Re: [Efw-user] hi
Forget Endian Community Edition with large scale network, move to pFsense and you will be happy. Davide. Il 14/01/15 13:36, mohsen Abbaspour ha scritto: hi every body i want to use endian noncomercial version in large scale network these service are in my favorite to use in the network and i need them VPN , IDPS , Firewall , Monitoring and log traffic i dont know possible problems aboutusing endian on large scale network there are 1500 users on my network -- mob :09359535689 Check out my professional profile and connect with me on LinkedIn. http://lnkd.in/RqFEqH -- New Year. New Location. New Benefits. New Data Center in Ashburn, VA. GigeNET is offering a free month of service with a new server in Ashburn. Choose from 2 high performing configs, both with 100TB of bandwidth. Higher redundancy.Lower latency.Increased capacity.Completely compliant. http://p.sf.net/sfu/gigenet ___ Efw-user mailing list Efw-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/efw-user -- New Year. New Location. New Benefits. New Data Center in Ashburn, VA. GigeNET is offering a free month of service with a new server in Ashburn. Choose from 2 high performing configs, both with 100TB of bandwidth. Higher redundancy.Lower latency.Increased capacity.Completely compliant. http://p.sf.net/sfu/gigenet ___ Efw-user mailing list Efw-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/efw-user
Re: [Efw-user] Endian Firewall Community - Is it dead/dying?
C.P. is Captive Portal... Davide Cottignoli. Il giorno 15/ott/2014, alle ore 12:57, Melcon Moraes mel...@gmail.com ha scritto: I'm inclined to test ClearOS. IPFire seems nice too, but a little bit far from Endian easy-to-use interface. I believe that with both of them you can tinker a bit for custom stuff. @David Cottignoli, what is C.P. ? - MM On Tue, Oct 14, 2014 at 4:20 PM, Herbert Appel postmas...@nx-networx.de wrote: Hi, first you should think about if you want to have something to work with or something to tinker (or to perform handicraft work) Herb Am 14.10.2014 um 19:57 schrieb Johan Ljunggren ljunggrenjo...@hotmail.com: Med vänliga hälsningar, -- Comprehensive Server Monitoring with Site24x7. Monitor 10 servers for $9/Month. Get alerted through email, SMS, voice calls or mobile push notifications. Take corrective actions from your mobile device. http://p.sf.net/sfu/Zoho ___ Efw-user mailing list Efw-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/efw-user -- Comprehensive Server Monitoring with Site24x7. Monitor 10 servers for $9/Month. Get alerted through email, SMS, voice calls or mobile push notifications. Take corrective actions from your mobile device. http://p.sf.net/sfu/Zoho ___ Efw-user mailing list Efw-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/efw-user -- Comprehensive Server Monitoring with Site24x7. Monitor 10 servers for $9/Month. Get alerted through email, SMS, voice calls or mobile push notifications. Take corrective actions from your mobile device. http://p.sf.net/sfu/Zoho___ Efw-user mailing list Efw-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/efw-user
Re: [Efw-user] Endian Firewall Community - Is it dead/dying?
The project is not dead but for the second part of your mind, I think you're right. Davide. Il 14/10/14 17:01, Matt Hayes ha scritto: So, This has been asked quite a bit and now I'm curious. IS this project dead? Should I start looking for something else at this time to accommodate my needs? Thank you, -Matt -- Comprehensive Server Monitoring with Site24x7. Monitor 10 servers for $9/Month. Get alerted through email, SMS, voice calls or mobile push notifications. Take corrective actions from your mobile device. http://p.sf.net/sfu/Zoho ___ Efw-user mailing list Efw-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/efw-user -- Comprehensive Server Monitoring with Site24x7. Monitor 10 servers for $9/Month. Get alerted through email, SMS, voice calls or mobile push notifications. Take corrective actions from your mobile device. http://p.sf.net/sfu/Zoho ___ Efw-user mailing list Efw-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/efw-user
Re: [Efw-user] Endian Firewall Community - Is it dead/dying?
I use pFsense because I need C.P. Il 14/10/14 18:58, ANIS El Achèche ha scritto: Hey! As we start a such discussion, let's talk about alternatives.. We ca nuse pFsense, ClearOS, Zentyal... what else?? What would you use ?? -- Comprehensive Server Monitoring with Site24x7. Monitor 10 servers for $9/Month. Get alerted through email, SMS, voice calls or mobile push notifications. Take corrective actions from your mobile device. http://p.sf.net/sfu/Zoho ___ Efw-user mailing list Efw-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/efw-user
Re: [Efw-user] Block HTTP traffic:
Sure you need to block these protocols and set navigation to proxy port at client side, if proxy is set to not transparerent. Davide. Nella citazione in data Mon Dec 23 01:31:22 2013, danillo F. ha scritto: Hello people, okay? I am wanting to block HTTP and HTTPS traffic, only allowing navigation proxy. I went to Firewall Outgoing firewall: And I disabled the following rules: RED GREEN TCP/80 ALLOW with IPS allow HTTP RED GREEN TCP/443 ALLOW with IPS allow HTTPS However still continued getting surf, have some other option? att danillo -- Rapidly troubleshoot problems before they affect your business. Most IT organizations don't have a clear picture of how application performance affects their revenue. With AppDynamics, you get 100% visibility into your Java,.NET, PHP application. Start your 15-day FREE TRIAL of AppDynamics Pro! http://pubads.g.doubleclick.net/gampad/clk?id=84349831iu=/4140/ostg.clktrk ___ Efw-user mailing list Efw-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/efw-user -- Rapidly troubleshoot problems before they affect your business. Most IT organizations don't have a clear picture of how application performance affects their revenue. With AppDynamics, you get 100% visibility into your Java,.NET, PHP application. Start your 15-day FREE TRIAL of AppDynamics Pro! http://pubads.g.doubleclick.net/gampad/clk?id=84349831iu=/4140/ostg.clktrk ___ Efw-user mailing list Efw-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/efw-user
Re: [Efw-user] Block HTTP traffic:
