This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Lockdown Astaro

I am using the HTTP/s proxy and AD Auth

I discovered a major gaff a little while ago where for some reason a computer didnt have the disable changing proxy settings enabled and basically had full access to everything. Boy I was pissed!!

Instead of firing myself[:(], I need to know how to lock down the Astaro so no HTTP/s traffic is allowed is leave the network unless it goes thru the Proxy unless a rule is setup allowing it to bypass the proxy.

Is this as easy as setting up a PF rule blocking all traffic
Any >> Any >> Any >> Reject ???
Of course this would be the last PF rule.

If so what is the difference between Reject and Drop ??

This thread was automatically locked due to age.

Parents

0 BAlfson over 16 years ago

Is this as easy as setting up a PF rule blocking all traffic
Any >> Any >> Any >> Reject ???
Of course this would be the last PF rule

That's the default last rule in any case. You must have a PF rule allowing this traffic. Can you post a few lines from the Content Filter (HTTP) log to show what sneaked through?

Cheers - Bob

Sophos UTM Community Moderator
Sophos Certified Architect - UTM
Sophos Certified Engineer - XG
Gold Solution Partner since 2005

MediaSoft, Inc. USA
Cancel
Vote Up 0 Vote Down

Cancel

Reply

0 BAlfson over 16 years ago

Is this as easy as setting up a PF rule blocking all traffic
Any >> Any >> Any >> Reject ???
Of course this would be the last PF rule

That's the default last rule in any case. You must have a PF rule allowing this traffic. Can you post a few lines from the Content Filter (HTTP) log to show what sneaked through?

Cheers - Bob

Sophos UTM Community Moderator
Sophos Certified Architect - UTM
Sophos Certified Engineer - XG
Gold Solution Partner since 2005

MediaSoft, Inc. USA
Cancel
Vote Up 0 Vote Down

Cancel

Children

No Data