ich habe folgendes Problem :
Ich habe bei einem Kunden eine Mobile Access Lösung (Exchangezugriff per Mobilfunk) im Einsatz welche über die Ports 5001 und 5002 kommuniziert.
Nun habe ich entsprechend in der firewall eine regel definiert die den Datenverkehr von und zu dem Mobile Access Server über besagte Ports zulässt. Dennoch schmeißt mir die Deny-All regel diese Pakete raus
Hier mal die regeln wie sie eingetragen sind:
Name Prot. Source Destination Action Linked Prio Firewall- VPN-Rule Stateful Rtg-tag Comment
# ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
add "ALLOW-DCCSERVER" {2} "TCP,UDP" {3} "%S21825,24411 %A10.0.0.1" {4} "%S1284,6277 ANYHOST" {7} "%Lcds0 %A" {8} 0 {9} 0 {10} 0 {11} 0 {12} 0 {14} 0 {13} "zulassen SPAM - Distributed Checksum Clearinghouse"
add "ALLOW-BLACKBERRY" {2} "TCP,UDP" {3} "%S3101 ANYHOST" {4} "%S3101 ANYHOST" {7} "%Lcds0 %R %N" {8} 0 {9} 0 {10} 0 {11} 0 {12} 0 {14} 0 {13} "erlauben Blackberry Kommunikation"
add "ALLOW-KSRVBLN" {2} "TCP,UDP" {3} "%S1000-5002 ANYHOST" {4} "%S1000-5002 ANYHOST" {7} "%Lcds0 %A" {8} 0 {9} 0 {10} 0 {11} 0 {12} 0 {14} 0 {13} "zulassen OLXMobileAccess (alle Ports)"
add "ALLOW-VPN-FREIGABEN" {2} "TCP,UDP" {3} "ANYHOST" {4} "%S137-139 %A10.0.0.1" {7} "%Lcds0 @v %A" {8} 0 {9} 0 {10} 0 {11} 1 {12} 0 {14} 0 {13} "zulassen Freigaben ueber VPN"
add "ALLOW-NTP" {2} "UDP" {3} "%A10.0.0.1" {4} "%S123 ANYHOST" {7} "%Lcds0 @i %A" {8} 0 {9} 0 {10} 0 {11} 0 {12} 0 {14} 0 {13} "zulassen Zeitanfragen (UDP 123)"
add "ALLOW-DNS" {2} "UDP" {3} "ANYHOST" {4} "%S53 ANYHOST" {7} "%Lcds0 @i %A" {8} 0 {9} 0 {10} 0 {11} 0 {12} 0 {14} 0 {13} "zulassen DNS"
add "ALLOW-OWA" {2} "TCP" {3} "ANYHOST" {4} "%S80,443,591,8008,8080 %A10.0.0.1" {7} "%Lcds0 @i %A" {8} 0 {9} 0 {10} 0 {11} 0 {12} 0 {14} 0 {13} "zulassen OWA aus dem Internet"
add "ALLOW-WEB" {2} "TCP" {3} "ANYHOST" {4} "%S21,80,443,591,8008,8080 ANYHOST" {7} "%Lcds0 @i %A" {8} 0 {9} 0 {10} 0 {11} 0 {12} 0 {14} 0 {13} "zulassen Web-Internet"
add "ALLOW-MAPI-BRUESSEL" {2} "TCP" {3} "ANYHOST" {4} "%S6001-6014 ANYHOST" {7} "%Lcds0 @v %A" {8} 0 {9} 0 {10} 0 {11} 0 {12} 0 {14} 0 {13} "zulassen MAPI-Bruessel"
add "ALLOW-FHG-VPN" {2} "TCP" {3} "ANYHOST" {4} "%S5900 ANYHOST" {7} "%Lcds0 @v %A" {8} 0 {9} 0 {10} 0 {11} 1 {12} 0 {14} 0 {13} "zulassen VNC Ports via VPN"
add "ALLOW-RDP" {2} "TCP" {3} "ANYHOST" {4} "%S3389 ANYHOST" {7} "%Lcds0 @i %A" {8} 0 {9} 0 {10} 0 {11} 0 {12} 0 {14} 0 {13} "zulassen RDP (3389)"
add "ALLOW-MAIL" {2} "TCP" {3} "%A10.0.0.1" {4} "%S25,110,119,143,995 ANYHOST" {7} "%Lcds0 @i %A" {8} 0 {9} 0 {10} 0 {11} 0 {12} 0 {14} 0 {13} "zulassen eMail nur Exchange"
add "WIZ_VPN-CLIENT_CDHOME" {2} "ANY" {3} "ANYHOST" {4} "%HCDHOME" {7} "%Lcds0 %A" {8} 0 {9} 0 {10} 0 {11} 1 {12} 0 {14} 0 {13} "zulassen AV-Client ..."
add "ALLOW-VPN-WEB" {2} "TCP" {3} "ANYHOST" {4} "%S80,443,591,8008,8080 %A10.0.0.1" {7} "%Lcds0 @v %A" {8} 0 {9} 0 {10} 0 {11} 1 {12} 0 {14} 0 {13} "zulassen OWA-WEB ueber VPN"
add "WIZ_VPN-NB-..." {2} "ANY" {3} "ANYHOST" {4} "%HNB-..." {7} "%Lcds0 %A" {8} 0 {9} 0 {10} 0 {11} 1 {12} 0 {14} 0 {13} "zulassen AV-Client ..."
add "DENY-ALL" {2} "ANY" {3} "ANYHOST" {4} "ANYHOST" {7} "%Lcds0 @i %R %N" {8} 0 {9} 0 {10} 1 {11} 0 {12} 0 {14} 0 {13} "blockieren alles, gilt nicht fuer VPN"
Die Firewallereignisse habe ich als Bild anghängt, sorry
Vielleicht weiß ja jemand Rat.
Gruß
O.Küßner