Should you post a detailed config? On 23/12/2013 15:45, danillo F. wrote: But I do not want to use transparent proxy, want to allow only navigation using proxy. Date: Mon, 23 Dec 2013 09:07:14 -0500 From: domin...@slackadelic.com To: efw-user@lists.sourceforge.net Subject: Re: [Efw-user] Block HTTP traffic: Set the proxy to be transparent... no need to remove any rules. On Mon, Dec 23, 2013 at 5:57 AM, danillo F. danill...@hotmail.com mailto:danill...@hotmail.com wrote: I did that, but just disabling the rules is still possible to navigate, even without setting the proxy in navigated. att danillo Date: Mon, 23 Dec 2013 11:33:40 +0100 From: davidecottign...@racine.ra.it mailto:davidecottign...@racine.ra.it To: efw-user@lists.sourceforge.net mailto:efw-user@lists.sourceforge.net Subject: Re: [Efw-user] Block HTTP traffic: Sure you need to block these protocols and set navigation to proxy port at client side, if proxy is set to not transparerent. Davide. Nella citazione in data Mon Dec 23 01:31:22 2013, danillo F. ha scritto: Hello people, okay? I am wanting to block HTTP and HTTPS traffic, only allowing navigation proxy. I went to Firewall Outgoing firewall: And I disabled the following rules: RED GREEN TCP/80 ALLOW with IPS allow HTTP RED GREEN TCP/443 ALLOW with IPS allow HTTPS However still continued getting surf, have some other option? att danillo -- Rapidly troubleshoot problems before they affect your business. Most IT organizations don't have a clear picture of how application performance affects their revenue. With AppDynamics, you get 100% visibility into your Java,.NET, PHP application. Start your 15-day FREE TRIAL of AppDynamics Pro! http://pubads.g.doubleclick.net/gampad/clk?id=84349831iu=/4140/ostg.clktrk ___ Efw-user mailing list Efw-user@lists.sourceforge.net mailto:Efw-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/efw-user -- Rapidly troubleshoot problems before they affect your business. Most IT organizations don't have a clear picture of how application performance affects their revenue. With AppDynamics, you get 100% visibility into your Java,.NET, PHP application. Start your 15-day FREE TRIAL of AppDynamics Pro! http://pubads.g.doubleclick.net/gampad/clk?id=84349831iu=/4140/ostg.clktrk ___ Efw-user mailing list Efw-user@lists.sourceforge.net mailto:Efw-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/efw-user -- Rapidly troubleshoot problems before they affect your business. Most IT organizations don't have a clear picture of how application performance affects their revenue. With AppDynamics, you get 100% visibility into your Java,.NET, PHP application. Start your 15-day FREE TRIAL of AppDynamics Pro! http://pubads.g.doubleclick.net/gampad/clk?id=84349831iu=/4140/ostg.clktrk ___ Efw-user mailing list Efw-user@lists.sourceforge.net mailto:Efw-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/efw-user -- Rapidly troubleshoot problems before they affect your business. Most IT organizations don't have a clear picture of how application performance affects their revenue. With AppDynamics, you get 100% visibility into your Java,.NET, PHP application. Start your 15-day FREE TRIAL of AppDynamics Pro! http://pubads.g.doubleclick.net/gampad/clk?id=84349831iu=/4140/ostg.clktrk ___ Efw-user mailing list Efw-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/efw-user -- Rapidly troubleshoot problems before they affect your business. Most IT organizations don't have a clear picture of how application performance affects their revenue. With AppDynamics, you get 100% visibility into your Java,.NET, PHP application. Start your 15-day FREE TRIAL of AppDynamics Pro!
Re: [Efw-user] Block HTTP traffic:
It seems that your network is open to one subnet. In gateway mode, with only (I guess because such few info) a network card, you need to block traffic from clients to the gateway and gateway accepts only traffic from Endian because (I guess) there is only one subnet. Your clients can connect to the gateway and surf the Internet because Endian forward all traffic to the green network and your gateway is (probably) in this zone. Davide. Il 24/12/13 00:19, danillo F. ha scritto: I did the default installation endian, do not set any rules, only those that come by default. The Endian is configured in gateway mode and the stations that set the IP endian as default gateway. With the default settings of the Endian all stations can browse normally, I would like to disable this option, only releasing the navigation proxy. att Date: Mon, 23 Dec 2013 22:23:14 +0100 From: davidecottign...@racine.ra.it To: efw-user@lists.sourceforge.net Subject: Re: [Efw-user] Block HTTP traffic: Should you post a detailed config? On 23/12/2013 15:45, danillo F. wrote: But I do not want to use transparent proxy, want to allow only navigation using proxy. Date: Mon, 23 Dec 2013 09:07:14 -0500 From: domin...@slackadelic.com To: efw-user@lists.sourceforge.net Subject: Re: [Efw-user] Block HTTP traffic: Set the proxy to be transparent... no need to remove any rules. On Mon, Dec 23, 2013 at 5:57 AM, danillo F. danill...@hotmail.com mailto:danill...@hotmail.com wrote: I did that, but just disabling the rules is still possible to navigate, even without setting the proxy in navigated. att danillo Date: Mon, 23 Dec 2013 11:33:40 +0100 From: davidecottign...@racine.ra.it mailto:davidecottign...@racine.ra.it To: efw-user@lists.sourceforge.net mailto:efw-user@lists.sourceforge.net Subject: Re: [Efw-user] Block HTTP traffic: Sure you need to block these protocols and set navigation to proxy port at client side, if proxy is set to not transparerent. Davide. Nella citazione in data Mon Dec 23 01:31:22 2013, danillo F. ha scritto: Hello people, okay? I am wanting to block HTTP and HTTPS traffic, only allowing navigation proxy. I went to Firewall Outgoing firewall: And I disabled the following rules: RED GREEN TCP/80 ALLOW with IPS allow HTTP RED GREEN TCP/443 ALLOW with IPS allow HTTPS However still continued getting surf, have some other option? att danillo -- Rapidly troubleshoot problems before they affect your business. Most IT organizations don't have a clear picture of how application performance affects their revenue. With AppDynamics, you get 100% visibility into your Java,.NET, PHP application. Start your 15-day FREE TRIAL of AppDynamics Pro! http://pubads.g.doubleclick.net/gampad/clk?id=84349831iu=/4140/ostg.clktrk ___ Efw-user mailing list Efw-user@lists.sourceforge.net mailto:Efw-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/efw-user -- Rapidly troubleshoot problems before they affect your business. Most IT organizations don't have a clear picture of how application performance affects their revenue. With AppDynamics, you get 100% visibility into your Java,.NET, PHP application. Start your 15-day FREE TRIAL of AppDynamics Pro! http://pubads.g.doubleclick.net/gampad/clk?id=84349831iu=/4140/ostg.clktrk ___ Efw-user mailing list Efw-user@lists.sourceforge.net mailto:Efw-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/efw-user -- Rapidly troubleshoot problems before they affect your business. Most IT organizations don't have a clear picture of how application performance affects their revenue. With AppDynamics, you get 100% visibility into your Java,.NET, PHP application. Start your 15-day FREE TRIAL of AppDynamics Pro! http://pubads.g.doubleclick.net/gampad/clk?id=84349831iu=/4140/ostg.clktrk ___ Efw-user mailing list Efw-user@lists.sourceforge.net mailto:Efw-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/efw-user -- Rapidly troubleshoot problems before they affect your business. Most IT organizations don't have a clear picture of how application performance affects their revenue. With AppDynamics, you get 100% visibility
