Good news here as well. We're running two firewalls (at two different locations) with 5.011 and the major problems seem to have disappeared. One thing still not working correctly, however, is the viewing of internal websites using an externally resolved IP address -- that still results in a proxy error. For example, if you run a web server on your internal network and have a DNAT rule to permit external access using the IP address of the external interface, and you try to access this website from INSIDE the network using the public URL, it fails every time. This didn't occur in v4, so this is some sort of proxy issue. It's been reported to Astaro, guess the fix didn't make this up2date.
After I updated from 5.010 to 5.011. Astaro displays some wrong IPs in "Licensing > Licensed users (IPs)". Before the update it displayed IPs, like "192.168.1.2, 192.168.1.3, 192.168.1.4" and so on. Now it displays IPs from some of the websites I visit and my DNS server.
Hello, Just wanted to chime in a say thanks for such a great product. I am looking forward to using v5.
Is the issue concerning using an external IP to access an internal box (webserver, mail server etc..) truly a bug?
I would think that's how it should work. Perhaps it's more of a feature to have the router "redirect" traffic pointed to the external IP to the actual internal IP.
[ QUOTE ] Hello, Just wanted to chime in a say thanks for such a great product. I am looking forward to using v5.
Is the issue concerning using an external IP to access an internal box (webserver, mail server etc..) truly a bug?
I would think that's how it should work. Perhaps it's more of a feature to have the router "redirect" traffic pointed to the external IP to the actual internal IP.
just my 2 cents...
JM
[/ QUOTE ]
Yep, it's a known bug. Let's say you have a company mail server inside your network that provides webmail, and to get to it your users browse to "webmail.mycompany.com". That should definitely work even if you're inside the network, but with ASL 5 it does not, you just get an error page. Until this bug is fixed, the only way in this example to get to the webmail server is for the users to browse using the fixed internal IP address. Could this be solved by using an internal DNS? Yes, of course, but not everyone has one -- and even if they did, many of them would have to set up a split DNS arrangement to deal with this.
[ QUOTE ] Hello, Just wanted to chime in a say thanks for such a great product. I am looking forward to using v5.
Is the issue concerning using an external IP to access an internal box (webserver, mail server etc..) truly a bug?
I would think that's how it should work. Perhaps it's more of a feature to have the router "redirect" traffic pointed to the external IP to the actual internal IP.
just my 2 cents...
JM
[/ QUOTE ]
Yep, it's a known bug. Let's say you have a company mail server inside your network that provides webmail, and to get to it your users browse to "webmail.mycompany.com". That should definitely work even if you're inside the network, but with ASL 5 it does not, you just get an error page. Until this bug is fixed, the only way in this example to get to the webmail server is for the users to browse using the fixed internal IP address. Could this be solved by using an internal DNS? Yes, of course, but not everyone has one -- and even if they did, many of them would have to set up a split DNS arrangement to deal with this.
