Action for matched Packets = Permit.
(3) Can’t ping 192.168.1.33 from 192.168.2.33 and you can find
“Unsupported/out-of-order ICMP: ICMP (Echo Reply)” log on log page.
Note:
(1) Here, PC1’s GW is DUT1’s LAN IP. With the ICMP reply packet, the destination
IP is 192.168.2.33. In PC1, the packet will match the default GW (192.168.1.2) and
change the destination MAC as DUT's LAN MAC. DUT receive the packet and the
destination MAC is DUT's LAN, DUT thinks this packet is send to itself and the
ICMP out of order happens. This is because there is no ICMP request packet for the
device itself but an ICMP reply packet for DUT.
(ICMP out of order scenario, not ICMP request but with ICMP reply)
(2) If set the default GW in PC1 as 192.168.1.1, the packet's destination MAC is
NAT-Device's LAN (192.168.1.1), not DUT's IP. DUT knows the packet is not for
itself and ready pass through it. But the packet match the VPN rule and it will
encrypted by DUT.
[Content Filter]
1. CF Denied Access Message can run script.
2. And the categories function can also has some issue because of the OutpostPro
firewall bug fix. When user want to block some categories, such as“Search
Engines/Portals”, external DB search work normally the first time. But after
refreshing the page or open the website again in another Browser window, only
“Please contact your network administrator!!” can be showed, without the link to
bluecoat.
3. Web sites of category “Peer-to-Peer” were recognized as “Spyware/Malware
Sources”.
4. “Don’t block Java/ActiveX/Cookies/Web proxy to trust Web site” function in content
filter cannot work.
Symptom: "Don’t block Java/ActiveX/Cookies/Web proxy to trust Web site" function
in content filter cannot work.
Condition:
(1) In eWC->SECURITY->CONTENT FILTER->General page, enable "Content
filter" and block "Java Applet/ActiveX/Cookies/Web Proxy".
(2) In eWC->SECURITY->CONTENT FILTER->Customization page, enable "Web
site customization" and "Don't block Java/ActiveX/Cookies/Web proxy to
trusted Web sites". Add "web.haccpsoft.it" to "Trusted Web Sites".
(3) A PC in ZYWALL's LAN side browses "http://web.haccpsoft.it:8080" website.
(4) Login in and click the date, the popup window should show a calendar instead of
another login page.
(5) It is blocked by content filter.
5. http://info.zyxel.com.tw
was recognised as “google”.
Condition:
(1) Input “google” in Keyword Blocking of Customization.
(2) Visit http://info.zyxel.com.tw in LAN PC. The web site is opened successfully.
But there is a Keyword Blocking log say “info.zyxel.com.tw: Keyword
blocking” (see attached file).
(126 strony)
(41 strony)
(49 strony)
Manymanuals.com
Manymanuals.de
Manymanuals.fr
Manymanuals.it
Manymanuals.pl
Manymanuals.cz
Manymanuals.es
Manymanuals-pt.com
Komentarze do niniejszej Instrukcji