Re: [Efw-user] VPN Beta Testers Needed
Add me too. Davide Cottignoli. Il giorno 28/feb/2013, alle ore 10:52, Marc Fellman m...@fellman.nl ha scritto: +1 On 02/28/2013 09:15 AM, Andreas Schiller wrote: Hi Robert, I'd like to test this! In fact a while ago I was wondering whether it would be difficult to include this into efw on my own, but I was missing some time to do this. Great news, you did it! Greetz, Andreas Schiller I'm just finishing up changes to the VPN support in EFW Community 2.5.1. It includes the following improvements: Add Xauth support to IPsec for host-net connections Proper IPsec operation when initiator is behind NAT L2TP PSK and Certificate Xauth/L2TP User configuration page This not only adds a new package for the L2TP support it also modifies the existing efw-ipsec package. As a result I would like to get as much testing as possible before releasing it and possible breaking someone's IPsec connection. If you are interested in giving this a try (and can access your firewall even without your IPsec connection :-)) please let me know. -- Everyone hates slow websites. So do we. Make your web apps faster with AppDynamics Download AppDynamics Lite for free today: http://p.sf.net/sfu/appdyn_d2d_feb ___ Efw-user mailing list Efw-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/efw-user -- Andreas Schiller Softwareentwicklung Beratung Waldwinkel 12 31199 Diekholzen Tel: +49 (0)5121 267377 http://www.aschiller.de -- Everyone hates slow websites. So do we. Make your web apps faster with AppDynamics Download AppDynamics Lite for free today: http://p.sf.net/sfu/appdyn_d2d_feb ___ Efw-user mailing list Efw-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/efw-user -- Everyone hates slow websites. So do we. Make your web apps faster with AppDynamics Download AppDynamics Lite for free today: http://p.sf.net/sfu/appdyn_d2d_feb ___ Efw-user mailing list Efw-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/efw-user -- Everyone hates slow websites. So do we. Make your web apps faster with AppDynamics Download AppDynamics Lite for free today: http://p.sf.net/sfu/appdyn_d2d_feb___ Efw-user mailing list Efw-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/efw-user
Re: [Efw-user] EFW Developer Environment Released
Hi Robert, I suggest to rename the devel package to something like the matching Endian version; i.e. efw-devel-2.5.1-2.tar.gz for the last one. This avoid confusion for new people when join the community. Davide. Il 14/11/12 18:46, Robert B. Nelson ha scritto: I've finished the first release of the Developer Environment for Endian Firewall Community version 2.5.1. I created a project for it on my gforge site: http://gforge.opensource-sw.net/gf/project/efw-devel. There is a single tar file to download from the Files section. efw-devel-1.0.tar.gz The instructions for installing it are: First install the released version of EFW using Gateway for the RED zone. Enable SSH and connect to the server. On the newly installed developer machine, run the following commands: 1) efw-upgrade (select 2 Development) 2) curl -O http://gforge.opensource-sw.net/gf/download/frsrelease/29/130/efw-devel-1.0.tar.gz 3) tar -C /var -xf efw-devel.tar.gz 4) push d /var/efw-devel 5) ./retrieve-srpms 6 ) pop d 7 ) /var/efw-devel/setup-devel 8 ) /var/efw-devel/build-pkgs 9 ) /var/efw-devel/build-iso /var/tmp/efw.iso You should now have a new iso image suitable for installing. You can also browse the source for EFW in the vendor directory of the SVN section of the project. I unpacked all the SRPMS so you can view the spec files and patches directly. For the packages that are specific to EFW, I also expanded the source TARs and applied the patches so you can view the actual source code without downloading and installing the SRPMs. The changes I had to make to the SRPMs, to get them to build, are in the trunk directory in SVN. Currently the documentation is the shell script files themselves :-) -- Monitor your physical, virtual and cloud infrastructure from a single web console. Get in-depth insight into apps, servers, databases, vmware, SAP, cloud infrastructure, etc. Download 30-day Free Trial. Pricing starts from $795 for 25 servers or applications! http://p.sf.net/sfu/zoho_dev2dev_nov ___ Efw-user mailing list Efw-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/efw-user -- Monitor your physical, virtual and cloud infrastructure from a single web console. Get in-depth insight into apps, servers, databases, vmware, SAP, cloud infrastructure, etc. Download 30-day Free Trial. Pricing starts from $795 for 25 servers or applications! http://p.sf.net/sfu/zoho_dev2dev_nov ___ Efw-user mailing list Efw-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/efw-user
Re: [Efw-user] EFW CLI utility
The CLI is very limited. You can make an SSH access from the CLI if you want, but it is better from another client. Il 06/11/2012 15:50, d.davo...@mastertraining.it ha scritto: Is it right to say that with the CLI, I can't do very much? Unless I rely on linux commands standard. I mean, is there a list of the functions allowed in the CLI? I dunno, something like: start/stop firewalling, start/stop admin, start/stop vpn. AFAIK you can only start and stop the ssh service. There is a command help and I suspect that that's is all we got. Am I right? Thanks Davo -- LogMeIn Central: Instant, anywhere, Remote PC access and management. Stay in control, update software, and manage PCs from one command center Diagnose problems and improve visibility into emerging IT issues Automate, monitor and manage. Do more in less time with Central http://p.sf.net/sfu/logmein12331_d2d ___ Efw-user mailing list Efw-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/efw-user -- LogMeIn Central: Instant, anywhere, Remote PC access and management. Stay in control, update software, and manage PCs from one command center Diagnose problems and improve visibility into emerging IT issues Automate, monitor and manage. Do more in less time with Central http://p.sf.net/sfu/logmein12331_d2d ___ Efw-user mailing list Efw-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/efw-user
Re: [Efw-user] EFW 2.5.1 Blocking Single IP address, the right way?
