Logging all allowed outbound traffic | WatchGuard Technologies SOHO

Firewall Options

•For the SOCKS proxy, enter the URL or IP address of the SOHO trusted network. The default IP address is 192.168.111.0.

Disabling SOCKS on the SOHO

Once you have used a SOCKS-compliant application through the SOHO, the primary SOCKS port is available to anyone on your trusted network. You can, however, close this security gap between uses of SOCKS applications.

1Enable the checkbox labeled Disable SOCKS proxy.

This disables the SOHO from acting as a SOCKS proxy.

2Click the Submit button.

When you need to use SOCKS again, follow this procedure:

1Disable the checkbox labeled Disable SOCKS proxy.

This enables the SOHO to act as a SOCKS proxy.

2Click the Submit button.

The SOHO is enabled again as a Proxy server and ready to pass SOCKS packets.

Logging all allowed outbound traffic

By default, the SOHO logs only particular events and not all traffic passing through it. For the most part, the SOHO records denied traffic. However, the SOHO can be configured to record all allowed outbound traffic.

NOTE As this option will record an extensive amount of log entries, WatchGuard recommends that it only be enabled for diagnostic purposes.

User Guide 5.0

73

Image 73

WatchGuard Technologies SOHO manual Logging all allowed outbound traffic, Disabling Socks on the Soho

Contents

WatchGuard Soho User Guide Page Following conventions are used throughout this guide Using this guide FCC Certification Certifications and NoticesCE Notice Industry Canada Taiwanese Notice Vcci Notice Class a ITE Declaration of Conformity WatchGuard End-User License Agreement Page User Guide WatchGuard Limited Hardware Warranty User Guide Copyright and Patent Information Table of Contents Your Administrative Options Configuring Virtual Private Networking Page Welcome Introduction How does a firewall work? Registration and Identification Information How does a firewall work? IP Addresses How does information travel on the internet?Protocol Port number How does the Soho process this information? ServicesNetwork Address Translation NAT Soho Home Page-System Status Default Factory Settings Firewall Settings Resetting a Soho to the Factory Defaults Base Model Soho Rebooting a WatchGuard Soho Rebooting a WatchGuard Soho Rebooting a WatchGuard Soho Before you begin Pre-installation checklist Installation Process Microsoft Windows NT or Determine your current TCP/IP settingsMicrosoft Windows 95 or 98 or ME Macintosh Exit the TCP/IP configuration screen Disable your browser’s Http proxy Netscape 6/6.1 Netscape Internet Explorer 5.0/5.5 Physically connecting your SohoCabling the Soho for one to four devices Installation Process Cabling the Soho for more than four computers This creates a connection between the Soho and the modem Installation Process Network addressing Configuring Your External Network Double-click the Network icon TCP/IP Properties dialog box appears Configuring the Soho External network for dynamic addressing On your computer Configuring the Soho External network for static addressing External On the Soho Configuring the Soho external network for PPPoE From the Configuration Mode drop list, select PPPoE Client Click Automatically restore lost connections Release and renew the IP configuration Configure the Trusted network with static addresses Configuring Your Trusted NetworkRoutes Configure additional computers to the trusted network Configuring Static Routes View the Network Statistics Network Statistics View the Network Statistics System Security Your Administrative Options Setting a System Administrator Name and System Passphrase = System Security = VPN Manager Access Setting up VPN Manager Access Click the Submit button Redeeming your Soho upgrade certificates Update Your Configuration from a Non- Windows Platform= Update = Upgrade Seat Licenses Upgrade certificates = View Configuration File View the Configuration File View the Configuration File Configuring Incoming and Outgoing Services Firewall settings Incoming or Outgoing Pre-configured Services Creating a Custom Service TCP and UDP Ports Custom ServiceIP Protocols Blocking External Sites Blocked Sites Firewall Options Firewall Options Ping requests received on the External Network Socks implementation for the Soho Denying FTP access to the Trusted Network interface Configure your Socks application Disabling Socks on the Soho Logging all allowed outbound traffic DMZ Creating a virtual DMZ Creating a virtual DMZ Creating a virtual DMZ Viewing Soho log messages What is Logging? Wsep Logging Setting a WatchGuard Security Event Processor log host Our example Syslog Logging Setting a Syslog Host System Time Setting the System Time If you have decided to use the WatchGuard Time Server Setting the System Time Setting the System Time How WebBlocker works WatchGuard Soho WebBlocker Web site in WebBlocker database Web site not in WebBlocker databaseWatchGuard WebBlocker database unavailable WebBlocker Users and Groups Bypassing the Soho WebBlocker Purchasing and enabling Soho WebBlocker Enable WebBlocker Configuring the Soho WebBlockerSettings Enter the Inactivity Timeout in minutes Groups Create WebBlocker Groups and Users To the right of the Users field, click the New button Click the Submit button Alcohol/Tobacco WebBlocker categories Drug Culture Search Engines Click Check if the URL is on the CyberNOT List Searching for blocked sites Why create a virtual private network? Configuring Virtual Private Networking What you will need IP Address Table example Obtaining the VPN upgrade Step-by-step instructions for configuring a Soho VPN tunnelEnabling the VPN upgrade Special considerations Why do I need a static external address? Frequently asked questionsHow do I get a static external IP address? How do I obtain a VPN upgrade certificate? OK, why is ping not working?How do I connect three or four offices together? How do I troubleshoot the connection? Muvpn Clients How do I enable a VPN Tunnel?View the VPN Statistics View the VPN Statistics 104 How do I reboot my SOHO? TroubleshootingGeneral How do I register my SOHO? What do the on and Mode lights signify on the SOHO? What is a Soho feature key? Set a password on my unit, but I forgot it. Can you help?Cant get a certain Soho feature to work with a DSL modem How does the seat limitation on the Soho work? How do I install a Soho using a Macintosh? Where are the Soho settings stored? ConfigurationHow can I see the MAC address of my SOHO? How do I change to a Dhcp trusted IP address? How do I change to a static trusted IP address? How do I set up and disable Webblocker? Incoming WebBlocker VPN Management How do I set up VPN between two SOHOs? How do I set up my Soho for VPN Manager Access? Contacting Technical support Online Documenting and In-Depth FAQsSpecial Notices Database WebBlocker Default gateway 98 DNS service 116 User Guide 117 Socks