Connect. Communicate. Collaborate. Securely.

Home » Kerio User Forums » Kerio Control » Dshield IPS rule blocking internal traffic
  •  
markt

Messages: 56
Karma: 4
Send a private message to this user
From around 9.30 GMT this morning all client connections to the kerio box (windows with most recent v7 package) are being dropped.

We have identified the cause as the IPS rule 'Dshield identified top attackers' for which we had the action to be log and drop. Changing this to log only permits the connections.

This is preventing all connections from the internal LAN to kerio. We have lpaced the rule in log only mode but would appreciate knowing if anyone else is facing a similar situation.
Internal IP range is a standard class C 192.168.x.x

Thank you.

[Updated on: Tue, 01 October 2013 11:55]

  •  
naonis.com

Messages: 94
Karma: 4
Send a private message to this user
Hello,

we had two reports about it.

King Regards,

Sandro Orefice
  •  
trylok

Messages: 4
Karma: 0
Send a private message to this user
Same problem here. Had to switch "dshield" on logging only to make it work again.
Hope this is getting fixed fast.
  •  
proger

Messages: 8
Karma: 0
Send a private message to this user
Same problem here with 2 hosts
  •  
Lisa Lyons (Kerio)

Messages: 175
Karma: 8
Send a private message to this user
Hi, Guys

Please see our knowledge base:

http://kb.kerio.com/1504

If you are using the 1xxx series box (the 'small' box, not the rackmounted version), you can power it off, wait for 10 minutes and you should find that the IDS/IPS signatures update themselves in this time.

Kerio Technical Support
Log Support Incidents here: http://www.kerio.com/support
Also, please use our KB: http://kb.kerio.com
Previous Topic: [Solved] IDS / IPS Dshield Identified Top Attackers blocks access from LAN
Next Topic: Kerio Software Appliance domain join
Goto Forum:
  


Disclaimer:
Kerio discussion forums are intended for open communication between forum members and may contain information and material posted by members which may be useful in learning about Kerio products. The discussion forums are not intended to provide technical support for any specific product. Any information implied or expressed in the discussion forums is that of the posting member. Kerio is in no way responsible for the information posted in the forums, or its accuracy. Kerio employees may participate in the discussions, but their postings do not represent an offical position of the company on any issues raised or discussed. Kerio reserves the right to monitor and maintain the forums to promote free and accurate exchange of information.

Current Time: Thu Oct 19 23:58:38 CEST 2017

Total time taken to generate the page: 0.00409 seconds
.:: Contact :: Home ::.
Powered by: FUDforum 3.0.4.