Help me with Kerio 2.1.5 rules please

Discussion in 'other firewalls' started by Slovak, Feb 20, 2005.

Thread Status:
Not open for further replies.
  1. Slovak

    Slovak Registered Member

    Joined:
    Mar 4, 2004
    Posts:
    515
    Location:
    Medina, Ohio
    I don't exactly understand Blitz's kerio 2.1.5 rules. I am behind a router, and over at dsl reports he says to use the router configuration, what do I do with that as I am not using it and all seems to be working fine. How does this look so far for my rules?
     

    Attached Files:

  2. Slovak

    Slovak Registered Member

    Joined:
    Mar 4, 2004
    Posts:
    515
    Location:
    Medina, Ohio
    Second part
     

    Attached Files:

  3. Slovak

    Slovak Registered Member

    Joined:
    Mar 4, 2004
    Posts:
    515
    Location:
    Medina, Ohio
    I am an idiot when it comes to rules, so please help me out
     
  4. CrazyM

    CrazyM Firewall Expert

    Joined:
    Feb 9, 2002
    Posts:
    2,428
    Location:
    BC, Canada
    Hi Slovak

    You may be fine without the router rule. If you were logging from the router, then a rule would be required. If you have other systems behind the router, LAN rules would also be required.

    Secondary DNS is a duplicate (same as Primary DNS).

    Unrestricted DNS not needed if using above.

    Your Block All rules should be at the end of the rule set. Enable the Inbound, but leave the Outbound disabled for now.

    Regards,

    CrazyM
     
  5. BlitzenZeus

    BlitzenZeus Security Expert

    Joined:
    Feb 11, 2002
    Posts:
    451
    Location:
    Oregon, USA
    The router rule allows you not to have to specify the router dns/dhcp in the rules, and allows for a second configuration without any hassle. Like if you use your laptop at home, and away from home, this already allows for two seperate configurations.

    I did mention in the default replacement thread some basic things like disabling the unresticted dns when you had specified your dns servers to prevent dns tunneling, and making sure the block all rules were at the end of your ruleset.

    Also Avast's mail, and web filtering are a software proxy so you need to exclude those ports used from the ports available with the software proxy loopback rule. This way any software you don't want getting out, won't get out without your permission that is being redirected by these services.
     
  6. Slovak

    Slovak Registered Member

    Joined:
    Mar 4, 2004
    Posts:
    515
    Location:
    Medina, Ohio
    So for the dhcp stuff, I get it from ipconfig /all, and put the dhcp address in Assign DHCP Server?
     
  7. Slovak

    Slovak Registered Member

    Joined:
    Mar 4, 2004
    Posts:
    515
    Location:
    Medina, Ohio
    I do, I only need them IF I want them to be able to connect to me, right?
     
  8. Honyak

    Honyak Registered Member

    Joined:
    Jul 19, 2004
    Posts:
    346
    Location:
    Deep South
    Also Avast's mail, and web filtering are a software proxy so you need to exclude those ports used from the ports available with the software proxy loopback rule. This way any software you don't want getting out, won't get out without your permission that is being redirected by these services.

    Do you still need to use the standard loopback rule with the software loopback rule?

    Regards
     
  9. BlitzenZeus

    BlitzenZeus Security Expert

    Joined:
    Feb 11, 2002
    Posts:
    451
    Location:
    Oregon, USA
    No, and that is another question already answered by looking at the page where the ruleset is located :cool:
     
  10. CrazyM

    CrazyM Firewall Expert

    Joined:
    Feb 9, 2002
    Posts:
    2,428
    Location:
    BC, Canada
    Right, just keep in mind your current rule set will likely result in numerous log entries from these systems.

    Are you sharing any files or printers with other systems on the LAN?

    Regards,

    CrazyM
     
  11. Honyak

    Honyak Registered Member

    Joined:
    Jul 19, 2004
    Posts:
    346
    Location:
    Deep South
    Thanks, for the reply, I must have missed it entirely when I read the ruleset page everything else I seem to have grasped fairly well. I just switched to Kerio 2.1.5 a week ago from Sygate and love it. Your ruleset page made it very easy to understand things I did not know prior.
    Thanx again for the reply.
     
  12. Slovak

    Slovak Registered Member

    Joined:
    Mar 4, 2004
    Posts:
    515
    Location:
    Medina, Ohio
    Is this correct?
     
  13. Slovak

    Slovak Registered Member

    Joined:
    Mar 4, 2004
    Posts:
    515
    Location:
    Medina, Ohio
    Anyone?
     
  14. CrazyM

    CrazyM Firewall Expert

    Joined:
    Feb 9, 2002
    Posts:
    2,428
    Location:
    BC, Canada
    ipconfig /all should display full configuration information.

    Regards,

    CrazyM
     
Thread Status:
Not open for further replies.