Beginner Question: SA520 Admin access through WAN port

Dear all,
I've a beginner question regarding my brand new SA520: How can I configure the box so that I'm able to access the admin GUI not only through the LAN ports but also from the WAN ports?
I tried already to allow inbound traffic to the firewall's internal IP address (not sure if done right, so) and granted the admin user access profile from WAN and LAN: I can access the box from the LAN but not from the WAN. Any ideas?
Thanks,
Eric
PS: Yupp, I know that it's not a good idea to expose a FW admin GUI to the WAN - but this is only a lab environment

Go to Administration -> Users.
click on the 'Edit User Policies' 'Login' button.  It's there you can enable WAN access.

Similar Messages

  • Access to WAN Port 2 on an CISCO ISA 550 Firewall

    Hi all
    On a CISO ISA 550 Firewall i created a 2 WAN Port Failover whichs works fine. But how can access the WAN2 Port (see Attaments) from my Workstation even the WAN1 Port is up an runnig, i created also a new Zone and Firewall Rule but this dosen't work..
    Thanks for your help

    Upgrade Firmware...

  • Beginner question about granting access rights

    Hi, am a total beginner, just a very simple question. I have created a number of tables with my admin account that I would like user accounts to be able to see (they should only be allowed to see these few tables)
    I then created a user account called EDWARD with just the basic connect access right (I don't want them to be able to create/delete tables etc, just to be able to query the tables I have created above and to add rows to these tables)
    Google searching has lead me to the grant statement, so I tried this from the admin account:
    grant select, update, insert on CUSTOMERS to EDWARD;
    This statement executes correctly but when I log in the EDWARD account I cannot do any of these things, instead I get the error: ORA-00942: table or view does not exist
    Any ideas?
    Thanks

    >>Would it be better to create a separate account called 'ADMIN' perhaps that I use for
    my application admin and then grant them appropriate access to confidential tables
    rather than logging them in as the SYSTEM?
    Yes, this is what I would advise, since SYSTEM (like SYS and several others...) is not user like other, it's better do not work and create object under this one. Keep it for Oracle administration usage only, not for application administration, create your own schema for this.
    Nicolas.

  • RV320, specific traffic through specific wan port

    Hello all,
    I love the RV320, one of the best routers i've bought in years and it works like a charm with our Fiber connection on WAN1 and Coax Cable on WAN2.
    The only question I have right now, i know it is possible to sent specific traffic (DNS,HTTP etc) through specific WAN ports.
    But would it also be possible in some way to say *.website.com traffic will go through WAN port x only?
    Specific apps we use are only available through an IP coming from the provider we use on WAN2 (cable coax), so it would be handy if we could say that if app this or that and/or website is being called, auto serve it through WAN port x.
    Is this possible and if not, something cisco could  add?      

    Dear Michiel,
    Thank you for reaching Small Business Support Community.
    Besides the service management options available I do not see a particular feature to accomplish your needs. I work on this community forum as an analyst and I am going to mark this post as a business opportunity for improvement of the device.
    Thank you for your comment and please do not hesitate to reach me back if there is anything I may assist you with in the meantime.
    Kind regards,
    Jeffrey Rodriguez S. .:|:.:|:.
    Cisco Customer Support Engineer
    *Please rate the Post so other will know when an answer has been found.

