Connect. Communicate. Collaborate. Securely.

Home » Kerio User Forums » Kerio Control » How to allow external access to specific url and port and deny all other urls?
  •  
axfleming

Messages: 3
Karma: 0
Send a private message to this user
Our server has two nic cards, with one hosting a raspppoe connection, and we use NAT to allow access from our internal workstations.
We need to access a specific port on a specific url on the internet, but we only want to allow access to that specific url, and deny all other external addresses for that port.
I have read the manual about three times already, searched the forums, etc. but I can't seem to get the rules right.
It seems like I can only setup access to allow or deny all sites for the port.
Is allowing only a specific url and port possible with Winroute?

Thanks.
  •  
geabaldyvx

Messages: 39
Karma: 0
Send a private message to this user
it sounds like what you want to do is have a Webserver or something similar setup behind the firewall and when "Joe Bob" types in http://www.thebestproductever.com they get that server behind your firewall... but all other URLS to that IP Address get routed elsewhere behind the firewall... Sound Correct?

If this is the case you have to setup a Reverse Proxy as KWF does not have that capability built in.. if your simply doing Websites over Port 80 then you can use Apache otherwise you will need something a bit more robust...
  •  
axfleming

Messages: 3
Karma: 0
Send a private message to this user
Hello; thanks for your reply.
Actually, to be more specific, I want to allow access to, for example, www.kerio.com on port 14000 for the internal machines, but block access to all other internet sites on the same port.
Therefore port 14000 would only be open to access that one site.
  •  
geabaldyvx

Messages: 39
Karma: 0
Send a private message to this user
Out of curiosity why are you trying to make this a port thing? Why not just put your IP addresses of the exterior servers into the Host file and then not give DNS entries to a set group of IP's.. that way you can have completely controlled group.
  •  
axfleming

Messages: 3
Karma: 0
Send a private message to this user
Quote:

Re: How to allow external access to specific url and port and deny all other urls? Tue, 24 April 2007 14:35
geabaldyvx
Out of curiosity why are you trying to make this a port thing? Why not just put your IP addresses of the exterior servers into the Host file and then not give DNS entries to a set group of IP's.. that way you can have completely controlled group.


Well, your suggestion prompted me to investigate the other settings available, and I must say I am rather impressed with the flexibility of this product. Having previously used only personal firewall software I am unaccustomed to this amount of power. I do think however that the manual is poorly written and does not provide nearly enough examples, so I don't feel too silly.
By logging the blocked packets I discovered that the site in question was redirecting to another, which of course, wasn't covered by the rule. Rolling Eyes
Thanks for your assistance; it was quite helpful, even if indirectly.
Previous Topic: kerio firewall corrupts explorer
Next Topic: Kerio StaR Info
Goto Forum:
  


Disclaimer:
Kerio discussion forums are intended for open communication between forum members and may contain information and material posted by members which may be useful in learning about Kerio products. The discussion forums are not intended to provide technical support for any specific product. Any information implied or expressed in the discussion forums is that of the posting member. Kerio is in no way responsible for the information posted in the forums, or its accuracy. Kerio employees may participate in the discussions, but their postings do not represent an offical position of the company on any issues raised or discussed. Kerio reserves the right to monitor and maintain the forums to promote free and accurate exchange of information.

Current Time: Tue Nov 21 03:27:42 CET 2017

Total time taken to generate the page: 0.00387 seconds
.:: Contact :: Home ::.
Powered by: FUDforum 3.0.4.