Comments
-
Thank you again, changing the source to any wouldnt allow access from any IP address instead of only from certine IPs? Also why should create a new address object instead of just adding the IP6 to the existing group? I ask this coz love to know eveything ;)
-
Sorry for going on about this, This is inbound rule that must allow access to a port on a webserver on the lan, Currently we have only a group of IP4 that have access, now we want an IP6 have access to the same port on the same server, if I understand you correctly now I can create an object address for IP6 and added to…
-
am I right that we have to create a new Nat policy for the IP6? I said this because the current nat policy that allow access to a server on LAN says Only IP4!
-
@Saravanan Thanks for your reply, The installing the firmware on the HA mode is now clear for me thanks. Regarding installing the latest version on the NSA220, you mean if the current firmware says SonicOS Enhanced 5.9.1.8-10o we can directly upgrade this firmware to the latest version 5.9.2.7-5o, am I right?
-
@shiprasahu93 Thanks as always for your reply, Then we should not group the IP4 and IP6 objects because the current NAT rule says IPv4 and we have to create a new NAT rule for the IP6 version. When I want to create a service object I can see TCP(6) is this working for both IP4 and IP6 Thanks
-
Thanks for your reply, If I understood you correctly we can add an IPv6 object address to an existing IPv4 object access group that we already using to allow access to one of our servers on LAN and than that IPv6 will also have access to the server on LAN, am I right? Thanks
-
I just use the 48 in perfix and could create the object address, is this correct way to do it?
-
Did tried with the prefix and get thid error
-
should we use the perfix that we see in screenshot or can be shorter?
-
Thanks for your reply, We want to allow access to that IPv6 net to one of our internal servers and I want to create an address obiect network, Should I use the prefix as subnet? Thanks
-
Just one more question, the portquery shows status code: return code 0x00000002. I use the portlistner for simulation of the udp 2088 on a machine on internet and on that machine when run telnet localhost 2088 get answer Hello! Why then portquery failed? Is this means that an device somewhere down the line or our ISP block…
-
Ok, I think it is working now, I can see this, is this means that our FW allow the outgoing UDP port 2088, right?
-
I did set the filter as you mentioned and then run portquery for both tcp and utp for port 2088 but nothing is showing?
-
Thanks for your reply, This is the location,I run the start capture and then telnet the external port or run the portquery, the telnet sessions aresuccessful and portquery for udp is not. after that I export export the logs to the text file and I run a seurch for IP of my PC, but I cannot see the port that I telnet or run…
-
Hi, Thanks for your reply, I did run the packet capture on the NSA and try to telnet the one of the tcp ports to see if I can see it in the logs, but I can not see any telnet from the IP of my PC to that IP address. in the logs I can see that I have RDP connection to the same externel IP but not the telnet command or…