OS X firewall and LAN

Similar Messages

• Requests through tunnel to firewall to LAN and viceversa

  Hi ,
  I have a tunnel between router A and router B (827 both). Now I implemented a zywall between router B and LAN B. I also removed nat from router, Zywall use nat instead. Zywall forwards requests to router B .. then how can I forward them through tunnel? and requests from router A through tunnel how can I forward them to zywall? the problem is that requests comes from a natted ip which is the nat interface of zywall

  Have a look at this discussion about running IPSec through a NAT Firewall :
  http://www.cisco.com/en/US/tech/tk583/tk372/technologies_configuration_example09186a008009486e.shtml
  Dave

• Firewalling and NTP (Time) troubleshooting

  Hi all.  Recently after switching to using a Cisco router (891W, IOS 15.2) instead of a different vendor's router at our site, I began to notice that the time sync on the Windows domain is off.  This is causing major domain functionality problems.  This is a small business so there is a single domain controller, and it is configured to get time from a source on the Internet. 
  It's been a while since I set this up on the server so I forget offhand the Internet time server, but the current firewall config for the router matches what I had on the previous non-Cisco router.  I'll check into if the Internet time server is th eproblem but those don't tend to go down a lot to my knowledge.  The only thing that changed was this router and immediately after is when the problems began. 
  However in retrospect I wonder if the firewall is even correctly set up.  Currently I have udp port 123 open from the outside going to the inside IP of the domain controller on the LAN (using static NAT).  But as I think about this, I'm sure that time update traffic is not initiated from the time source (Internet-based time server) but rather by the time client (the domain controller).  Please correct me if I'm wrong. 
  So then with a stateful firewall and provided there are no restrictions from inside to outside for NTP, I should not have to open udp 123 from the outside at all, but instead just allow the inside server to request time from the outside, using whatever dynamic port the firewall allocates. 
  Is this right?  Again, ever since we switched to using the Cisco router, time sync is not working. 
  Thanks very much. 

  You're thinking is exactly correct. As a test you could also set the router to pull time from the public NTP server and see if it synch's.
  ntp server [ip of NTP server] prefer
  To see if it's synch'ing
  show ntp association
  show ntp status

• Cisco Transparent firewall and cisco switch issues.

  Dears,
  I have a very plain scenario
   LAN cisco switch <2 vlans>  ----------> cisco transparent firwall with bvi interface ------------>  crypto box ---------> cisco router ------ <remote/other site>
  i have vlan 61 configured on bvi interface of firewall, crypto box and also on the switch port and vlan of 61 is up up .
  The issue is i can connect remotely to cisco transparent firewall but cannot ping or connect to cisco switch. ???????????
  Need to know some trobuleshooting tips and basic settings that i need to verify. I simply want lan switch with 2 vlans to pass through the cisco transparent firewall and go to other site/remote site.

  Well,
  i have put the inspection icmp turned on for the sessions , and the version i am using is 9.1 
  moreover, i have put u p the ACLs for inbound and outboudn traffic, and while i ping across the firewall from the inside interface towards outside interface PC, i can see packet counts increasing on the acl , during the show access-llist command.
  i have requested the client to verify his part. do let me know further tips if you have any.
  [ moreover we cannot try to use packet-tracer from cli in transparent mode ]

• Replacing BM on NW with the ISP firewall and NAT

  Replacing BM on NW with the ISP firewall and NAT
  Hi!
  LAN is a tree with 3 servers:
  1. NW 6.5 sp8 + BorderManager 3.9 sp 2
  2. NOWS SBE 2.5 (Suse) - DNS\DHCP
  3. NOWS SBE 2.0 (Suse)
  Since I'm connected to the internet through my ISP router (XBOX- Checkpoint), I am considering to remove the first server (firewall) and ask my ISP ro configure the router as a firewall and NAT too.
  What are the steps needed to do it without any demages?
  TIA
  Nanu

  nanu,
  It appears that in the past few days you have not received a response to your
  posting. That concerns us, and has triggered this automated reply.
  Has your problem been resolved? If not, you might try one of the following options:
  - Visit http://support.novell.com and search the knowledgebase and/or check all
  the other self support options and support programs available.
  - You could also try posting your message again. Make sure it is posted in the
  correct newsgroup. (http://forums.novell.com)
  Be sure to read the forum FAQ about what to expect in the way of responses:
  http://forums.novell.com/faq.php
  If this is a reply to a duplicate posting, please ignore and accept our apologies
  and rest assured we will issue a stern reprimand to our posting bot.
  Good luck!
  Your Novell Product Support Forums Team
  http://forums.novell.com/

