Connect. Communicate. Collaborate. Securely.

Home » Kerio User Forums » Kerio Control » Turn Off Firewall
  •  
arman021

Messages: 1
Karma: 0
Send a private message to this user
Hello

How Can Turn Off Firewall in kerio ?
  •  
Petr Dobry (Kerio)

Messages: 782
Karma: 61
Send a private message to this user
I don't understand your question. Kerio Control IS a firewall. That it's primary purpose.

Petr Dobry
Product Development Manager | Kerio
  •  
valshare

Messages: 85
Karma: 0
Send a private message to this user
  •  
Criesx

Messages: 5
Karma: 0
Send a private message to this user
It is not a good idea to turn up the firewall. Malware can easily intrude the system if you close it.
BTW, a friend of my just happened to get .locky virus after turn off its firewall for couble of days. but luckily remove it with guide from internet http://www.fastremovevirus.com/remove-locky-file-extension-c ompletely-from-pc.html However, you cannot say for certain tha that you get that luck Laughing Laughing Think twice!

[Updated on: Thu, 14 April 2016 09:27]

  •  
jassu

Messages: 27
Karma: 0
Send a private message to this user
I know it is nod a good thing to turn firewall off, but sometimes it is a risk you want to take for debugging example. When turning the firewall off for few minutes, you can be sure that theres no filtering coming from firewalls side. Also please remeber, that not all networks are crucial and you might have been taking some devices down for the time of testing.

I'm running Kerio Control NG100 box, and i would love to turn it totally to "no filtering" mode with just a one click, because i'm trying to trace some network problems without success. Problems started after i added Kerio Control to my network, but the thing is that i want to be 100% sure where the problem is before bashing the device Smile
  •  
Brian (GFI/Kerio)

Messages: 778
Karma: 79
Send a private message to this user
This is a fair question for exactly the reasons you noted. There are two core security components you can disable, IPS and Protocol Inspection. Disabling IPS is simply a checkbox within the Intrusion Prevention dialog. To disable protocol inspection, refer to this KB http://kb.kerio.com/product/kerio-control/security/protocol- inspection-in-kerio-control-1689.html specifically at the bottom where it describes how to disable inspection in the traffic rules.

Brian Carmichael
Instructional Content Architect
  •  
jassu

Messages: 27
Karma: 0
Send a private message to this user
Ok, i just removed the whole Kerio firewall from my network because i just wanted the device to work, so now my old zyxel is doing firewalling again and everything works.

A question about the protocol inspection: should that write a log where the blocking or filtering should be seen?

[Updated on: Fri, 29 April 2016 20:36]

  •  
Brian (GFI/Kerio)

Messages: 778
Karma: 79
Send a private message to this user
I believe the filter log would report a message if it detects binary data over HTTP, which is probably what is happening. Another possibility is that it could be related to the type of NAT setting. By default Kerio Control uses a restricted NAT setting. You can change it to full cone NAT http://kb.kerio.com/product/kerio-control/security/configuri ng-ip-address-translation-1318.html

Brian Carmichael
Instructional Content Architect
  •  
jassu

Messages: 27
Karma: 0
Send a private message to this user
I am not using NAT, kerio control is routing my network (the router is bridged before) because i have /28 public network at home.

The solution was to modify protocol inspection, i turned it off from the withings /24 -network and that fixed the thing.By default that column is not shown in the traffic rules section, so its quite funny that it has default value other than "allow".
Previous Topic: Kerio Control virtual NIC prioritizing over physical NIC
Next Topic: Kerio Control and Withings WS-50
Goto Forum:
  


Disclaimer:
Kerio discussion forums are intended for open communication between forum members and may contain information and material posted by members which may be useful in learning about Kerio products. The discussion forums are not intended to provide technical support for any specific product. Any information implied or expressed in the discussion forums is that of the posting member. Kerio is in no way responsible for the information posted in the forums, or its accuracy. Kerio employees may participate in the discussions, but their postings do not represent an offical position of the company on any issues raised or discussed. Kerio reserves the right to monitor and maintain the forums to promote free and accurate exchange of information.

Current Time: Sat Nov 18 01:57:37 CET 2017

Total time taken to generate the page: 0.00530 seconds
.:: Contact :: Home ::.
Powered by: FUDforum 3.0.4.