Results 1 to 6 of 6
  1. #1
    Untanglit
    Join Date
    Nov 2020
    Posts
    26

    Default Issue for Policy Manager with Firewall App

    Hi ETM,

    Just wanted to point out a possible "bug" in policy manager.

    Story goes:

    - I had enabled policy manager with a staff as a child of default policy. There is no users assigned to it as I was exploring the module. This was setup about 1-2 weeks ago.
    - I enabled the firewall app to run for staff policy.
    - I started to experience issues unable to login to our webmail URL from public yesterday. I troubleshooted the server but was able to load the webmail IIS internally, this points to ETM firewall issue.
    - Once I disabled the default policy firewall app, I was able to access the webmail URL from public, once I enabled the same issue occur.
    - After investigation, I disabled the staff policy and removed the module and all things returned to normal.


    My question is why would such a function cause issue only after 2 weeks? We access the webmail from public on a daily basis?

    Thanks!

  2. #2
    Master Untangler
    Join Date
    Jul 2010
    Location
    Nanaimo B.C
    Posts
    787

    Default

    Quote Originally Posted by reachmedia View Post
    Hi ETM,

    Just wanted to point out a possible "bug" in policy manager.

    Story goes:

    - I had enabled policy manager with a staff as a child of default policy. There is no users assigned to it as I was exploring the module. This was setup about 1-2 weeks ago.
    - I enabled the firewall app to run for staff policy.
    - I started to experience issues unable to login to our webmail URL from public yesterday. I troubleshooted the server but was able to load the webmail IIS internally, this points to ETM firewall issue.
    - Once I disabled the default policy firewall app, I was able to access the webmail URL from public, once I enabled the same issue occur.
    - After investigation, I disabled the staff policy and removed the module and all things returned to normal.


    My question is why would such a function cause issue only after 2 weeks? We access the webmail from public on a daily basis?

    Thanks!
    THe bigger question is, why did you enable policy for staff ? What are you trying to accomplish with the policy ?
    Started Youtube Channel, Have a question about Untangle Ask me : jason @ jasonslab.ca
    https://www.youtube.com/c/jasonslabvideos << Please like and subscribe, helps me out !!

  3. #3
    Untangler jcoffin's Avatar
    Join Date
    Aug 2008
    Location
    Lake Tahoe
    Posts
    9,687

    Default

    We have zero to go on. All the information is in reports to see what was blocking access to your MS server.
    Attention: Support and help on the Untangle Forums is provided by
    volunteers and community members like yourself.
    If you need Untangle support please call or email support@untangle.com

  4. #4
    Untanglit
    Join Date
    Nov 2020
    Posts
    26

    Default

    Quote Originally Posted by dashpuppy View Post
    THe bigger question is, why did you enable policy for staff ? What are you trying to accomplish with the policy ?
    Hi, I'm trying to give users to access to internal resources.

  5. #5
    Untanglit
    Join Date
    Nov 2020
    Posts
    26

    Default

    Quote Originally Posted by jcoffin View Post
    We have zero to go on. All the information is in reports to see what was blocking access to your MS server.
    Thanks! will re-enable and try again to see how we can better use the policy manager =)

  6. #6
    Master Untangler
    Join Date
    Jul 2010
    Location
    Nanaimo B.C
    Posts
    787

    Default

    Quote Originally Posted by reachmedia View Post
    Hi, I'm trying to give users to access to internal resources.
    Policy manager isn't the firewall, its meant for a policy ie based on network or user. AKA It says hey you do this, not that..

    Example, you create a Guest network and vlan / network. You create a new policy for that, top rule would be source guest network destination is external. Then you add app's to that policy. Example you don't want your staff looking at facebook on the work network but the GUEST network can, so you allow it in the app for guest but block it for work.. If this makes sense.
    Started Youtube Channel, Have a question about Untangle Ask me : jason @ jasonslab.ca
    https://www.youtube.com/c/jasonslabvideos << Please like and subscribe, helps me out !!

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

SEO by vBSEO 3.6.0 PL2