Show Posts
This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.
Pages: [1]
1
News and Announcements / Re: Goodbye Christian
« on: March 18, 2014, 04:33:33 pm »
i learned so much from simply reading his posts and discusions. he will be missed... 
2
Installation and Upgrades / Re: zen 3.3 fully updated clean install - proxy blocking all trafic
« on: March 17, 2014, 04:19:21 pm »
so ive spent the past weekend banging my head against the proxy module. and i just realized that the error message presented shows the following:
your username is not allowed to web browse: -
access denied
categories:
banned user.
after a quick google search if found the following:
from http://contentfilter.futuragts.com/wiki/doku.php?id=block_messages&DokuWiki=wdievqxsxe
Your username is not allowed to web browse: "username"
If you receive this message it means that the network administrator has disabled web browsing for your username. You have been denied access to browsing the web. No matter what computer you use to log in, you will be denied access to websites. (The actual “username” is presented as part of the message.)
(It may also mean the request was assigned to the default filter group f1, and that group is not configured to allow any web browsing at all. One reason this can happen is if “username” is unknown to DansGuardian because it was inadvertently omitted from the configuration. Another reason this can happen is if the “auth” configuration in DansGuardian is incomplete so all requests are understood as being from incompletely identified users.)
will also post a ticket as this looks like it may be a bug.
i would also like to add that i am not using the users module and only intend to use these boxes as a firewall, gateway, vpn client, dns and proxy filtering for a satelite office.
your username is not allowed to web browse: -
access denied
categories:
banned user.
after a quick google search if found the following:
from http://contentfilter.futuragts.com/wiki/doku.php?id=block_messages&DokuWiki=wdievqxsxe
Your username is not allowed to web browse: "username"
If you receive this message it means that the network administrator has disabled web browsing for your username. You have been denied access to browsing the web. No matter what computer you use to log in, you will be denied access to websites. (The actual “username” is presented as part of the message.)
(It may also mean the request was assigned to the default filter group f1, and that group is not configured to allow any web browsing at all. One reason this can happen is if “username” is unknown to DansGuardian because it was inadvertently omitted from the configuration. Another reason this can happen is if the “auth” configuration in DansGuardian is incomplete so all requests are understood as being from incompletely identified users.)
will also post a ticket as this looks like it may be a bug.
i would also like to add that i am not using the users module and only intend to use these boxes as a firewall, gateway, vpn client, dns and proxy filtering for a satelite office.
3
Installation and Upgrades / Re: 3.3 OpenVPN + firewall
« on: March 16, 2014, 01:29:14 am »
So having a firewall rule 'deny 192.168.160.2 all to 10.0.0.4' does not work...if u really need to block access to a VPNed system but not another on the same network sounds like an inefficient way to do things. Maybe u should have 2 VPN servers running on the zentyal. One can have access to ur terminal server and the other does not
4
Installation and Upgrades / Re: zen 3.3 fully updated clean install - proxy blocking all trafic
« on: March 15, 2014, 07:57:37 pm »
So I've tried the same setup on a different physical machine and still no dice. Looking at the proxy logs it looks like the proxy is processing the request and allowing the site through.
5
Installation and Upgrades / Re: CRITICAL - VOIP and OpenVPN
« on: March 15, 2014, 07:53:54 pm »
A shot in the dark , have u checked if u are able to rech the VoIP server from the VPN tunnel while not being natted,. It could be a simple firewall rule holding u back 
6
Installation and Upgrades / zen 3.3 fully updated clean install - proxy blocking all trafic
« on: March 13, 2014, 10:32:54 pm »
Core 3.3.5
HTTP Proxy (Cache and Filter) 3.3.3
i recently installed a clean zentyal server using the most recent is namely 3.3. after allowing the system to update and fully patch after installation i found that i am unable to browse any web page from behind the server. interestingly enough i get the zentyal blocked page telling me the page was blocked for the following reason "Blocked User". initialy i thought the system was set to deny access by default and checked the settings to verify. so i explicitly added allow access from my ip address. which still shows the blocked page. so to check if the firewall was the casue i disabled the transparent proxy and lo and behold the system can start browsing from behind the server. so i setup and vm with the same iso and i get the same issue from behind the virtual server. has anyone encountered this or something similar.
tldr; fully updated zen server 3.3.5 with proxy 3.3.3 always showed blocked page, with reason being "blocked user".