  • Macs with Filesharing Turned on Appearing on Networks Through the WAN Port

    I am trying to find out why it is that Macs that have filesharing turned on are appearing on people's network even when they are not on the same LAN.
    We run a small ISP in our town and have about 180 client sites that we service. I had a call from a client panicking because he could suddenly see unknown devices showing up in the Finder under Shared Devices. He could even see someone else's iTunes Library available for sharing, etc. This of course makes no sense, because although obviously all clients are technically on the same physical network, each client site has its own router, and is therefore behind a router.
    (And please do not comment about people getting onto his Wi-Fi, or else the bug in the Mac OS that sometimes does not release devices from the shared devices section even after they are gone from the network. This is NOT any of these situations. Please read on...).
    Initially I was convinced that he has opened up some port that he should not have. To test this I went to this client site, reset the router to clear any unwanted programming and plugged in my Mac directly into the WAN port of his router. And sure enough I appeared on his network. If I turned filesharing off, then I would disappear (which makes sense), but point is that with filesharing turned on, I seemed to be going through the router's firewall. Also interestingly enough, this penetration only seemed to be in one direction. That is WAN -> LAN, but not LAN -> WAN (I could not ever see any of HIS machines). Also, while I would appear on his network, I was not accessible by him. He could not actually connect to me.
    Is this happening because of Bonjour? If so, can I block Bonjour by closing some ports or protocols? But I also do not want to do that if it will cause any other applications from getting through that should be getting through (although I do not understand why Bonjour should be broadcasting through a firewall anyway).
    Thank you in advance for any comments.

    The best test I can suggest is to access when the Security Gateway is up and you are on the same LAN network as the ADT setup. If that works, unless the feeds are routed through some ADT server, the WAN side can be tested next. The ADT Gateway will not have a public IP for you to access. Do you have a link to a manual, or a the ADT model number of the gateway, so I can take a look at the setup guide?
    The normal setup is
    ISP <-> WAN IP <LAN Router/Gateway/Modem> <-> AEBS <Ethernet> ADT Gateway (LAN IP).
    LAN IPs are typically hidden from the world and are private IPs like 192.168.1.x ro 192.168.0.x or 10.x.x.x or 172.16.x.x.

  • SA520 optional wan port problems

    Hi,
    I've got some problems activating my optional wan port...
    The error is :
    [SA520]pppoeMgmtTblHandler: pppoe enable failed
    [SA520]pppoeMgmtDBUpdateHandler: error in executing database update handler
    Thanks for your help,

    Hello weillia,
    Thanks for your response,
    but....
    I don't understand your question ? i tried protocol bindings to force DNS protocol using first wan port...
    Problem is the same...
    And I'm using public Google dns for my domain.
    But I've got another big problem !!!
    I bought a small DLink DSL320B to replace my old Thomson 510 (wich is not ADSL2+ compatible)....
    It doesn't works with SA520... I've got kernel errors :
    Fri Sep 30 14:45:00 2011(GMT +0200)
    ERROR
    Kernel
    ip_conntrack_in: Frag of proto 17 (hook=0)
    Component: KERNEL
    Fri Sep 30 15:24:01 2011(GMT +0200)
    ERROR
    Kernel
    *******The above log repeated 41 times *******
    Component: KERNEL
    Fri Sep 30 15:24:01 2011(GMT +0200)
    ERROR
    Kernel
    ip_conntrack_in: Frag of proto 47 (hook=0)
    Component: KERNEL
    Configuration is good (bridge mode) and It works well directly on a PC...
    Thanks for all.

  • How do I restrict access to JSP or servlet only through SSL Port

    Hi
    I want to restrict the access to few jsp and servlet only through SSL port,
    so how can I block the acces to those jsp and servlet through normal port??? We
    are using weblogic 5.1.
    Any help on this highly appreciated.
    Aruna

    Hi,
    To restrict access(56 bits or less). follow the below steps.
    1. Go to your Webserver instance ServerManager
    2. Click Preferences Tab ------> Encryption Preference
    ------> There disable "DES with 56 bit
    encryption and MD5 message authentication."
    for SSL 2.0 ciphers or SSL3.0 Ciphers. Which ever
    needed.
    3. Save and Restart the Webserver instance.
    The above steps are for 4.x version.
    Thanks,
    Daks.

  • I cannot access Content Library in iMovie - Content Library doesn't show on the iMovie screen and is greyed out when accessed through "windows" tab at the top. Also unable to update the projects/events (a suggested solution for a similar question).

    I cannot access Content Library in iMovie - Content Library doesn't show on the iMovie screen and is greyed out when accessed through "windows" tab at the top. Also unable to update the projects/events (a suggested solution for a similar question). I haven't had this issue before, I have always used the content library on the screen but haven't used this for about a month. How can I make the Content Library available?

