• February 23, 2025, 01:42:20 PM
  • Welcome, Guest
Please login or register.

Login with username, password and session length
Advanced search  

News:

This Forum Beta is ONLY for registered owners of D-Link products in the USA for which we have created boards at this time.

Author Topic: DFL-800: ALG Blocks Email Services  (Read 6326 times)

iamarto

  • Level 1 Member
  • *
  • Posts: 3
DFL-800: ALG Blocks Email Services
« on: November 06, 2011, 09:59:02 AM »
We have DFL-800 Firewall at our company, and there are some users that need to have full internet access, and others that need to have only News Internet access. So, I had no problem configuring the firewall to block *.* websites and allow only specific news related websites for the Limited Internet users, and add Full Access to the other users. HOWEVER...

The management decided to block Facebook.com & Twitter from ALL internet users, and now I've got a problem. Whenever I try to block Facebook.com & Twitter.com through ALG, it works fine but also blocks ALL EMAIL services. Neither the outlook works, nor any web-mail services.

Is there any way to use ALG without blocking email services? I'm not sure why this is happening. Please advise.

Regards,
Arto
Logged

danilovav

  • Level 4 Member
  • ****
  • Posts: 424
  • Alexandr Danilov
Re: DFL-800: ALG Blocks Email Services
« Reply #1 on: November 07, 2011, 10:21:49 AM »
First, uncheck "strip ..." checkboxes in HTTP ALG used

Then, which mail services are blocked? Websites like gmail.com or SMTP/POP3/IMAP?
Logged
BR, Alexandr Danilov

iamarto

  • Level 1 Member
  • *
  • Posts: 3
Re: DFL-800: ALG Blocks Email Services
« Reply #2 on: November 10, 2011, 08:02:31 PM »
All "strips" are unchecked. The services that don't work are Gmail / Yahoo Mail & Hotmail. All of those don't even load for some reason (maybe it has to do with secure HTTP blocked?).

Also the Office Outlook was blocked from communicating with the ISP mail service.

Please advise,
Arto
Logged

danilovav

  • Level 4 Member
  • ****
  • Posts: 424
  • Alexandr Danilov
Re: DFL-800: ALG Blocks Email Services
« Reply #3 on: November 11, 2011, 09:43:34 AM »
Services like GMail uses HTTPS to auth users.
Try to enable HTTPS and look the result.
Logged
BR, Alexandr Danilov

iamarto

  • Level 1 Member
  • *
  • Posts: 3
Re: DFL-800: ALG Blocks Email Services
« Reply #4 on: November 13, 2011, 03:06:14 AM »
Thanks for your response.

I have added HTTPS and ALL EMAIL protocols. The web-mails only work when I add *all-utp-udp" protocol with all ports, and of course.. the ALG doesn't work then, and it's a very bad security measure.

I believe, if I'm able to work Outlook, the rest will work. Do you know what are the ports needed to open for outlook if it connects to an exchange server?

Thanks,
Arto
Logged

danilovav

  • Level 4 Member
  • ****
  • Posts: 424
  • Alexandr Danilov
Re: DFL-800: ALG Blocks Email Services
« Reply #5 on: November 13, 2011, 10:43:51 AM »
MAPI uses a lot of ports - http://support.microsoft.com/kb/270836
Do you want to allow MAPI connections from outside? Or, you have Exchange out of your network?
First case, better to use OWA, second - make VPN.
Logged
BR, Alexandr Danilov