WatchGuard Technologies SOHO 6 Logging all allowed outbound traffic, Disabling Socks on the Soho

Page 88

Chapter 6: Configure the Firewall Settings

•For the SOCKS proxy, enter the URL or IP address of the SOHO 6 trusted network. The default IP address is 192.168.111.1.

Disabling SOCKS on the SOHO 6

Once you use a SOCKS-compliant application through the SOHO 6, the primary SOCKS port is available to anyone on your trusted network. You can close this security gap between uses of SOCKS applications.

1Enable the checkbox labeled Disable SOCKS proxy.

This disables the SOHO 6 from acting as a SOCKS proxy.

2Click Submit.

When you need to use SOCKS again, follow this procedure:

1Disable the checkbox labeled Disable SOCKS proxy.

This enables the SOHO 6 to act as a SOCKS proxy.

2Click Submit.

The SOHO 6 is enabled again as a Proxy server and ready to pass SOCKS packets.

Logging all allowed outbound traffic

By default, the SOHO 6 logs only particular events and not all traffic passing through it. For the most part, the SOHO 6 records denied traffic. However, the SOHO 6 is able to record all allowed outbound traffic.

NOTE

This option will record an extensive amount of log entries. For this reason, WatchGuard recommends that you use it for diagnostic purposes only.