Perhaps it is better to post in efwsupport.com Davide Cottignoli. Il giorno 05/nov/2012, alle ore 08:57, d.davo...@mastertraining.it d.davo...@mastertraining.it ha scritto: Am I doing something wrong, or this community isn't very active? Maybe I had my message on the wrong list? If so, please, tell me the right way to communicate. Thanks Davo On 10/30/2012 12:41 PM, d.davo...@mastertraining.it wrote: Hi everybody, I'm quite new to Endian and I have a question or two. I have a Web Server published via a Port Forwarding rule, very simple. In the Access From rules section I have Allow from: Uplink Any, since everybody can access to the Web Server. Now, someone was trying a nice DoS, attacking the http port from a fixed IP address. The documentation say that I can add an Access From rules to tune the IP addresses. But, as far as I can see I can only add Access From rules of the Allow from type. I can't add a Deny from: rule if the original one is the Allow type. Is it correct? Or am I missing something? To add a Deny From I added a duplicated Port Forwarding rule on top of the previous one, identical but for the Deny From rule. It works but is this the right way to configure? I'm asking because I know a bit of iptables and sounds a bit unnecessary to me. But as I said, I'm new to Endian and I'd like to know if I'm doing it right. Thanks Davo -- Everyone hates slow websites. So do we. Make your web apps faster with AppDynamics Download AppDynamics Lite for free today: http://p.sf.net/sfu/appdyn_sfd2d_oct ___ Efw-user mailing list Efw-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/efw-user -- LogMeIn Central: Instant, anywhere, Remote PC access and management. Stay in control, update software, and manage PCs from one command center Diagnose problems and improve visibility into emerging IT issues Automate, monitor and manage. Do more in less time with Central http://p.sf.net/sfu/logmein12331_d2d ___ Efw-user mailing list Efw-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/efw-user -- LogMeIn Central: Instant, anywhere, Remote PC access and management. Stay in control, update software, and manage PCs from one command center Diagnose problems and improve visibility into emerging IT issues Automate, monitor and manage. Do more in less time with Central http://p.sf.net/sfu/logmein12331_d2d ___ Efw-user mailing list Efw-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/efw-user
Re: [Efw-user] 2.5.1 upgrade
Yes, I did it. Make sure you have network connectivity to the endian update site (ping) from the endian box. Davide. Il 04/02/12 02:26, Igor Mikolic-Torreira ha scritto: On 02/03/2012 12:08 PM, Davide Cottignoli wrote: I get a try to upgrade to 2.5.1: from 2.5.0 to 2.5.1: upgrade success and the few services I tested works normally; Did you upgrade using the efw-upgrade command? When I try it I get No interesting upgrades available.. Igor from 2.4.1 to 2.5.1: upgrade completed withouth errors but dashboard doesn't work, so upgrade is useless. Davide. -- Try before you buy = See our experts in action! The most comprehensive online learning library for Microsoft developers is just $99.99! Visual Studio, SharePoint, SQL - plus HTML5, CSS3, MVC3, Metro Style Apps, more. Free future releases when you subscribe now! http://p.sf.net/sfu/learndevnow-dev2 ___ Efw-user mailing list Efw-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/efw-user -- Try before you buy = See our experts in action! The most comprehensive online learning library for Microsoft developers is just $99.99! Visual Studio, SharePoint, SQL - plus HTML5, CSS3, MVC3, Metro Style Apps, more. Free future releases when you subscribe now! http://p.sf.net/sfu/learndevnow-dev2 ___ Efw-user mailing list Efw-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/efw-user
Re: [Efw-user] 2.5.1 upgrade
I get a try to upgrade to 2.5.1: from 2.5.0 to 2.5.1: upgrade success and the few services I tested works normally; from 2.4.1 to 2.5.1: upgrade completed withouth errors but dashboard doesn't work, so upgrade is useless. Davide. Il 31/01/12 02:25, Andres Gonzalez ha scritto: Hello, any idea if it's possible to upgrade from version 2.4.1 to 2.5.1 ? Regards. -- AGD -- Keep Your Developer Skills Current with LearnDevNow! The most comprehensive online learning library for Microsoft developers is just $99.99! Visual Studio, SharePoint, SQL - plus HTML5, CSS3, MVC3, Metro Style Apps, more. Free future releases when you subscribe now! http://p.sf.net/sfu/learndevnow-d2d ___ Efw-user mailing list Efw-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/efw-user -- Try before you buy = See our experts in action! The most comprehensive online learning library for Microsoft developers is just $99.99! Visual Studio, SharePoint, SQL - plus HTML5, CSS3, MVC3, Metro Style Apps, more. Free future releases when you subscribe now! http://p.sf.net/sfu/learndevnow-dev2 ___ Efw-user mailing list Efw-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/efw-user
Re: [Efw-user] Proxy and Windows Update
It is easy to add a list of sites that do not need authentication by defining an access policy for the proxy with: Policy: unfiltered access Source: any Destination: .windowsupdate.com clr.microsoft.com(ecc. ecc.) Authgroup/user: not required When: always Useragent: any Bye. Davide Il 07/09/2011 18:07, Giovanni Vecchi ha scritto: Just edit the squid.conf file to have no authentication for the MS web site. It can't be done from the front end. http://wiki.squid-cache.org/SquidFaq/WindowsUpdate http://wiki.squid-cache.org/SquidFaq/WindowsUpdate?highlight=%28Window%29|%28Update%29|%28authentication%29#How_do_I_stop_Squid_popping_up_the_Authentication_box_for_Windows_Update.3F http://wiki.squid-cache.org/SquidFaq/WindowsUpdate?highlight=%28Window%29%7C%28Update%29%7C%28authentication%29#How_do_I_stop_Squid_popping_up_the_Authentication_box_for_Windows_Update.3F I will try but I think that next time I'll apply some changes from the front end, I'll miss