- Posts: 68
- Thank you received: 0
IPcop filtering incoming traffic
15 years 4 months ago #30932
by sys-halt
Replied by sys-halt on topic Re: IPcop filtering incoming traffic
strange behavior, I use Remote Desktop, RDP. I just made the rule in the port forwarding feature through the GUI and it worked instantly.
my firewall logs always shows and incoming and outgoing request. how come there is not list in your firewall logs? it would be difficult on you to troubleshoot without your logs.
it is better now for your without BOT, since it requires more work.
is this a lab simulation? or a working environment? did you enabled Snort? Snort can list in its logs any incoming connections.
I am insisting on the logs because in that way you can tell where your request is actually reaching your firewall or not. I mean there could be a chance that your VNC Request are being dropped before hitting your firewall.
can you please provide us with a simple topology for your network design.
my first troubleshooting procedures would to check the logs, if there is no logs I would grab a laptop plug it directly into my external firewall interface and try to make the VNC connection, if it works then there is something else preventing your request like maybe a built-in firewall in your perimeter router.
Please note that the IPCop developers have made all the effort to make its features works perfectly without digging deep in the rc.firewall file or any other file that might require hard coding sentences.
are you able to access your IPCop web interface from outside or doing ssh to your box from outside? or have you disabled ping request on your external interface?
for now I have no more thoughts, good luck.
my firewall logs always shows and incoming and outgoing request. how come there is not list in your firewall logs? it would be difficult on you to troubleshoot without your logs.
it is better now for your without BOT, since it requires more work.
is this a lab simulation? or a working environment? did you enabled Snort? Snort can list in its logs any incoming connections.
I am insisting on the logs because in that way you can tell where your request is actually reaching your firewall or not. I mean there could be a chance that your VNC Request are being dropped before hitting your firewall.
can you please provide us with a simple topology for your network design.
my first troubleshooting procedures would to check the logs, if there is no logs I would grab a laptop plug it directly into my external firewall interface and try to make the VNC connection, if it works then there is something else preventing your request like maybe a built-in firewall in your perimeter router.
Please note that the IPCop developers have made all the effort to make its features works perfectly without digging deep in the rc.firewall file or any other file that might require hard coding sentences.
are you able to access your IPCop web interface from outside or doing ssh to your box from outside? or have you disabled ping request on your external interface?
for now I have no more thoughts, good luck.
15 years 4 months ago #30973
by ricka
Replied by ricka on topic Re: IPcop filtering incoming traffic
Syshalt, thank u again for ur time and assistance, I am baffled as to
why I am not seeing any of the incoming request and outgoing replies on the FW logs. I will install snort or use wireshark in an
attempt to monitor the traffic. Here is my network setup
Internet<---> (DSL/Modem)< ---> IPCOP Red Interface
192.168.1.X/24
|
|
||
IPCOP Green Interface 172.16.1.X/24
|
| Xover connection
Test machine 172.16.1.Y/24
MS FW disabled, no other filters
Nothing really fancy.
I'll get back to u with my findings using snort and wireshark.
why I am not seeing any of the incoming request and outgoing replies on the FW logs. I will install snort or use wireshark in an
attempt to monitor the traffic. Here is my network setup
Internet<---> (DSL/Modem)< ---> IPCOP Red Interface
192.168.1.X/24
|
|
||
IPCOP Green Interface 172.16.1.X/24
|
| Xover connection
Test machine 172.16.1.Y/24
MS FW disabled, no other filters
Nothing really fancy.
I'll get back to u with my findings using snort and wireshark.
15 years 4 months ago #30975
by sys-halt
Replied by sys-halt on topic Re: IPcop filtering incoming traffic
hey ricka, I would start first by giving your external IPCop interface a static IP address like 192.168.1.99/24 then grab a laptop or a desktop and plug it to the external interface of the IPCop give the laptop an IP range same to your Red IPCop address and try now doing VNC request.
something like this:
[laptop]----[switch]----[Red IPCop:Green IPCop]---[switch]---[VNCDesktop]
waiting your result good luck
something like this:
[laptop]----[switch]----[Red IPCop:Green IPCop]---[switch]---[VNCDesktop]
waiting your result good luck
15 years 4 months ago #30979
by ricka
Replied by ricka on topic Re: IPcop filtering incoming traffic
great suggestion I'll try that setup today and get back to u
15 years 4 months ago #31007
by ricka
Replied by ricka on topic Re: IPcop filtering incoming traffic
Syshalt, I figured out the problem, the firewall setting was on with
my Symantec anti virus software, after I disabled it and I was able to connect via VNC.
Appreciate your time and efforts.
my Symantec anti virus software, after I disabled it and I was able to connect via VNC.
Appreciate your time and efforts.
Time to create page: 0.142 seconds