    Thanks so much! I am backing up the entire computer now with an external hard drive - this should be fine right? And surely if I am backing up the whole computer these projects/videos will be backed up too? I wasn't sure how to do this any other way and I am clearly not great with tech issues. Once this is done and I am sure my projects/videos are safe I will do the delete and reinstall bit. Thanks for taking the time to help

  • How to use SNMP to access interface counters for WAN port when not in bridged mode

    Hi All,
    Can't fault my timecapsule, however just struggling to get one little bit of functionality working.  I'm keen to get access to the WAN port interface counter information via SNMP, so I can track total bandwidth/throughput & also volume. 
    I have no issue getting SNMP to work & can see the 2.4 & 5.0GHz network counters, also total number of WIFI clients, wlan0, wlan1 and bridge0 interfaces.  Trouble is none of these are the WAN/external ethernet port.
    I see that it is likely that I'm trying to find the vlan1 port, however from what I'm reading this may only be available when the device is running in a routed mode (I'm running in bridge mode).
    Anyone able to suggest anything?

    Some cable modem you can turn off NAT.. and then use the TC in router mode.. or even use DMZ if the cable router allows that.
    Have you ever looked at gargoyle router firmware and its ability to count and quota all clients connecting to internet service.. it is a simply fantastic firmware and can be loaded onto a router that costs $70-130 dollars.. it is 3rd party but very solid if you choose the right combo.
    http://www.gargoyle-router.com/wiki/doku.php?id=screenshots

  • Wan port question

    Could someone explain to me the Ethernet wan port menu. I'm having a lot of connection problems with Airplay. It keeps dropping and coming back on.
    I checked with my ISP and the signal (cable) is 100% stable so the problem has to be my AE.
    If I change the settings to 10Mbps/half Duplex, it seems to work ok for a while. But Automatic is a definite no-no.
    Why all those choices, especially half and full duplex and what do they mean in terms of overall performance ?
    Thx

    My question to you is did this always happen or just started happening with this modem & AirPort base station. What is the exact model of your AirPort? How about the modem?
    This has always happened since installation 3 months ago
    AE 1143 - Modem is : Motorola SB5101
    Is 8 Mbps the maximum rated download speed that your ISP is providing you for Internet service?
    Yes
    Is 8 Mbps the maximum rated download speed that your ISP is providing you for Internet service?
    Speed test (http://www.speedtest.net/)
    up: 8.17 - down: 1.02
    Changing the WAN Ethernet port speed will do nothing to improve AirPlay's performance.
    But it does ! With lower speed = less drop in feed. Or maybe it's just the fact that I change from one to another.

  • Webmin Port Access through firewall

    OSX 10.8.5
    I just finsihed installing the latest version of Webmin.
    Everything is working fine but I can not figure out how to allow access through the firewall GUI.
    I need to open port 10000. Any suggestions?

    Thanks, I posted there a few months ago, without luck. I think I've finally found something when Googling the versions of each. iChat on Leopard doesn't use newer authentication protocols and Psi would need recompiled to be compatible. If anyone is curious in the modification here you go:
    http://forum.psi-im.org/thread/5091
    For now I'm looking for an alternative Jabber server to use.

  • No internet access, wan port light does not glow solid

    Hello,
    I can set up a wireless network with my Airport Extreme but I can't connect to the Internet through it.
    The light above the wan port does not glow solid when a cable is attached between the base station and the cable modem.
    (Sometimes the Wan port light will glow solid for a few minutes but then it will go out.)
    I've tried several Ethernet cables but no go.
    I've also tried resetting the Airport to its factory settings.
    Does this mean that the Wan port is bad?
    Or is there a fix for this issue?
    Any help would be most appreciated.
    Thanks!
    Mike

