Results 1 to 5 of 5
  1. #1
    Untangler
    Join Date
    Feb 2009
    Location
    Spain
    Posts
    75

    Default Reputation changes

    Hello,

    since 2 days ago, a lot of ips changed to high risk, making connection to my apache server difficult for users tablets.
    I've tried my mobile phone and movistar ip was labeled as high risk too, as many others. While I try to solve this (difficult, because looks like they have labeled full ip ranges of isp here in spain), is it possible to let ips from spain to enter the server? I have checked but can't see the option

  2. #2
    Untangle Ninja sky-knight's Avatar
    Join Date
    Apr 2008
    Location
    Phoenix, AZ
    Posts
    26,241

    Default

    You didn't describe your setup at all, so I'm going to step out on ALL the limbs...

    Ingress HTTP and HTTPs traffic should be routed into a dedicated policy that doesn't have Web Filter or Threat Prevention installed. Failure to do this results in the pain you're experiencing.

    Untangle modules don't care about direction of traffic, they simply care about types of traffic.
    Rob Sandling, BS:SWE, MCP
    NexgenAppliances.com
    Phone: 866-794-8879 x201
    Email: support@nexgenappliances.com

  3. #3
    Untangler
    Join Date
    Feb 2009
    Location
    Spain
    Posts
    75

    Default

    Quote Originally Posted by sky-knight View Post
    You didn't describe your setup at all, so I'm going to step out on ALL the limbs...

    Ingress HTTP and HTTPs traffic should be routed into a dedicated policy that doesn't have Web Filter or Threat Prevention installed. Failure to do this results in the pain you're experiencing.

    Untangle modules don't care about direction of traffic, they simply care about types of traffic.
    Thanks for your answer. I understand what you say, it's an https server, but I thought threat prevention will give an extra layer, as it stops traffic from known sites. It has been since 2 days ago that threat prevention decided to label lot of one mobile company as high risk.
    So, it's better to let that specific https server out of threat prevention. Thanks for the tip!

  4. #4
    Untangle Ninja sky-knight's Avatar
    Join Date
    Apr 2008
    Location
    Phoenix, AZ
    Posts
    26,241

    Default

    Yes, these tools are meant to protect systems from the world. In your case you're protecting the world from your web server... it's not working the way you've intended, and worse it has huge denial of service potential too!
    Rob Sandling, BS:SWE, MCP
    NexgenAppliances.com
    Phone: 866-794-8879 x201
    Email: support@nexgenappliances.com

  5. #5
    Untangler
    Join Date
    Feb 2009
    Location
    Spain
    Posts
    75

    Default

    Quote Originally Posted by sky-knight View Post
    Yes, these tools are meant to protect systems from the world. In your case you're protecting the world from your web server... it's not working the way you've intended, and worse it has huge denial of service potential too!
    Thanks again for the explanation, I'll take a second look on how I'm using untangle applications!

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

SEO by vBSEO 3.6.0 PL2