Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 17 replies
  • Subscribers 1 subscriber
  • Views 5349 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

msn exception not functioning

Rayan
I am running Astaro ASG 220 in SSO mode and firmware ver 8.02 and trying to except active directory group from msn messenger blocking by adding the allowed group to the Exception Tab and blocking msn messenger in the IM Tab, but Astaro is either allowing everyone to access msn or blocking everyone. Am I missing anything in my configuration ?


This thread was automatically locked due to age.
  • 0
    'Archived Log Files' tab in 'Logging >> View Log Files'.

    Cheers - Bob
     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • 0 in reply to BAlfson
    if you want the users to access the msn messenger try this:
    Add the users to the exception in the Advanced tab in the HTTP/S (authentication exception)
    Also try to exclude them from Instant Messaging/Chat Categories
    Add them to the IM/P2P exception
    See if the IPS is blocking traffic from the IP address of these users
    HTH
  • 0
    Thanks, but I did that and still not working.

    And here are the logs, about the IM/P2P log I found it empty I don't know why?

     And I uploaded Yahoo Errors file hoping it can give something.

    And Thanks in advance.
    logfiles_20101024113003.zip
  • 0
    The AFC logfile can't be empty.  The packet filter logfile is from the 2010-10-20, yet the lines in your picture yesterday were from 2010-10-23.  Your Post #8 showed that this is about Google/Jabber - does Yahoo use the same protocol?

    Do you have a packet filter rule allowing traffic for the Google/Jabber protocol?

    Cheers - Bob
     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • 0
    As I can see from yahoo error " Connecting to connection server port '5050'."  
    you need to create a PF rule to allow the traffic of yahoo messenger, and if you have natting you also need a snat rule


    HTH
  • 0
    Are you experiencing an issue with Live Messenger 2011 by-chance?  I cannot get it to work at all (previous versions worked)!
  • 0 in reply to Kingbuzzo
    Hi guys,

    Thank you for helping me and finally it worked.

    But I have some questions:

    1- I created PF rule which allows Internal to access these ports(1025:10000) TCP/UDP to any, so is this right from security perspective ?

    2- If it is right then should video ,voice and file transfer work with MSN and yahoo and google talk and skype?

    And thanks in advance?