the manual change on squid.conf ... Il contenuto di questa comunicazione ha natura riservata ed è destinato esclusivamente alla persona o ente cui essa è indirizzata. Qualsiasi forma di utilizzo non autorizzato del contenuto di questo messaggio non è consentito. Se non siete il destinatario designato di questo messaggio e del suo contenuto Vi preghiamo di comunicarlo immediatamente al mittente e di distruggere il messaggio ed i suoi eventuali allegati. This comunication is confidential and intended for the addressee(s) only. Any form of unauthorized use of the content of this e-mail is not permitted.If you are not the intended recipent of this message and its contents, please notify the sender immediately and delete this message and all its attachments. -- Using storage to extend the benefits of virtualization and iSCSI Virtualization increases hardware utilization and delivers a new level of agility. Learn what those decisions are and how to modernize your storage and backup environments for virtualization. http://www.accelacomm.com/jaw/sfnl/114/51434361/ ___ Efw-user mailing list Efw-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/efw-user -- Using storage to extend the benefits of virtualization and iSCSI Virtualization increases hardware utilization and delivers a new level of agility. Learn what those decisions are and how to modernize your storage and backup environments for virtualization. http://www.accelacomm.com/jaw/sfnl/114/51434361/ ___ Efw-user mailing list Efw-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/efw-user
Re: [Efw-user] Content filter problems in EFW 2.4
This behaviour is normal: if you do not require authentication or time restriction the first rule in list is always satisfied. Davide. Il 19/02/2011 14:50, Lightningbit @ gmail.com ha scritto: Hi, I’m trying to achieve the following: use multiple content filters (in sequence) which I can turn off and on However it seems that EFW only applies the FIRST contentfilter in the list (the reason why I want different contentfilters as described below, is for testing: for example I want to be able at some moments to block websites from filter1 and 3, other moments filter 1,2 and 3, … etc….) How I set it up: contentfilters (1, 2, 3, 4) I only use for manual blacklisting each filter has a different blacklist (so there are no overlaps) 1 filter using 'content1'ANY ANY not required Always ANY 2 filter using 'content3'ANY ANY not required Always ANY 3 filter using 'content4'ANY ANY not required Always ANY 4 filter using 'content2'ANY ANY not required Always ANY 5 filter for virusANY ANY not required Always ANY BUT, EFW only applies the blacklist from “content1” in the above case If I rearrange the list and put content3 on the first position, it only applies the blacklist from content3 etc… (each change, I do clear the cache on EFW and my browser) Proxy setting is transparent I hope someone can help out here Thanks L. -- The ultimate all-in-one performance toolkit: Intel(R) Parallel Studio XE: Pinpoint memory and threading errors before they happen. Find and fix more than 250 security defects in the development cycle. Locate bottlenecks in serial and parallel code that limit performance. http://p.sf.net/sfu/intel-dev2devfeb ___ Efw-user mailing list Efw-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/efw-user -- The ultimate all-in-one performance toolkit: Intel(R) Parallel Studio XE: Pinpoint memory and threading errors before they happen. Find and fix more than 250 security defects in the development cycle. Locate bottlenecks in serial and parallel code that limit performance. http://p.sf.net/sfu/intel-dev2devfeb ___ Efw-user mailing list Efw-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/efw-user
Re: [Efw-user] Problem with green zone
Yes, you're right. Use the network tab to add a static routing to the additional network, also add the additional network to the green zone in the Network configuration wizard of the system tab. Davide Il 05/11/2010 09:29, Claudio Roberti ha scritto: The additional network is not on the same phisical cables, probably I should add a gateway to the green card and the set up route tables to tell the server that 10.0.2.* are to be routed to that gateway, is this correct? Thanks, Claudio. -- The Next 800 Companies to Lead America's Growth: New Video Whitepaper David G. Thomson, author of the best-selling book Blueprint to a Billion shares his insights and actions to help propel your business during the next growth cycle. Listen Now! http://p.sf.net/sfu/SAP-dev2dev ___ Efw-user mailing list Efw-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/efw-user
Re: [Efw-user] Problem with green zone
Use the network configuration setup wizard; in the 3rd page, when you set the GREEN net IP address there is a box to insert the addresses of additional networks. Davide. Il 04/11/2010 18:18, Claudio Roberti ha scritto: I have a lan (10.0.2.*) connected to another lan (10.0.1.*) via a router; on this last one I have put an endian server 10.0.0.1.26 with the proxy that give access to internet, but from the first lan I can't ping nor use the proxy on the endian. What should I check? How can I tell the endian to consider the first lan as green and accept connections? Thanks. Claudio. -- The Next 800 Companies to Lead America's Growth: New Video Whitepaper David G. Thomson, author of the best-selling book Blueprint to a Billion shares his insights and actions to help propel your business during the next growth cycle. Listen Now! http://p.sf.net/sfu/SAP-dev2dev ___ Efw-user mailing list Efw-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/efw-user -- The Next 800 Companies to Lead America's Growth: New Video Whitepaper David G. Thomson, author of the best-selling book Blueprint to a Billion shares his insights and actions to help propel your business during the next growth cycle. Listen Now! http://p.sf.net/sfu/SAP-dev2dev ___ Efw-user mailing list Efw-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/efw-user