• Sharepoint Internet publishing dmz and lan

  we have provided below list to Operation to configure dmz and lan envoirnment
  dmz server was not on domain they faced issue to put dmz on domain they have to open on firewall any from
  dmz to active directory is there any port we are missing below if we have to have communication from DMZ to db/application server
  MCTS,ITIL

  WFE -> DB only requires 1433 (or the assigned port) and 1434/udp if using a random port. WFE -> WFE communication is what leverages 32843/32844 (service calls).
  Outbound email must be port 25, unless you configure an anonymous relay that SharePoint can communicate to over port 25. 
  Trevor Seward
  Follow or contact me at...
  &nbsp&nbsp
  This post is my own opinion and does not necessarily reflect the opinion or view of Microsoft, its employees, or other MVPs.

• Error message about firewall and internet sharing

  hello all i have a question regarding the use of firewall and internet sharing.
  I have a PMG5 connected to internet through Airport. I've linked an Xbox 360 via the built-in ethernet port in order to access Xbox Live. I had to open specific UDP ports on the OS X firewall but it now works fine. However, in the Sharing Preference Pane, Internet Tab, i still get an error message saying that my Internet Sharing is disturbed by the settings of the firewall and sharing services, it says that i did not activate "personal web sharing" in the first two tabs...but i DID ! And there's no way to get rid of this error message.
  I know I know some may consider it's not a real problem because it's just an error message while the connection actually works fine but well, I tend to hate error messages when they're not supposed to show up. So if anyone know the answer, thanks in advance...
  Good day to everyone
  Vince, Paris...

  sorry about the delay in replying, was kinda busy
  well trashing the pref files was useless and i tried with another user, same thing. As for the second opinion, the problem was not about which port was used cause as i said the connection sharing works fine and anyway it was the correct port that was checked, it's just that i get an error message while there is no apparent error and everything works fine, i'm told that personal web sharing is not enabled but it is...
  Anyway as i said, it's probably not a real matter, as long as it works...which brings me to another thing. I've created a special protocol in the firewall to enable a proper dialog with the xbox. it's basically the same thing you do for ichat AV when you have video connection problems, you track down the concerned UDP port using terminal, you allow traffic and all... The protocol for the xbox worked great for some days, but now it seems it's not enough, the game set keeps trying on another port and i constantly have to update the protocol or deactivate the firewall...and enabling back all UDP traffic is not enough to solve it.
  In a way i think everything is linked, the initial error message when everything was fine and the current trouble. Any idea?
  thanks
  Vince

• I am getting an error message that my network connection has timed out. while trying to update my iPhone on iTunes. Has anyone found a solution? I was given some advice about turning off my firewall and/or virus protection but am nervous about doing that.

  I get a message that my network connection has timed out while trying to update my iPhone on iTunes. Has anyone else had that problem and if so what solutions have you found? I was told to turn off my firewall and/or virus protection while updating but am nervous about doing that for obvious reasons. I'm also disgusted with Apple not providing free tech support.

  See this article about the ports that have to be open during the update process. iTunes has to contact Apple during the download. iTunes for Windows: Troubleshooting security software issues

• I have disabled all Kaspersky security, windows firewall and windows defender and Itunes still will not update my Ipod touch 4th gen to IOS 5, Helppppp!

  I can't get the IOS 5 to work for windows Vista.  I'm running kaspersky pure 2.0, windows firewall and windows defender.  I have turned them all off, I then attach my Ipod 4th gen and I get the "cannot connect to itunes update server".  I ran diagnostics in itunes and it tells me I dont have a internet connection.  I'm on the internet right now, and I DO have a internet connection, but it tells me Itunes says otherwise.  I'm able to send this message on the same pc with internet connection but keep running into this error.  I have now read discussiong boards through apple and disabled all my firewalls, still no luck.  I was able to update the lates version of itunes, and just waiting to get my ipod updated now, please help me.