HTTP Proxy (Cache and Filter) 3.3.3
i recently installed a clean zentyal server using the most recent is namely 3.3. after allowing the system to update and fully patch after installation i found that i am unable to browse any web page from behind the server. interestingly enough i get the zentyal blocked page telling me the page was blocked for the following reason "Blocked User". initialy i thought the system was set to deny access by default and checked the settings to verify. so i explicitly added allow access from my ip address. which still shows the blocked page. so to check if the firewall was the casue i disabled the transparent proxy and lo and behold the system can start browsing from behind the server. so i setup and vm with the same iso and i get the same issue from behind the virtual server. has anyone encountered this or something similar.
tldr; fully updated zen server 3.3.5 with proxy 3.3.3 always showed blocked page, with reason being "blocked user".
7
Installation and Upgrades / (separate)Samba4 DC using Zentyal 3.0 DNS
« on: October 16, 2013, 11:16:59 pm »
so i have a very strange question... i am looking to have a samba4 DC system setup as a test. id like to be able to use services from an existing zentyal 3.0 server acting as gateway vpn dns ntp etc. im looking into it myself currently but would like to get input from anyone who may have already done this.
8
Installation and Upgrades / Re: Firewall: track websites / ban websites
« on: August 14, 2012, 12:00:35 am »
after looking into the ultrasurf issue myself i found the only way to 100% kill it is to block all https traffic 
since US uses port 443 which is https and create an object for explicite https access at the firewall level.
ie
create object with ip's of allowed https servers like mail, banking etc..
go to firewall internal section and create rule to deny all https traffic which is port 443 tcp
create other firewall rule directly above previous rule create rule to allow http traffic to the object u created.
fixed forever
just keep in mind that u will have to track down the ips for the allowd services manualy in most cases
since US uses port 443 which is https and create an object for explicite https access at the firewall level.ie
create object with ip's of allowed https servers like mail, banking etc..
go to firewall internal section and create rule to deny all https traffic which is port 443 tcp
create other firewall rule directly above previous rule create rule to allow http traffic to the object u created.
fixed forever just keep in mind that u will have to track down the ips for the allowd services manualy in most cases
9
Installation and Upgrades / Re: How to Recover from a Disaster? (Documentation)
« on: January 19, 2012, 10:07:24 pm »
i figured out how to get past the login screen issue on my attempt after much research and a bit o luck. it turns out the error was caused by permissions error on the /tmp directory. this is easliy resolved by logging into tty1 via ctrl+alt+F1 and logging in through the terminal. from there use the following command : chmod ug+rwx, o+rwt /tmp
after that ctrl+alt+F7 and attempt to login normally...
ive still got some more testing to do before i begin putting together a more formal how to on the procedure.
not all processes start durring boot up due to permission issues a little help tracking down these stragglers would be nice ... so far i know the postgresql service fails on startup due do permision denied for a server.key file....or somesuch file....
after that ctrl+alt+F7 and attempt to login normally...
ive still got some more testing to do before i begin putting together a more formal how to on the procedure.
not all processes start durring boot up due to permission issues a little help tracking down these stragglers would be nice ... so far i know the postgresql service fails on startup due do permision denied for a server.key file....or somesuch file....
10
Installation and Upgrades / Re: How to Recover from a Disaster? (Documentation)
« on: January 17, 2012, 12:42:35 am »
i too am stuck at this point during a testing recovery...i will continue to grind away at the issue but i bit of help from any knowledgable members would greatly be appriceated. after which i will try to put together a step by step for future reference once i am satisfied with the test and what not.
also i yay my first post.
also i yay my first post.
Pages: [1]