Page 2 of 2 FirstFirst 12
Results 11 to 16 of 16
  1. #11
    Untangle Ninja Jim.Alles's Avatar
    Join Date
    Jul 2008
    Location
    Central PA
    Posts
    2,605

    Default

    show us some sessions.

    The goal is to see what is bypassed.

    If the cameras are, then it is no longer a mystery to me why they are not being reported.
    Your firewall rules wouldn't be doing anything, either.
    If you think I got Grumpy

  2. #12
    Untangler
    Join Date
    Aug 2018
    Posts
    48

    Default

    Jim, I greatly appreciate your help , but I do not fully understand what you are asking now.

    I have indeed two bypass rules for the CAM traffic to/from my main network (to avoid application processing of a large continuous datastream). But only between CAMnet and Netwerk. No other bypassrules.
    (And for what it is worth: my NAS in "Network" connects to the IPCams in "CAMnet", not the other way around.
    So any outbound traffic to other subnets from CAMnet should be blocked with the filterrules)

    Bypassrules.JPG

    And in the firewall reports I can see multiple blocked 'phone home' entries from the IP cams.
    FirewallBlocks.JPG


    And I also can confirm that the IPcams do reach Internet for their timesync on port 123 so the allow rule also works.

    allowtimesync.JPG

    So as far as I can see data is flowing through Untangle for timesyncs, other sessions towards internet are being blocked with firewall rules and a large datastream is flowing continiously from CAMnet to Netwerk without being processed.

    Hope this helps in clarifying why my IPCAM hosts do not show up in the dashboard/are being marked 'inactive'.
    Thanks!

  3. #13
    Untangle Ninja Jim.Alles's Avatar
    Join Date
    Jul 2008
    Location
    Central PA
    Posts
    2,605

    Default

    I have indeed two bypass rules for the CAM traffic to/from my main network (to avoid application processing of a large continuous datastream).
    And, bypass avoids processing by reports (an application)
    The firewall rule to the Internet works, because that traffic is not bypassed, according to the rules you showed.

    You can try this if you like, YMMV
    bypass checkbox.png

    please take note how much of the browser window I included in this screenshot. It is all valuable information, and can help save a few of the 'twenty questions'

  4. #14
    Untangle Ninja Jim.Alles's Avatar
    Join Date
    Jul 2008
    Location
    Central PA
    Posts
    2,605

    Default

    Also, keep in mind that in general, NGFW processes and reports on sessions, not packets.
    blocked packets can't create a session.

  5. #15
    Untangle Ninja Jim.Alles's Avatar
    Join Date
    Jul 2008
    Location
    Central PA
    Posts
    2,605

    Default

    So, I think the clincher to this issue is, that if you have a product license that is metered by active hosts, do you want bypassed devices to count as active hosts or not?

    You be the judge.

  6. #16
    Untangler
    Join Date
    Aug 2018
    Posts
    48

    Default

    I agree that if all sessions from a specific host would be bypassed it should not be counted as active.
    But my IPcams do have session that are not bypassed, go through the firewall and get their timesync from an external ntp server.
    These devices should be counted as active.
    And they are curently not.

    (And since I have a home pro license I am not really interested in the total host count. I just want my network Layout overview to be correct )

Page 2 of 2 FirstFirst 12

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

SEO by vBSEO 3.6.0 PL2