WatchGuard Technologies WatchGuard SOHO and SOHO | tc guide

SOCKS for SOHO

SOHO SOCKS implementation

The SOHO SOCKS feature has the following characteristics and limitations:

•SOHO supports SOCKS version 5 only.

•It is a limited version of SOCKS and does not support authentication, nor does it support Domain Name System (DNS) resolution.

CAUTION

Configure the particular application so that it will not attempt to make DNS look-ups with SOCKS. However, some applications use only DNS through SOCKS and therefore will not function properly with the SOHO.

•Compatible SOCKS-aware applications that can be used through the SOHO include ICQ, IRC, and AOL Messenger.

•When you open a SOCKS application, it opens a “hole” in the SOHO firewall that is available to anyone on your private network. SOCKS applications therefore pose a significant security risk. To disable the port and close the security risk, see “Disabling SOCKS on the SOHO” on page 53.

Configuring your SOCKS application on the SOHO

Other than ensuring that port 1080 is open to run a SOCKS- dependent application, the rest of the configuration tasks must be done with the SOCKS-dependent application. Different applications may have variations in their settings, but you must configure the SOCKS-dependent application, using the application user interface, to certain parameters to enable the SOHO to pass SOCKS applications:

52

Image 64

WatchGuard Technologies WatchGuard SOHO and SOHO | tc manual Soho Socks implementation

Contents

WatchGuard Soho User Guide Registration and identification information Copyright and patent information WatchGuard Soho End-User License Agreement User Guide IiiPage User Guide WatchGuard Limited Hardware Warranty User Guide Vii Redeeming Soho upgrade certificates Welcome Using this guide Following conventions are used throughout this guidePage Table of Contents Additional Soho Features Pre-installation checklist InstallationBefore you begin Performing manual installation Determine your current TCP/IP settings Microsoft Windows NT or Microsoft Windows 95 or 98 or MEMacintosh Other operating systems Unix, Linux Disable your browser’s Http proxy Netscape 4.5 or Internet Explorer Physically connecting your Soho Cabling the Soho for one to four devices This creates a connection between the Soho and the modem Cabling the Soho for more than four computers This creates a connection between the Soho and the modem Physically connecting your Soho Setting Up Your Soho Network How does a firewall work? Configuring your public network Network addressing Double-click the Network icon Configuring your public network Configuring the Soho public network for dynamic addressing On your computer Configuring the Soho public network for static addressingSelect the Obtain an IP address automatically option. Click On the Soho Click Public Network Configuring Soho public network for PPPoE Release and renew the IP configuration Click Automatically restore lost connections Configuring your private network Configure additional computers to the private network Select System Administration Changing the Soho system name and passwordSelect System Password Default factory settings Default factory settings Troubleshooting installation and network configuration Virtual Private Networking IPSec VPN is not installed What do the on and Mode lights signify on the SOHO? Where are the Soho settings stored?How do I register my SOHO? How do I change to a Dhcp private IP address? How do I allow any incoming service? How do I change to a static private IP address? Click Services and then click Allowed Incoming Services How do I set up and disable Web blocking?How do I allow incoming IP protocols? How do I set up VPN between two SOHOs? VPN Management How do I set up my Soho for remote configuration? How do I reboot my SOHO?How do I reset the Soho to factory defaults? Set a password on my unit, but I forgot it. Can you help? How do I install a Soho using a Macintosh?How does the seat limitation on the Soho work? How do I get to the Soho Knowledge Base? What is a Soho feature key? Cant get a certain Soho feature to work with a DSL modemHow do I register for Live Security? How can I see the MAC address of my SOHO? How does information travel on the internet? Configuring Services for a SohoIP addresses Services WatchGuard Soho servicesProtocol Port number Allowing incoming services Network address translation Select Allowed Incoming Services Adding a pre-configured incoming serviceClick Add a Service Creating a custom incoming service Adding an incoming TCP or UDP serviceClick Allowed Incoming Services. Click Add a Service Click Add Other TCP or UDP Service Adding the Any service Adding an incoming service with another type of protocolClick Add Other Service Click Add Any Service Removing an incoming serviceClick Allowed Incoming Services Blocking a TCP or UDP service Blocking outgoing servicesClick Remove a Service Select Blocked Outgoing Services Click Block TCP or UDP ServiceClick Blocked Outgoing Services Blocking an alternative protocol Removing a blocked outgoing service Click Remove Blocked Service Configuring Virtual Private Networking Why create a virtual private network? What you will need One WatchGuard Soho with VPN and an IPSec-compliant Device IP Address Table example About Feature Keys Obtaining a VPN Feature KeyEnabling the VPN Feature Key Step-by-step instructions for configuring a Soho VPN tunnel Special considerations Frequently asked questions Why do I need a static public address?How do I get a static public IP address? How do I connect three or four offices together? How do I enable a VPN Tunnel? How do I obtain a VPN Feature Key?OK, ping is not working Frequently asked questions Additional Soho Features Socks for Soho Configuring your Socks application on the Soho Soho Socks implementation Select Service Options Disabling Socks on the Soho Setting a remote log host Soho loggingViewing Soho log messages Click System Information Click System Administration Rebooting a WatchGuard SohoSelect Remote Logging Rebooting a WatchGuard Soho WatchGuard Soho WebBlocker How WebBlocker works Web site not in WebBlocker database Web site in WebBlocker databaseWatchGuard WebBlocker database unavailable Bypassing the Soho WebBlocker Purchasing and enabling Soho WebBlocker Configuring the Soho WebBlockerSelect Web Blocking Enter the full access password WebBlocker categories Alcohol/Tobacco Satanic/Cult Search Engines Searching for blocked sites Click Check if the URL is on the CyberNOT List Index Primary IP address 44 secondary IP address TCP UDP