Connect. Communicate. Collaborate. Securely.

Home » Kerio User Forums » Kerio Control » Can't reach website (Unable to reach midmobank.com)
  •  
CCWTech

Messages: 8
Karma: 0
Send a private message to this user
I am new to the Kerio world, so I need a bit of help.

My client has a Kerio control 9.0.0 build 442 / Control box 1000.

About 10 days ago, he lost access to midmobank.com

No changes have been made to the appliance. We have hooked up a laptop directly to the modem and can reach midmobank.com.

When I try to ping midmobank.com DNS is able to resolve it to 159.135.7.76 but all pings fail (100 loss).

Any suggestions?
  •  
Brian (GFI/Kerio)

Messages: 727
Karma: 70
Send a private message to this user
That site loads for me, and the IP address is pinging. I am also behind Kerio Control. Check your security and filter logs to see if that site is being blocked by a policy. In the web administration under the Status section there is an IP tools http://kb.kerio.com/1428. Try to ping that same host using the IP tools.

Brian Carmichael
Instructional Content Architect
  •  
CCWTech

Messages: 8
Karma: 0
Send a private message to this user
Won't ping from IP tools, but this looks like the problem:

[28/Mar/2017 08:26:10] IPS: Packet drop, severity: Blacklist, Rule ID: 1:2400013 ET DROP Spamhaus DROP Listed Traffic Inbound group 14, proto:TCP, ip/port:192.168.0.106:54474 -> 159.135.7.76:443

What can I do to resolve this issue please?
  •  
CCWTech

Messages: 8
Karma: 0
Send a private message to this user
Very odd since Spamhaus says it is okay:

spamhaus.org/query/ip/159.135.7.76
  •  
Brian (GFI/Kerio)

Messages: 727
Karma: 70
Send a private message to this user
Perhaps the blacklist is not current. Kerio Control 9.0 is not a recent version. I suggest upgrading. Otherwise there is information in this KB article http://kb.kerio.com/product/kerio-control/security/configuri ng-intrusion-prevention-system-1324.html
regarding the IPS feature and how to create exceptions.

Brian Carmichael
Instructional Content Architect
  •  
CCWTech

Messages: 8
Karma: 0
Send a private message to this user
We are out of maintenance, will it still update or do we need to get current in order to update?
  •  
Brian (GFI/Kerio)

Messages: 727
Karma: 70
Send a private message to this user
IPS will not update if you are out of maintenance. You can set the action of that blacklist in the IPS settings to do nothing so that you can regain access to that site. If you're on the 1110 series box you will not be able to renew maintenance as that box will be end of life by the end of this year.
However you may be entitled to a discounted upgrade to the NG100 hardware appliance, which would give you unlimited users, current software maintenance, faster hardware, optional WiFi, and a new warranty.

Brian Carmichael
Instructional Content Architect
  •  
CCWTech

Messages: 8
Karma: 0
Send a private message to this user
It just says Kerio Control Box 1000. How can I tell if it's part of the 1110 series?

Also, since I am not under maintenance, why would it have just started blocking that site 10 days ago?
  •  
Brian (GFI/Kerio)

Messages: 727
Karma: 70
Send a private message to this user
The specific model number is printed on the front of the device. That model includes a 4 GB hard drive and 2 GB of RAM, which can be confirmed in the System Health section of the administration. When did your maintenance expire?

Brian Carmichael
Instructional Content Architect
  •  
CCWTech

Messages: 8
Karma: 0
Send a private message to this user
This looks like it has 4 GB of RAM but says 28.25 GB of drive space. I'll PM you the serial # if that helps.
  •  
Brian (GFI/Kerio)

Messages: 727
Karma: 70
Send a private message to this user
Ok, then you have the 1120, which is not end of life. So your options are:
- Renew your software maintenance
- Configure the Spamhaus blacklist in IPS to log only or do nothing

Brian Carmichael
Instructional Content Architect
  •  
CCWTech

Messages: 8
Karma: 0
Send a private message to this user
I know I'm going to be asked. If the list doesn't update because it's out of maintenance, why did the website stop working?
  •  
Brian (GFI/Kerio)

Messages: 727
Karma: 70
Send a private message to this user
The website didn't work because that host IP was on the Spamhaus blacklist. It's since been delisted (maybe it was recent) but you can't update to this new list until you renew your software maintenance. Otherwise disable blocking the Spamhaus blacklist.

Brian Carmichael
Instructional Content Architect
  •  
CCWTech

Messages: 8
Karma: 0
Send a private message to this user
I get that, but since it hasn't updated since August 16, why would it have started blocking 10 days ago? What changed?
Previous Topic: full internet for ip address
Next Topic: Snmp Monitoring of firewall running KerioOS 8.x or later
Goto Forum:
  


Disclaimer:
Kerio discussion forums are intended for open communication between forum members and may contain information and material posted by members which may be useful in learning about Kerio products. The discussion forums are not intended to provide technical support for any specific product. Any information implied or expressed in the discussion forums is that of the posting member. Kerio is in no way responsible for the information posted in the forums, or its accuracy. Kerio employees may participate in the discussions, but their postings do not represent an offical position of the company on any issues raised or discussed. Kerio reserves the right to monitor and maintain the forums to promote free and accurate exchange of information.

Current Time: Tue Aug 22 05:30:15 CEST 2017

Total time taken to generate the page: 0.00558 seconds
.:: Contact :: Home ::.
Powered by: FUDforum 3.0.4.