Re: [Efw-user] Fw: EFW Community Update 2.4.1
By efw-upgrade. This lead to update a lot of packages. I don't see in meanwhile any ISO images from sourceforge. Il 03/11/2010 17:47, AJ Weber ha scritto: Anyone know where this update actually is (to be downloaded), and what the update procedures would be for an existing 2.4(.0) box? Thanks, AJ -- Achieve Improved Network Security with IP and DNS Reputation. Defend against bad network traffic, including botnets, malware, phishing sites, and compromised hosts - saving your company time, money, and embarrassment. Learn More! http://p.sf.net/sfu/hpdev2dev-nov ___ Efw-user mailing list Efw-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/efw-user
Re: [Efw-user] Un-blocking file uploads through extranet
Look at my post at http://www.efwsupport.com/index.php?topic=2085.0 You need to be registered to see my attachments. I suppose the answer is suitable for you. Davide. On 28/09/2010 19:17, Enrique Becerra wrote: Hi again I've configured a content profile (for the proxy) to allow this site: *.naraxxdc.com.ar The site is an extranet that has an option to upload *.csv files exported from a local system. Users can enter the website, they can login correctly, but I'm having some trouble because users must upload some files by filling a form in that website. When they submit the form, the browser sends the csv. files to http://xxx.naraxxxdc.com.ar/web/uploadCSV.aspx and then the blocking happens How should I enable this site and allow the uploading of these files? (and others maybe) Thanks again -- Start uncovering the many advantages of virtual appliances and start using them to simplify application deployment and accelerate your shift to cloud computing. http://p.sf.net/sfu/novell-sfdev2dev ___ Efw-user mailing list Efw-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/efw-user -- Start uncovering the many advantages of virtual appliances and start using them to simplify application deployment and accelerate your shift to cloud computing. http://p.sf.net/sfu/novell-sfdev2dev ___ Efw-user mailing list Efw-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/efw-user
[Efw-user] Content filtering without authenticating in endian 2.4
In version 2.2 there is a proxy option to write some domains that can be reached withouth authentication. In version 2.4 this option is removed because the interface is rearranged to allow multiple profiles and multile access policies where the constructions allow to disable authentication. So, I suppose, the only way to put on a domains whitelist is to insert these domains in the whitelist custom fields and forbid in the blacklist custom field all top-level domains. But this rule, if evaluated first in an access policy, prevents further evaluations and the browser do not ask for authentication. If this rule is evaluated last then browser asks always for authentication so the whitelisted domains cannot be reached without authentication. The solution, in my opinion, is to restore the field present in the authentication page in version 2.2 but I don't know where to find the code. Another way is to modify the squid.conf directly but it isn't a clean way. If anyone has tried a different solution to this problem I'm glad to know it. Prof. Davide Cottignoli Istituto Geometri Ravenna, Italia -- Nokia and ATT present the 2010 Calling All Innovators-North America contest Create new apps games for the Nokia N8 for consumers in U.S. and Canada $10 million total in prizes - $4M cash, 500 devices, nearly $6M in marketing Develop with Nokia Qt SDK, Web Runtime, or Java and Publish to Ovi Store http://p.sf.net/sfu/nokia-dev2dev ___ Efw-user mailing list Efw-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/efw-user
Re: [Efw-user] Content filtering without authenticating in endian 2.4
Ooops, I got stupid. I do not investigate enough the access policy dialog which show a drop down box to the destination: in this box I can type the destination domain in the form with a starting dot. For example: .istruzione.it .libero.it Note that, in the content filtering dialog, when you put on a whitelist or blacklist the starting dot is NOT needed. In this mode I can use authentication disabled and no content filtering: this lead to the result I obtained in version 2.2 Thanks to all. Prof. Davide Cottignoli On 23/09/2010 21:09, Davide Cottignoli wrote: In version 2.2 there is a proxy option to write some domains that can be reached withouth authentication. In version 2.4 this option is removed because the interface is rearranged to allow multiple profiles and multile access policies where the constructions allow to disable authentication. So, I suppose, the only way to put on a domains whitelist is to insert these domains in the whitelist custom fields and forbid in the blacklist custom field all top-level domains. But this rule, if evaluated first in an access policy, prevents further evaluations and the browser do not ask for authentication. If this rule is evaluated last then browser asks always for authentication so the whitelisted domains cannot be reached without authentication. The solution, in my opinion, is to restore the field present in the authentication page in version 2.2 but I don't know where to find the code. Another way is to modify the squid.conf directly but it isn't a clean way. If anyone has tried a different solution to this problem I'm glad to know it. Prof. Davide Cottignoli Istituto Geometri Ravenna, Italia -- Nokia and ATT present the 2010 Calling All Innovators-North America contest Create new apps games for the Nokia N8 for consumers in U.S. and Canada $10 million total in prizes - $4M cash, 500 devices, nearly $6M in marketing Develop with Nokia Qt SDK, Web Runtime, or Java and Publish to Ovi Store http://p.sf.net/sfu/nokia-dev2dev ___ Efw-user mailing list Efw-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/efw-user
Re: [Efw-user] PCMCIA/PC Card support removed?
