D-Link Forums
The Graveyard - Products No Longer Supported => D-Link NetDefend Firewalls => Topic started by: iamarto on November 06, 2011, 09:59:02 AM
-
We have DFL-800 Firewall at our company, and there are some users that need to have full internet access, and others that need to have only News Internet access. So, I had no problem configuring the firewall to block *.* websites and allow only specific news related websites for the Limited Internet users, and add Full Access to the other users. HOWEVER...
The management decided to block Facebook.com & Twitter from ALL internet users, and now I've got a problem. Whenever I try to block Facebook.com & Twitter.com through ALG, it works fine but also blocks ALL EMAIL services. Neither the outlook works, nor any web-mail services.
Is there any way to use ALG without blocking email services? I'm not sure why this is happening. Please advise.
Regards,
Arto
-
First, uncheck "strip ..." checkboxes in HTTP ALG used
Then, which mail services are blocked? Websites like gmail.com or SMTP/POP3/IMAP?
-
All "strips" are unchecked. The services that don't work are Gmail / Yahoo Mail & Hotmail. All of those don't even load for some reason (maybe it has to do with secure HTTP blocked?).
Also the Office Outlook was blocked from communicating with the ISP mail service.
Please advise,
Arto
-
Services like GMail uses HTTPS to auth users.
Try to enable HTTPS and look the result.
-
Thanks for your response.
I have added HTTPS and ALL EMAIL protocols. The web-mails only work when I add *all-utp-udp" protocol with all ports, and of course.. the ALG doesn't work then, and it's a very bad security measure.
I believe, if I'm able to work Outlook, the rest will work. Do you know what are the ports needed to open for outlook if it connects to an exchange server?
Thanks,
Arto
-
MAPI uses a lot of ports - http://support.microsoft.com/kb/270836
Do you want to allow MAPI connections from outside? Or, you have Exchange out of your network?
First case, better to use OWA, second - make VPN.