I wish to heavily restrict the client traffic to the wingate machine and to the internet. I am trialling wingate having moved from a competitior product, and with that product it was easy.
In the ENS I have set the deafult action for udp/tcp traffic for both lan to wingate, and lan to internet as deny. then allowed only specific traffic such as HTTP (port 80). However things seems to still get through, such as FTP and secure HTTP, am I doing something wrong, and can I actually do this ?
blocking client traffic to the wingate machine/internet
Moderator: Qbik Staff
2 posts
• Page 1 of 1
blocking client traffic to the wingate machine/internet
by phil_uk » Jun 07 05 1:43 pm
- phil_uk
- Posts: 4
- Joined: Jun 07 05 1:25 pm
by MattP » Jun 08 05 12:19 pm
Hi Phil,
If you have the FTP service bound to an internal adapter then it will create a hole in the firewall for itself, this will therefore continue to allow traffic on port 21 even though you've changed the default action to deny. So you can remove the bindings from the FTP proxy to stop this from happening.
If you are making a connection to the WWW proxy server in WinGate then this may be allowing the secure and FTP connections as this proxy will handle both types of requests.
You should be able to see what kind of connections are being made by looking in the activity or history screens. If it turns out that the WWW proxy is making the connections then you can create policies in the WWW proxy to further restrict this.
For example, to block FTP requests through the WWW proxy service:
Open the WWW proxy service
Choose policies
Change default rights to "are ignored"
Click Add
Select Everyone (or the relevant user/group)
Choose the advanced tab
Select "specify which requests this recipient has rights for"
Click Add filter
Click Add criterion
Select "this criterion is NOT met if"
Session description
Contains
ftp
Ok your way out and attempt an FTP connection from your web browser, it should be denied.
If you have the FTP service bound to an internal adapter then it will create a hole in the firewall for itself, this will therefore continue to allow traffic on port 21 even though you've changed the default action to deny. So you can remove the bindings from the FTP proxy to stop this from happening.
If you are making a connection to the WWW proxy server in WinGate then this may be allowing the secure and FTP connections as this proxy will handle both types of requests.
You should be able to see what kind of connections are being made by looking in the activity or history screens. If it turns out that the WWW proxy is making the connections then you can create policies in the WWW proxy to further restrict this.
For example, to block FTP requests through the WWW proxy service:
Open the WWW proxy service
Choose policies
Change default rights to "are ignored"
Click Add
Select Everyone (or the relevant user/group)
Choose the advanced tab
Select "specify which requests this recipient has rights for"
Click Add filter
Click Add criterion
Select "this criterion is NOT met if"
Session description
Contains
ftp
Ok your way out and attempt an FTP connection from your web browser, it should be denied.
- MattP
- Qbik Staff
- Posts: 991
- Joined: Sep 08 03 4:30 pm
2 posts
• Page 1 of 1
Who is online
Users browsing this forum: No registered users and 1 guest