About _slv_

Hello As you can see on this forum I have some configurations problems with CP. In the zone where I have CP enabled I have Minolta BizHub c220 device (with static IP 192.168.3.251). This device has scan to email features. After I enabled CP for this zone of course noone email go to user. I checked almost every thread on this forum, but I didn't get solutions. As I understand for CP we have three types of polices: security, NAT and captive portal. NAT is simple in this case, security I configured: and Captive Portal policy: in logs I have traffic: NTP and DNS traffic is allowed by Security rule, thats OK I add another security policy to allow all traffic from this zone to untrust zone. Thats doesnt working for me. So I tryed to go further and I add CP policy that should allowed traffic on port 465, but as you can see in log - this doesn't working too How I should configure polices in such situation? I believe that it is possible to configure on PAN. I didint find on BizHub ability to authenticate on CP/HotSpot. With regards Slawek ... View more

Hi Few months ago I sucessfully configured CaptivePortal (in redirect mode) with SSL certyficate from StartSSL for one of my local network connected to PA200. Now I need to do the same for another local network, but on PAN I can only make one CP configuration, with one SSL cert. I have SSL cert for host cp1.mydomain.com. This dns entry pointing to 192.168.110.1 that is a gateway for network where I have CP. Until now evertything is clear for me, but when I enable CP to another network (with 192.168.30.1 gateway) its working too - why? My networks are in separate security zones without policy that could enable traffic beetwen this zones/network. So I tryed to put cp1.mydomain.com to one of my public IP (not used at the moment) but reachable from PAN. I changed entry in DNS, but its broken CP because users cant get CP webpage because this public IP isnt reachable without authenticate. My CP looks like: and Security Policy: and hear I'm not sure that this configuration is optimal and made according to best practices. I'd like to block p2p traffic, let DNS and ping and let all authenticated users access to internet. I forgot .. I have one samll issue with SSL cert. Evertytime I started browser (ie. IE7) I get warning that browser has't information about cert issuer. Similar problem is described but I have cert from StartSSL. Where I can find IPs that I need to add to be reachable without CP policy? I searched this community, read How to Configure Captive Portal.pdf but I cant find information about CP for two networks. Please help me in such configuration. With regards Slawek ... View more

Hi Since I upgraded to 5.0.3 from 4.1.10 I started getting such entry in Treat log: Suspicious DNS Query (Backdoor.rshot:app.pou.me) 4009473 spyware medium drop-all-packets 74 Suspicious DNS Query (Downloader.fik:encyklopedia.eduteka.pl) 4008620 spyware medium drop-all-packets 31 Suspicious DNS Query (generic:stor1173.uploaded.net) 4014899 spyware medium drop-all-packets 26 Bot: Torpig Phone Home DNS request 12657 spyware medium drop-all-packets 276 Suspicious DNS Query (generic:www.tns-counter.ru) 4000032 spyware medium drop-all-packets 40 It's pointing to my two DNS servers for my local networks. I'm almost sure that this isnt a problem with this servers because last week was Eastern Christmas and during this time I never got such traffic. When my users back to work its started again. Some of user's computers are in the same Zone as this two DNS servers. How in this case catch sources of this traffic? For other network I will enable strict Tread profile on allow DNS traffic rules, I hope that this will give me information about real sources of this dns requests. With regards Slawek ... View more