Search results for query: *

Ok hopefuly someone takes a peak at this and gives me a hand. I have the Firewall picking up the proxy server using the Web Proxy option in the Network settings. However now I have an issue trying to get the proxy server to partition the DHCP clients from the static clients. I want all DHCP...

No assistance in setting up a transparent proxy via Sonicwall NSA 2400?

Hey, I have a Sonicwall NSA 2400 Firewall device operating as my DHCP. It works great no real complaints all firewalls can be a pain. I recently configured Squid successfully on a Linux (Centos) PC and that's working great as well, however there is one thing missing. To have the Proxy server to...

t00r, I must be blind, I read your post and thought 20 was 21. That did the trick. The ftp is working. I will try the ssh troubleshooting later. The 444 is for https, I saw it somewhere in the configs for an application. I dont remember what, just decided to add it. And Thanks again.

t00r, ignore these lines, they have been removed just some attempts to get to it working. ip nat inside source route-map NO_NAT interface FastEthernet0/0 overload ip nat outside source list 1 interface FastEthernet0/1

t00r The http is working, but the ftp and the ssh still isnt working. You can see by my current config that everything is in place. Here are my access-lists after the clear counters. Standard IP access list 1 10 permit 200.100.49.56, wildcard bits 0.0.0.7 (75 matches) Extended IP access...

Hey t00r, Current config: ! boot-start-marker boot-end-marker ! enable secret 5 $1$TKbU$DbvbBGZb4cvjle5S1vYZ4/ ! no network-clock-participate slot 1 no network-clock-participate wic 0 no aaa new-model ip subnet-zero ! ip cef ip ips po max-events 100 no ftp-server write-enable ! class-map...

The ftp access refuses to work with the ip nat inside. i am able to hit the address enter my credentials but I cant access the actual folder location and files.

Update: Adding 'access-list 110 permit tcp 200.100.49.56 0.0.0.7 eq 443 any' opened up the ftp port. I entered 'access-list deny tcp 200.100.49.56 0.0.0.7 eq 21 any' first and it made no difference. Therefore confirming which acl is working. Which now leaves me to wonder if something is blocking...

Sorry to keep you guys out of loop. I wrote a post and forgot to hit submit post. The config that I said was working isnt working. I can only hit my phps, not the ssh, and ftp isnt working. It was when I first applied the changes to the acls... Cant figure out why it has stopped working.

Ok, I will go back to the working config. If the 'dirty config' is ok with you guys, I would also like to look into some redunancy for if eitther WAN interface or service goes offline.

Hits sho access-lists=> Extended IP access list 110 10 permit udp any any (57285731 matches) 20 permit tcp 200.100.49.56 0.0.0.7 eq www any (12803 matches) 30 permit tcp 200.100.49.56 0.0.0.7 eq 22 any (97437 matches) 40 permit tcp 200.100.49.56 0.0.0.7 eq 443 any Extended IP...

This config was working. I could ssh and php remotely. The ip nat inside source list 1 interface FastEthernet0/1 overload was the active dynamic mapping. Current configuration : 2353 bytes ! version 12.3 service timestamps debug datetime msec service timestamps log datetime msec no service...

Here is my current running config. I got the chance to clean it up. There seems to be one problem however. With the previous configs I could ssh unto the servers remotely. Now I can hit the phps remotely, but not the ssh. Building configuration... Current configuration : 2140 bytes ...

t00r, After looking over the configs you sent they started to make sense and I gave them a swing. Voila! I can hit my phps and ssh, with my running config. Thanks a mil.

Hey t00r, This is the output of the current working config, not when the changes were made. gateway.gss#sho ip nat statistics Total active translations: 169 (0 static, 169 dynamic; 169 extended) Outside interfaces: FastEthernet0/1 Inside interfaces: FastEthernet0/0 Hits: 7515672 Misses...

Minue, t00r I got an hour to look at the cmds (wasnt enough time). First thing I did was remove the ROUTE_VOIP PBR as per minue. No change. Next thing I did with the PBR still removed was remove the incorrect overload statement. I got "%dynamic mapping in use cannot change" so I ran these...

Ah no fear, and thanks alot guys. I dont have much time for testing at the moment, but I will as soon as possible. The last tesing I did was with the Sonicwall's vpn client to vpn into the site instead of ssh... Thats the direction I need to take. Using a vpn would be more secure it would...

Minue, Can you point out where I went wrong with the previous attempt to allow php and ssh traffic?

Hey Minue, I understand the situation with the vacation thing, I am patiently waiting on my day... t00r has been helping me out and giving me new ideas (very gratefull). The audio quality is much better, no complaints, I have the ip nat inside turned on, so the voip traffic is being routed to...