Search found 6 matches

by Roger
21 Apr 2011, 08:15
Forum: SG How to's
Topic: Finding out how many times an IP Rule triggered (10.x)
Replies: 0
Views: 3264

Finding out how many times an IP Rule triggered (10.x)

This How-to applies to: Clavister Security Gateway 9.x, 10.x Objective: A script that uses the stored logs and also the SSH console towards the SGW to determine how many times each rule has triggered Description This is a script that first connects to the SGW and downloads the rules part of the con...
by Roger
12 Apr 2011, 09:35
Forum: SG How to's
Topic: Automatic E-mailing of Configuration Changes (10.x)
Replies: 0
Views: 3066

Automatic E-mailing of Configuration Changes (10.x)

This How-to applies to: Clavister Security Gateway 9.x, 10.x Objective: Email configuration changes on one or more firewalls to one or more recipients. Description: If more than one user can configure firewalls, it could be very nice to receive an email with the configuration changes in order to ke...
by Roger
11 Apr 2011, 08:52
Forum: SG Discussions
Topic: Interface bonding
Replies: 1
Views: 1899

Re: Interface bonding

Hi, If you connect both switches to different Interfaces on the Clavister it will actually complicate things. If one switch connects to one Clavister, it will maybe be a little less redundant but IMO still good enough. Anyway, the clavister is always set up as a VLAN trunk interface. If you for inst...
by Roger
11 Apr 2011, 08:38
Forum: SG Discussions
Topic: Forward external IP to DMZ port
Replies: 2
Views: 2057

Re: Forward external IP to DMZ port

Hi, It depends. You will off course change the MAC address, but apart from that it should be fairly straight forward. Just an allow rule and the packet will be forwarded. You could off course do an Fwdfast for the incoming and outgoing traffic to and from that IP, but that would only make sense if t...
by Roger
26 Aug 2008, 08:59
Forum: SG Discussions
Topic: How to route this? (Two internal LAN's)
Replies: 1
Views: 1691

Re: How to route this? (Two internal LAN's)

I dont understand what you are trying to achieve. If you mean that you want some IP addresses from LAN1 on the LAN2, then it should be possible to create a switchroute for that route instead of routing it on LAN1. So instead of a LAN route like this: Route LAN Lan1 Do like this. Switchroute LAN Lan1...
by Roger
24 Jun 2008, 14:24
Forum: SG Discussions
Topic: VLANs and ARP
Replies: 2
Views: 5211

Re: VLANs and ARP

Hi! If I strip the message: Default_Access_Rule ... recvif=VLAN100 ... srcip=10.0.100.10 ... destip=10.0.100.1 The problem here is routing. Since the Clavister handles VLANs exactly like a physical interface, you must not only define te VLAN100 but also make a route in the routing table for it. The ...