewall

Zola-3
Hi, 

Probably an other rule allow connection to these ports.
Can you post all outgoing firewall rules?

But if you want force this block, but this block all connection!  simply add:
source: GREEN  target: RED   service: <ANY>  Action: DENY


2016-03-15 5:52 GMT+01:00 Prabhjot Singh Teharia <[hidden email]>:



------------------------------------------------------------------------------
Transform Data into Opportunity.
Accelerate data analysis in your applications with
Intel Data Analytics Acceleration Library.
Click to learn more.
http://pubads.g.doubleclick.net/gampad/clk?id=278785231&iu=/4140
_______________________________________________
Efw-user mailing list
[hidden email]
https://lists.sourceforge.net/lists/listinfo/efw-user