    Hi Bob,
    I don't know how to pull a cable modem's internal battery.
    I can "hot swap" my airport express in and everything works fine.
    But my airport sprang back to life last night!
    (I got up during the night and set it up again on a whim.)
    Everything was working great!
    (even my Mac mini which is connected to an HDTV was able to connect to the Internet wirelessly)
    But then I needed to unplug the modem and base station (to arrange the power cords) and then no Internet again.
    I powered everything down and went back to bed.
    This a.m., I reset the airport extreme (hard reset), powered everything back on and still no Internet.
    I keep getting the "Nothing is connected to the Ethernet Wan port" message when the cable connection is secure.
    Thanks for your help!
    Mike

  • Enable access through port 80

    hi! We are trying to get access through prot 80. We are using WL5.1 on Linux 6.2. I have done everything is in docs but it doesn't work. Do i Have to do anything special?? thanks

    What is the error that you are witnessing?
    Michael Girdley, BEA Systems Inc
    Learning WebLogic? Buy the book.
    http://www.learnweblogic.com/
    "david hermoso" <[email protected]> wrote in message
    news:3a5ee264$[email protected]..
    hi! We are trying to get access through prot 80. We are using WL5.1 onLinux 6.2. I have done everything is in docs but it doesn't work. Do i Have
    to do anything special?? thanks

  • EA2700 WAN PORT open to the world by default?

    I just noticed last night that my EA2700 router was accessible on the WAN port, from the Internet, on ports 80 and 53. I am running router firmware 1.0.14 and the update utility reports that there is no newer version.
    Remote management is NOT enabled (it defaults to port 8080 anyway) and I enabled and disabled it for good measure. Rebooted a few times, too.
    I then enabled and disabled the regular admin interface on HTTPS and turned off HTTP. That enabled the admin interface on port 443, but still left it enabled on port 80. And now both port 80 and 443 were accessible outside the firewall! And now I couldn't turn off port 443!
    I disabled UPnP and rebooted and still the ports were open to the Internet.
    Needless to say, I was pretty horrified by this discovery.
    I only leave one port forwarded, port 22, to SSH on an internal box. That is the only hole through my firewall I ever expect to see.
    As a fix for this problem, I added three new port forwards on port 80, port 53 and port 443, and mapped them all to a random port on an unused IP on my internal network. THIS and ONLY this finally made ports 80, 53, and 443 inaccessible from the Internet at large.
    What's going on here? It seems hard to believe that EVERY EA2700 device would have this issue or this would've come out long ago. Any ideas?

    https://superevr.com/blog/2013/dont-use-linksys-routers/

  • No admin access to NSS4000 anymore

    I can no longer access my NSS4000 through any means.  CISCO tech support said this is end of live and does no longer support.  So this community is my only option.
    The NSS4000 worked fine until a few weeks ago it was or is setup as a RAID1.
    ALL Leds on the front panel show everything is working fine.  Solid green power, solid green disk drives, blinking green Lan1 led.  I have used 3 different operating systems and twices as many different browers and versions trying to access the admin web interface but with no luck.  ALL browsers show CAN NOT DISPLAY PAGE.  I can ping the NSS4000,  The Cisco Discovery Tool finds the NSS4000, but the GUI button can not access the NSS4000 either.   Using the CISCO Discoverty Tool  to change the IP address does not work either.  It says the password is not correct, even the default password.   I have rebooted like a zillion times using the USB Boot Loader with no luck either.  I have reset the NSS4000 network configuration,  after the reset the CISCO Discovery Tool finds the NSS4000, I can ping it but that is it, still no admin access.
    HOW DO I GET BACK IN CONTROL OF MY NSS4000 and MY DATA?

    Hi,
    I don't know if this is still relevant (because the post is 1+ year old) but I had the same problem and I managed to solve it.
    The bottom line is that I had some policy that blocked all the traffic except from my old network IP range (I replaced my router and my network IP).
    I managed to find this information by connecting to the system with the following port : https://:8888 (Probably a backdoor to the system when you have something like this).
    From that point I was in the web interface and went to "Access" -> "Network" screen and I deleted all the "Drop Traffic" policy.
    Good Luck
    Oded

Maybe you are looking for