  On the computer you should be able to go to the network properites. Go to the TCP part and unchec the line that says obtaind DNS automatically and check the one that says use the following. Add the 8.8.8.8 and Google other 8.8.4.4.
  For more info see:
  https://developers.google.com/speed/public-dns/

• HT203200 Have deleted temp video, configured anti spam and firewall, and one specific video keeps giving me an error. Just tried downloading a previous episode of the show and it worked just fine. Always sunny in philly "Charlie rules the world" anyone el

  Have deleted temp video, configured anti spam and firewall, and one specific video keeps giving me an error. Just tried downloading a previous episode of the show and it worked just fine. Always sunny in philly "Charlie rules the world" anyone else??

  Have deleted temp video, configured anti spam and firewall, and one specific video keeps giving me an error. Just tried downloading a previous episode of the show and it worked just fine. Always sunny in philly "Charlie rules the world" anyone else??

• When I try to download iTunes 10.5.3.3 it says "A program required for this install to complete could not be run...." I have uninstalled itunes, restarted my pc, disabled firewall and antivirus. HELP

  I used to have iTunes 4.3.1, something like that, it kept asking me to upgrade but i had an older ipod so i couldnt. I recently broke my ipod so now i have one for itunes 10.5.3.3 because my ipod came shipped with ios5.0 installed. So i tried to update itunes, didnt work.  I uninstalled it, didnt work. I disabled firewall and antiviurs, didnt work. Ive called tech support, as soon as the person hung up thinking that it was working, it stopped working. I REALLY LOVE MUSIC and want songs on my new ipod. Please someone help....

  First try removing and reinstalling all the Apple software using the following or the link within it that applies to XP.
  Removing and reinstalling iTunes, QuickTime, and other software components for Windows Vista or Windows 7
  Then try the other items in:
  iPhone, iPad, or iPod touch: Device not recognized in iTunes for Windows

• Unable to receive internet connection over wifi connection.  Shows that I am connected to the network, but do not have internet access.  Checked my firewall and turned it off.  What else am I missing or should be doing differently?

  Unable to receive internet connection over wifi connection.  Shows that I am connected to the network, but do not have internet access.  Checked my firewall and turned it off.  What else am I missing or should be doing differently?

  You might want to try resetting your router and your modem - just unplug the cords, leave them unplugged for about 3-5 minutes and then replug the modem and then the router in that order.
  This may or may not correct your problem - call back if it doesn't.
  Clinton

• Firefox 3.6 is not connecting to the internet. It's on my allow list on my firewall and I have to use IE for now! This has happened to a few other people I know. Help? :/

  This is the message I get when I open Firefox:
  Unable to connect
  Firefox can't establish a connection to the server at en-gb.start3.mozilla.com.
  * The site could be temporarily unavailable or too busy. Try again in a few
  moments.
  * If you are unable to load any pages, check your computer's network
  connection.
  * If your computer or network is protected by a firewall or proxy, make sure
  that Firefox is permitted to access the Web.

  Remove all rules for Firefox from the permissions list in the firewall and let your firewall ask again for permission to get full unrestricted access to internet for Firefox.
  See [[Server not found]] and [[Firewalls]] and http://kb.mozillazine.org/Firewalls
  See also http://kb.mozillazine.org/Error_loading_websites

• Can't get artwork, I get a -609 error. I have tried turning off firewall and antivirus. \\\windows firewall is set to allow itunes anyhow

  I can't get artwork, I get a -609 error. I have tried turning off firewall and antivirus. Theewindows firewall is set to allow itunes anyhow. Any suggestions?

  Perhaps try the "Error -609" section in the Specific Conditions and Alert Messages: (Mac OS X / Windows) section of the following document:
  iTunes: Advanced iTunes Store troubleshooting

• I have downloaded the new update for Firefox 3.6 and now cannot connect to the internet. I've checked my firewall and have uninstalled and reinstalled firefox, but nothing works.

  After installing the new update for Firefox 3.6, no matter what I do, I cannot connect to the internet using Firefox. I can get on the internet using my other browsers (Google Chrome and Internet Explorer), so Firefox is the only one that doesn't work. I have already checked my firewall and have added and removed Firefox from my firewall to no avail. I've also already uninstalled and reinstalled Firefox, but so far it hasn't helped.

  I have already tried removing firefox from my firewall. Even when I do that, my firewall doesn't detect firefox and prompt me to add it. And when I manually add it, it still doesn't work anyways. I've already tried the link as well, but it has been unhelpful. :/
  I'm not sure if it matters, but a few weeks before this, I did download Microsoft Security Essentials.