Page 2 of 3 FirstFirst 123 LastLast
Results 11 to 20 of 29
  1. #11
    Newbie
    Join Date
    Dec 2008
    Posts
    12

    Default

    I do not know how to alter the IPTables. The UT is setup in router mode.

    I have setup about 8 UTs, so I am fairly confident, I did not screw up the installation.

    What do you mean by "paving it" ?

  2. #12
    Untangle Ninja sky-knight's Avatar
    Join Date
    Apr 2008
    Location
    Phoenix, AZ
    Posts
    26,510

    Default

    I mean if you have TCP 80 exposed on "External" and you didn't configure it, and it's in router mode. Your installation is hosed, and it needs replaced.
    Rob Sandling, BS:SWE, MCP
    NexgenAppliances.com
    Phone: 866-794-8879 x201
    Email: support@nexgenappliances.com

  3. #13
    Untangle Ninja mrunkel's Avatar
    Join Date
    Jul 2008
    Posts
    3,022

    Default

    I would posit that you have three interfaces and your DMZ is bridged to your external and you've got the cables for those two ports swapped.

    There is no way you're getting these readings on a default Untangle that is properly installed.

    Unplug your external. Go to Config->Networking and verify that the light for the external is off.
    m.
    <BR>
    Big Frickin Disclaimer:
    While I'm pretty sure, I can't guarantee that I know what I'm doing. There might be a better way to do this, and this way might actually suck. Make sure you understand the implications of what you're doing before trying to follow these directions.
    <BR>It often helps troubleshooting if you have a good network map. Look <A HREF="http://forums.untangle.com/tip-day/5407-how-draw-network-diagram.html">here</A> if you want my advice on how to draw one. <BR> <B>Attention: Support and help on the Untangle Forums is provided by volunteers and community members like yourself.
    If you need Untangle support please call or email support@untangle.com<B>

  4. #14
    Newbie
    Join Date
    Dec 2008
    Posts
    12

    Default

    There are only two NICS.

    I can not check the cables now but I will check it tomorrow.

  5. #15
    Newbie
    Join Date
    Dec 2008
    Posts
    12

    Default

    I checked my UT box today. Cables were correct. I did the following:

    1) I set TraceEnable OFF

    2) a2dismod autoindex
    /etc/init.d/apache2 restart

    SkyKnight mentioned Exchange. The terminal server is running Win2K3 R2 with only terminal server running. There is another Win2k3 SBE server running but the exhange is not running. I am going to check if RDP over proxy was being used on the 2nd server.

    I have run another scan. I will find out if the above changes worked. Thanks for the suggestion about RDP over proxy. I am going to check and see if it is running.

  6. #16
    Untangle Junkie dmorris's Avatar
    Join Date
    Nov 2006
    Location
    San Carlos, CA
    Posts
    17,486

    Default

    Quote Originally Posted by dsolutions1 View Post
    I am using all default settings. I am only forwarding RDP to a terminal server and allowing DNS.

    I was considering just blocking the ports they are saying are open:
    1) TCP 64156 - web server autoindex - enabled
    2) TCP:389 - Is Your LDAP Secure?
    3) TCP:80 - Is there a way to force https ONLY either from external or internet NIC
    4) It says the HTTP trace/track methods are allowed - I suppose I need to disable this
    5) TCP:64156 Apache ETag Heder Discloses Inode Numbers
    6) TCP/IP Sequence Prediction Blind Reset Spoofing DoS

    Before performed all of this, I wanted to make sure the Untangle gurus had a look.
    Those certainly aren't the default settings...

    What is your setting for "Block all local traffic" in config->networking->advanced->bypass rules?

    Even if he had his interfaces all plugged in backwards and upside down the slapd server wouldn't be visible on any interfaces.
    Attention: Support and help on the Untangle Forums is provided by volunteers and community members like yourself.
    If you need Untangle support please call or email support@untangle.com

  7. #17
    Newbie
    Join Date
    Dec 2008
    Posts
    12

    Default

    "Block All Local Traffic" is NOT checked

  8. #18
    Untangle Junkie dmorris's Avatar
    Join Date
    Nov 2006
    Location
    San Carlos, CA
    Posts
    17,486

    Default

    Quote Originally Posted by dsolutions1 View Post
    "Block All Local Traffic" is NOT checked
    So what you meant was that you have the default settings except the ones that you've changed to something other than the default.

    I would set that setting back to the default.
    If you are unsure what settings you've changed, I would reinstall.
    Attention: Support and help on the Untangle Forums is provided by volunteers and community members like yourself.
    If you need Untangle support please call or email support@untangle.com

  9. #19
    Untangle Ninja sky-knight's Avatar
    Join Date
    Apr 2008
    Location
    Phoenix, AZ
    Posts
    26,510

    Default

    Quote Originally Posted by dsolutions1 View Post
    "Block All Local Traffic" is NOT checked
    Ding, ding, ding, we have a winner!

    The Packet filter is advanced for a reason. Please play responsibly. Dirk's response above this needs a +10.
    Rob Sandling, BS:SWE, MCP
    NexgenAppliances.com
    Phone: 866-794-8879 x201
    Email: support@nexgenappliances.com

  10. #20
    Untangler
    Join Date
    Feb 2011
    Posts
    69

    Default

    Quote Originally Posted by sky-knight View Post
    I mean if you have TCP 80 exposed on "External" and you didn't configure it, and it's in router mode. Your installation is hosed, and it needs replaced.
    Can you explain this in lame mans terms ? I have port 80 unblocked from my network service provider, my servers require port 80 open
    Last edited by untangleme; 10-06-2011 at 04:05 AM.

Page 2 of 3 FirstFirst 123 LastLast

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

SEO by vBSEO 3.6.0 PL2