source code is here: http://sourceforge.net/projects/efw/files/Development/EFW-2.4-RESPIN/EFW-COMMUNITY-2.4-devel-srpms.tar.gz/download Bye Davide On 08/09/2010 16:36, eric rosel wrote: Hi, I have a similar problem, I've run out of ethernet ports and I'm trying to use USB-to-Ethernet adapters. These adapters I have run properly on Ubuntu, but aren't working on EFW 2.4. The EFW-COMMUNITY sources are still unavailable from the download site: http://www.endian.com/en/community/download/ Can you please provide some more details on how you were able to get the sources and compile them with additional drivers? Thanks, -eric -- This SF.net Dev2Dev email is sponsored by: Show off your parallel programming skills. Enter the Intel(R) Threading Challenge 2010. http://p.sf.net/sfu/intel-thread-sfd ___ Efw-user mailing list Efw-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/efw-user
Re: [Efw-user] NTLM Proxy Auth Issues 2.4
To use content filtering with HTTP proxy you must use Not Transparent (this is by design). The auth required option goal is achieved configuring an access policy row. The access control list (access policies) is evaluated from top to bottom and the evaluation stops when a rule is matched. In order to force use of HTTP proxy in not transparent mode you must disable at least TCP/80 (and TCP/443 and TCP/21) in Firewall-outgoing_traffic because outgoing traffic is not intercepted by the proxy service in this mode. Davide. On 21/06/2010 17:53, Scott Howell wrote: Hello Everyone, I am an Endian nuub and having some issues with my first installation. I am trying to get NTLM auth working on a new 2.4 installation. I have configured everything in the Auth tab of the proxy, and I have sucessfully joined it to the domain. Then I created 2 different content filter policies for testing. I went into the access policy section and created two access policies one for each of two test users (I can see all of my AD Users Groups fine) and applied the two different content filter rules to each of the access policies. Basically nothing seems to work. Firstly, if I do not setup my browser to use a proxy I can get anywhere without it. I have the proxy set to Not Transparent, although when reading through some post (maybe older versions) people have suggested setting this to auth required, but I do not have that option. I only have trans or not trans as options on the config tab. Secondly, if I do config the browser to look for the proxy I get a login screen which I shouldn't with NTLM, but even if I try to use a valid AD username and pass it doesn't take it. Any suggestions are greatly appreciated. -- ThinkGeek and WIRED's GeekDad team up for the Ultimate GeekDad Father's Day Giveaway. ONE MASSIVE PRIZE to the lucky parental unit. See the prize list and enter to win: http://p.sf.net/sfu/thinkgeek-promo ___ Efw-user mailing list Efw-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/efw-user -- ThinkGeek and WIRED's GeekDad team up for the Ultimate GeekDad Father's Day Giveaway. ONE MASSIVE PRIZE to the lucky parental unit. See the prize list and enter to win: http://p.sf.net/sfu/thinkgeek-promo ___ Efw-user mailing list Efw-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/efw-user
Re: [Efw-user] cant access some sites (Zero sized reply)
By the way, to ensure it isn't a DNS problem, make a test with its IP ADDRESS instead of DNS name. On 21/06/2010 21:24, Edgar Rentería wrote: Hello I’m having troubles accessing some sites on Endian Firewall Community release 2.2 (c) When I try to access some sites I receive this error message: ERROR The requested URL could not be retrieved While trying to retrieve the URL: http://www.chihuahua.gob.mx/sgg/rpp/Contenido/plantilla5.asp?cve_canal=6895Portal=sgg/rpp The following error was encountered: Zero Sized Reply Squid did not receive any data for this request (The site Chihuahua.gob.mx is one of those sites) I tried to access the same sites from another network and the it responds! Its important to mention that when I try to access these problematic sites it takes a long to respond and after some wait I receive the error message. The system was updated by running the update script about 3 months ago, but this problem was appearing before the update and still to this day… Somebody can helpme? Thanks in advance! *Ing. Edgar A. Rentería Jácquez* Tel.: (52) (614) 189 23 23 renteria.j.ed...@gmail.com mailto:griv...@bcgconsultoreslegales.com -- ThinkGeek and WIRED's GeekDad team up for the Ultimate GeekDad Father's Day Giveaway. ONE MASSIVE PRIZE to the lucky parental unit. See the prize list and enter to win: http://p.sf.net/sfu/thinkgeek-promo ___ Efw-user mailing list Efw-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/efw-user -- ThinkGeek and WIRED's GeekDad team up for the Ultimate GeekDad Father's Day Giveaway. ONE MASSIVE PRIZE to the lucky parental unit. See the prize list and enter to win: http://p.sf.net/sfu/thinkgeek-promo ___ Efw-user mailing list Efw-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/efw-user
[Efw-user] HTTP proxy configuration
Hello everyone, I'd like to receive your opinion on http proxy configuration + content filtering to achieve the following goal with EFW2.4: I have three Active directory groups wich need tree different levels of contente filtering: 1) Administrators: no filtering 2) Proxy users standard: some filters (blacklist based filters + whitelist) 3) Proxy user restricted: more filters than standard (black based filters) 4) Everyone (all other users not included in one of above groups and without authentication needed), only the sites: www.repubblica.it, www.istruzione.it (whitelist based filter) With EFW 2.2 I have only one content profile setting but I can easily achieve the goal merging Proxy users standard with Proxy users restricted Now I cannot achieve neither the above situation because EFW2.4 asks always login credentials and seem that only the first ACL (with the first content profile) is in place and I don't see any configuration form that let me specify domains without authentication (in EFW 2.2 there is a specific field for this). Anyone can help me? Thanks everyone. Prof. Davide Cottignoli. http://itgmorigia.dnsalias.org -- ThinkGeek and WIRED's GeekDad team up for the Ultimate GeekDad Father's Day Giveaway. ONE MASSIVE PRIZE to the lucky parental unit. See the prize list and enter to win: http://p.sf.net/sfu/thinkgeek-promo ___ Efw-user mailing list Efw-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/efw-user
Re: [Efw-user] Failed to find DC
This is the error: Domainname of AD server: SELBRICOH - Domain Name you must use your DNS domain name not the NETBIOS name. Davide Cottignoli. On 02/06/2010 13:35, Gilberto Nunes wrote: Hi... I have install 2.4 and try to configure AD Domain to authentication proxy squid... Through web interface, I unable to join domain with this error: Failed to join domain: failed to find DC for domain SELBRICOH.LOCAL I'm use NTLM authentication method, like this: Authentication Realm: SELBRICOH.LOCAL - This my domain Domainname of AD server: SELBRICOH - Domain Name PDC hostname of AD server: selbetti-25492b - Hostname for Windows 2003 Server PDC ip address of AD server: 192.168.200.115 - IP for Windows 2003 Server So, after fill all form and click on Join Domain, I get the error describe above. There some other thing that can I do here??? I also change the Authentication Real field to SELBRICOH only, and now when I try join domain, I get this: Failed to join domain: Invalid configuration and configuration modification was not requested Some idea?? Thanks for any advice... Gilberto Nunes Ferreira TI Selbetti Gestão de Documentos Telefone: +55 (47) 3441-6004 Celular: +55 (47) 8861-6672 -- ___ Efw-user mailing list Efw-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/efw-user -- ___ Efw-user mailing list Efw-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/efw-user
Re: [Efw-user] EFW 2.4 - bug in content filter / black-list ?