70	WatchGuard Firebox SOHO 6.1

Image 88

Contents WatchGuard Firebox Soho User Guide Using this Guide Following conventions are used in this guideCertifications and Notices FCC CertificationCE Notice Industry CanadaVcci Notice Class a ITE Declaration of Conformity Watchguard Soho Software END-USER License Agreement User Guide Vii Viii WatchGuard Firebox Soho Copyright, Trademark, and Patent Information WatchGuard Firebox Soho User Guide Xii WatchGuard Firebox Soho Contents Configure the Network Interfaces Configure the Firewall Settings VPN-Virtual Private Networking Index 117 Xviii WatchGuard Firebox Soho Introduction WelcomePackage Contents How Does a Firewall Work? IP addresses How Does Information Travel on the Internet?Protocol Services How Does the Soho 6 Process Information?Port numbers Network Address TranslationSoho 6 Hardware Description Soho 6 front and rear viewsFaster Processor Ethernet portsStatus Link100 ModeOPT port Reset button Power inputWAN port Numbered portsIntroduction WatchGuard Firebox Soho Installation Review and record your current TCP/IP settings Click Start = Programs = Accessories = Command PromptBefore You Begin Microsoft Windows 2000 and Windows XPMicrosoft Windows NT Microsoft Windows 95 or 98 or MEMacintosh Other operating systems Unix, LinuxDisable the Http proxy setting of your Web browser Exit the TCP/IP configuration screenNetscape Click Edit = PreferencesEnable your computer for Dhcp Click Start = Settings = Control PanelInternet Explorer 5.0, 5.5, Click Tools = Internet OptionsClick Properties Physically connect the Soho Cabling the Soho 6 for one to four appliances Cabling the Soho 6 for more than four computers Physically connect the Soho Soho 6 is now connected to the Internet and your hub Soho 6 Basics Soho 6 Home Page-System StatusSoho 6 Basics External Network Default Factory SettingsTrusted Network Reset a Soho 6 to factory default Firewall SettingsUpgrade Options System SecurityRegister your Soho 6 and Activate the LiveSecurity Service Base model SohoReboot the Soho Reboot the Soho Soho 6 Basics WatchGuard Firebox Soho Configure Your External Network Configure Network InterfacesNetwork addressing Configure the Soho 6 External Network for dynamic addressing Manual Configuration Configure the Soho 6 External Network for static addressingNetwork = External Configure the Soho 6 External Network for PPPoE Click Automatically restore lost connections Configure the Trusted Network Configure Dhcp Server and Dhcp RelayTrusted Network Configuration page appears Configure additional computers on the Trusted Network Configure the Trusted Network with static addresses Network = TrustedConfigure Static Routes Click Add View Network Statistics Network = Network StatisticsSelect the Enable Dynamic DNS client checkbox Configure the Dynamic DNS ServiceNetwork = DynamicDNS Configure OPT Port Upgrades Configure Dual ISP PortConfigure OPT Port Upgrades Network = Dual ISP Configure VPNforce Port Network = Optional Configure OPT Port Upgrades Configure the Network Interfaces WatchGuard Firebox Soho Administrative Options System Security System managementAdministration = System Security Set up VPN Manager Access Soho Remote ManagementAdministration = VPN Manager Access Select Enable VPN Manager AccessUpdate Your Firmware Administration = UpdateRedeem your Soho 6 Upgrade Options Upgrade options Administration = UpgradeSeat Licenses LiveSecurity Service Subscription Renewals Dual ISP PortVPNforce Port IPSec Virtual Private Networking VPNView the Configuration File Administration = View Configuration FileConfigure Firewall Settings Firewall SettingsPre-configured Services Configure Incoming and Outgoing ServicesFirewall = Incoming or Outgoing Create a Custom Service Firewall = Custom Service Custom Service page refreshesBlock External Sites Blocked Sites page appears Firewall Options Firewall = Firewall OptionsDenying FTP access to the Trusted Network interface Select Do not allow FTP access to Trusted NetworkPing requests received on the External Network Socks implementation for the SohoConfiguring your Socks application Logging all allowed outbound traffic Disabling Socks on the SohoSelect Log All Allowed Outbound Access Enable override MAC address for the External NetworkSelect Enable override MAC address for the External Network Create an Unrestricted Pass Through Select Enable pass through addressFirewall = Pass Through Create an Unrestricted Pass Through Configure the Firewall Settings WatchGuard Firebox Soho Configure Logging View Soho 6 Log Messages From the navigation bar on the left side, select LoggingTo have your log messages synchronize with your computer Select Enable WatchGuard Security Event Processor Logging Select Enable syslog output Set up Logging to a Syslog HostLogging = Syslog Logging Set the System Time Select Include local time in syslog messageSelect Adjust for daylight savings time Select a time zone from the drop listConfigure Logging WatchGuard Firebox Soho Why Create a Virtual Private Network? VPN-Virtual Private NetworkingWhat You Need IP Address Table example Enable the VPN Upgrade Frequently Asked Questions Why do I need a static external address?Special Considerations How do I get a static external IP address?Why is ping not working? How do I obtain a VPN upgrade license key?How do I enable a VPN Tunnel? How do I troubleshoot the connection?Set Up Multiple SOHO-SOHO VPN Tunnels VPN = Manual VPNSoho 6 you want to set up a VPN tunnel Enter the Name, IPSec Gateway Address, and Shared Key forSet Up Multiple SOHO-SOHO VPN Tunnels Forward Secrecy Configure Split Tunneling Muvpn ClientsView the VPN Statistics StatisticsSoho 6 WebBlocker How WebBlocker WorksWeb site in the WebBlocker database Web site not in the WebBlocker databaseWatchGuard WebBlocker database unavailable Purchase and Activate Soho 6 WebBlocker WebBlocker users and groupsBypass the Soho 6 WebBlocker GroupsWebBlocker = Settings Configure the Soho 6 WebBlockerActivate WebBlocker Select Enable WebBlocking Create WebBlocker Groups and UsersClick New to create a group name and profile Click Submit To the right of the Users field, click New Alcohol/tobacco WebBlocker CategoriesIllegal Gambling Militant/extremist Drug CultureSatanic/cult IntoleranceGross Depictions Violence/profanitySearch Engines Sports and LeisureFull Nudity Sexual ActsPartial/artistic Nudity Support Resources Troubleshooting TipsGeneral How do I register my Soho 6 with the LiveSecurity Service? How do I restart my Soho 6?Cant get a certain Soho 6 feature to work with a DSL modem What is a Soho 6 Feature Key?How does the seat limitation on the Soho 6 work? 110 Configuration Where are the Soho 6 settings stored?How do I set up Dhcp on the trusted network of the Soho 6? Select Enable Dhcp Server and then click SubmitHow do I set up and disable Webblocker? Disable Enable Dhcp Server and then click SubmitHow do I change to a static, trusted IP address? Firewall = Incoming VPN Management How do I set up my Soho 6 for VPN Manager Access? How do I set up VPN to a Soho 6s?Online Documentation and In-Depth FAQs Contact Technical supportIndex NumericsWAN Socks Redeeming 57 types Upgrade page 58 upgrading Processor WebBlocker 122

Related manuals

Manual 8 pages 29.02 Kb