Question about SnapGear SG300 (990126) Firewall

2 Answers

We have an SG300 that is accessible via some NAT that has been set up. This works well, and machines that are behind the firewall are able to retrieve DNS records. However, they cannot see or ping anything on the outside world. Any suggestions? Thanks

Posted by on

  • alan930 Nov 17, 2009

    Hi Niquose, thanks for the suggestion - we have a static IP on the snapgear and the DSL provider's modem running in bridged mode. The DNS that was provided by the ISP is handcoded into the SG300 settings. I tried the DNS server from different locations and it is a valid DNS server. I just cannot understand how when I pull up a web browser the traffic doesn't get back to the PC.

  • alan930 Nov 17, 2009

    I already have the DNS that was provided by the ISP hardcoded into snapgear and the modem that was provided by the ISP in bridged mode - do you have any more suggestions please?

×

2 Answers

  • Level 3:

    An expert who has achieved level 3 by getting 1000 points

    Superstar:

    An expert that got 20 achievements.

    All-Star:

    An expert that got 10 achievements.

    MVP:

    An expert that got 5 achievements.

  • Master
  • 2,567 Answers

The firewall device seems to be blocking outbound traffic from the internal network to the outside.

Here's a direct link to this device's user manual:
https://kc.mcafee.com/resources/sites/MCAFEE/content/live/PRODUCT_DOCUMENTATION/21000/PD21327/en_US/SnapGear%20User%20Manual%20%28v.3.1.4%29.pdf

Please check the section "Access Control and Content Filtering" on page 177 of this PDF file, & check how your device is configured.

Posted on Nov 17, 2009

  • Level 2:

    An expert who has achieved level 2 by getting 100 points

    MVP:

    An expert that got 5 achievements.

    Sergeant:

    An expert that has over 500 points.

    Novelist:

    An expert who has written 50 answers of more than 400 characters.

  • Expert
  • 198 Answers

What happens if you try to hardcode the actual DNS servers from your ISP on the TCP/IP properties of your adapters? (given that IP and subnet mask are set to obtain automatically) If you were able to ping with hardcoded DNS values, means that your gateway isn't working well in terms of DNS forwarding. Usually the case now when you obtain IP automatically off from a gateway is it uses the IP address of the gateway as DNS servers when you run ipconfig. If there's a way that you can configure your firewall to issue the actual DNS addresses to DHCP clients, then you may enable that; otherwise, hardcoding them on TCP/IP properties will be a workaround on this.

Posted on Nov 16, 2009

1 Suggested Answer

6ya6ya
  • 2 Answers

SOURCE: I have freestanding Series 8 dishwasher. Lately during the filling cycle water hammer is occurring. How can this be resolved

Hi,
a 6ya expert can help you resolve that issue over the phone in a minute or two.
best thing about this new service is that you are never placed on hold and get to talk to real repairmen in the US.
the service is completely free and covers almost anything you can think of (from cars to computers, handyman, and even drones).
click here to download the app (for users in the US for now) and get all the help you need.
goodluck!

Posted on Jan 02, 2017

Add Your Answer

Uploading: 0%

my-video-file.mp4

Complete. Click "Add" to insert your video. Add

×

Loading...
Loading...

Related Questions:

Tip

No special firewall rules needed for DPH-540 and Dlink DI-604 router


My DPH-540 works fine behind a DI-604 NAT router, without any special firewall configuration on the DI-604 (I connect to either RingCentral or SIPPhone). I hope to get another SIP phone and see if both phones can work simultaneously behind the NAT router; many web sites suggest that a different proxy port must be used (the default is 5060).

on Jan 05, 2009 | D-Link DPH-540

2 Answers

Locked out of HTTP inside port on SG300 - telnet works


I was unable to supply a link to the manual for this product so I downloaded it to one of my sites to make it available to you. Here is the link:

http://www.dscmain.com/snaplink/sg_314_ug_revA.pdf

Please let me know if this helps...
Tim

Mar 23, 2009 | SG300 (SG0126US) Firewall

2 Answers

Can tlog in sg300 using a satellite remote access


Accessing a VPN through a BGAN should be fairly simple. It sounds like some of the settings for the VPN might have changed. If you changed any settings on your computer, or if you have added any type of security settings or firewall. If you need any assistance with your BGAN let us know. We do sales of Satellite internet terminals such as Thrane & Thrane, Wideye Sabre, Hughes, Fleet Broadband, and much more. We also do repair of Broadband satellite terminals. You can visit our website at www.BlueCosmo.com, or call us at 877-258-3496.bcrepairs.png

Dec 31, 2008 | Secure Computing SnapGear SG300...

1 Answer

Need to network SG300 Firewall and Qwest (Motorola) 3347-02 Modem


The modem needed to be set to a 192.168.x.x network, and the SG300 Firewall WAN port needed to be set to a dummy IP on the same network for it's IP, and the specific 192.168.x.x address for the gateway and DNS.

Nov 05, 2008 | Cyberguard SG300 (00852503000366) Firewall

1 Answer

Communicating with friends


It could be a NAT problem, your router could be configure with high firewall settings using NAT, so you should try to connect to your router and configure it to allow all incoming connections (could be dangerous if you use your computer without antivirus or antispyware). It all depends of the model of the router and also ISP (some put very strong firewalls settings for their routers so your machine can be safe on the internet). The NAT firewalls allows you to send but not receive, so went someone try to play with you, it says unable to connect with that person.

Aug 26, 2008 | Microsoft Xbox 360 Console

1 Answer

Cyberguard SG300


From the main configuration screen select Network Setup, and then click on the Connections Tab. In the tabline below that click on Aliases.

At this point you input the Alias IP address and the netmask and add it, selecting port 25. The firewall now knows that it is to forward all traffic on port 25 to the computer that has the IP address you put in.

You should be aware that doing the above opens a direct access point into your network! Port 25 is the port used for SMTP (Sendmail) and it is the most vulnerable and most hacked service on the Internet! You should seriously consider not doing this.

A better option would be to goto the DMZ tab and configure a DMZ net on your firewall - you will need to obtain a second routable IP address from your ISP to do this though. By creating the DMZ and then routing port 25 to a machine inside the DMZ you isolate the machine running SMTP from all of the other machines inside your protected network and so make a compromise much less likely.

All of the systems inside your protected network will still have demand access to the machine in our DMZ, but the machine in your DMZ would be unable to initialize access to the protected network, which is a much safer setup.

Oct 19, 2007 | Cyberguard SG300 (00852503000366) Firewall

Not finding what you are looking for?
SnapGear SG300 (990126) Firewall Logo

Related Topics:

127 people viewed this question

Ask a Question

Usually answered in minutes!

Top SnapGear Computers & Internet Experts

Doctor PC
Doctor PC

Level 3 Expert

7733 Answers

kakima

Level 3 Expert

102366 Answers

David Payne
David Payne

Level 3 Expert

14161 Answers

Are you a SnapGear Computer and Internet Expert? Answer questions, earn points and help others

Answer questions

Manuals & User Guides

Loading...