I re-tested the installation on Virtualbox but downgrading to version 3.1.8 (prior Oracole marked its logo on the product with version 3.2.0) and efw2.4 now install itself and run. I have added a rule on content filter and inserted a site to be banned. This works I removed the site fromn the custom list and applied the changes and this also works but after a couple of minutes and after closed and re-opened the browser. This means that a cache mechanism is in place for that time. Davide. -- ___ Efw-user mailing list Efw-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/efw-user
Re: [Efw-user] EFW 2.4
I've installed it on VMWare Workstation. If you choose SCSI HardDisk (LSI Logic) Installation fails, if IDE Hard-Disk is used installation runs flawless. Doesn't look very good for a industry leading UTM Appliance ;-) I've installed on virtualbox 3.2; if the disk controller is ICH6 endian hangs after boot: the python script goes on error. If the controller is PIIX4 endian boot correctly but it is impossible to get the configuration page: the browser returns error 500 internal server error. This version reveals a very bad thing. -- ___ Efw-user mailing list Efw-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/efw-user
Re: [Efw-user] efw-upgrade username Change
efw-upgrade -h -show the help efw-upgrade -s -force the setup and channels Il 05/04/2010 22.52, Bruno Impens ha scritto: Does anyone know how you change the username efw-upgrade uses? I had a type in it because of a azert keyboard on a querty system and it seems to keep this error somewhere. -- Download Intel#174; Parallel Studio Eval Try the new software tools for yourself. Speed compiling, find bugs proactively, and fine-tune applications for parallel performance. See why Intel Parallel Studio got high marks during beta. http://p.sf.net/sfu/intel-sw-dev ___ Efw-user mailing list Efw-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/efw-user -- Download Intel#174; Parallel Studio Eval Try the new software tools for yourself. Speed compiling, find bugs proactively, and fine-tune applications for parallel performance. See why Intel Parallel Studio got high marks during beta. http://p.sf.net/sfu/intel-sw-dev ___ Efw-user mailing list Efw-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/efw-user
Re: [Efw-user] Windows Authentication Problems
If you don't set proxy settings in browser you go through Endian directly if port 80 is open to the outgoing traffic. You also avoid this by removing default gateway from client, so traffic can go to Internet only if proxy settings are in place. Guilherme Rocha ha scritto: Hello folks, I'm a very satisfied endian user, since the first versions, so I'm not exactly a endian and linux newbie, but ... I'm with problems in a new Endian 2.2rc2 set-up, using Windows authentication. I already joined the domain successfully, all AD groups are listed inside Endian Group Policies, I choose the groups that have permissions to navigate the web, etc... My issue makes reference to the need to specify the proxy in the browser settings. I only can use AD authentication if I set the proxy inside the browsers. If I didn't set it, users still browsing the web like in transparent mode. Can someone find a motivation to this behavior? I already did read all this references: http://kb.endian.com/entry/49/ http://efwsupport.com/index.php?topic=547.msg1396;topicseen http://solaria.endian.it/screencasts/advanced_groups.html http://www.advproxy.net/ldapads.html thanks for answers. hugs -- Enter the BlackBerry Developer Challenge This is your chance to win up to $100,000 in prizes! For a limited time, vendors submitting new applications to BlackBerry App World(TM) will have the opportunity to enter the BlackBerry Developer Challenge. See full prize details at: http://p.sf.net/sfu/Challenge ___ Efw-user mailing list Efw-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/efw-user
Re: [Efw-user] Windows Authentication Problems
Yes, you can put some rules in iptables to redirect incoming packet to port 80 similar to: iptables -t nat -A PREROUTING -i eth1 -p tcp --dport 80 -j DNAT --to 192.168.1.254:8080 in this case traffic is INTERCEPTED and redirected to the squid proxy but in this case you cannot use authentication to AD. It is better to set a Group policy in AD to set up client with right proxy settings otherwise use the WPAD protocol and leave client proxy configuration to determine automatically proxy settings. Guilherme Rocha ha scritto: Hello Davide and Christopher, thanks for your answer. I understand you two. My question isn't just block the navigation without set the proxy in browser settings. I would like to use AD authentication without to set the proxy in browser, asking anybody for authentication. Set the proxy in browsers will difficult to administrate notebook's users, that are frequently traveling and using other networks. Is it possible with Endian FW ? All the rest of endian implementation is working fine. hugs -- Enter the BlackBerry Developer Challenge This is your chance to win up to $100,000 in prizes! For a limited time, vendors submitting new applications to BlackBerry App World(TM) will have the opportunity to enter the BlackBerry Developer Challenge. See full prize details at: http://p.sf.net/sfu/Challenge ___ Efw-user mailing list Efw-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/efw-user