NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.
Forum Discussion
FVS336G and Bluecoat Filter/ IPSec
We have a FVS336Gv2 router. We are setting up the Threatpulse web filter form Bluetooth. It can work with an IPSec tunnel to their site which provides the filtering.
Their tech support helped me set up in IKE policy that connected to their site. Once we connected, however, our SBS 2011 server was no longer accessible from the internet. That means no SMTP on port 25 and no remote access, etc on port 443. We looked for ways to just direct outbound port 80 and 443, but didn't see a way to do it. Can policies be created for specific ports?
Their tech support helped me set up in IKE policy that connected to their site. Once we connected, however, our SBS 2011 server was no longer accessible from the internet. That means no SMTP on port 25 and no remote access, etc on port 443. We looked for ways to just direct outbound port 80 and 443, but didn't see a way to do it. Can policies be created for specific ports?
12 Replies
- Bluecoat claims that the remote has to be the entire internet, since the tunnel connects through their provider in the cloud to the entire internet. Apparently some routers allow the creation of policies that only forward certain ports throrugh the tunnel. That would be a problem for us anyway, since we need 443 to go incoming to our server, but outgoing throught their provider.
I may just forward our DNS alias to the WAN2 IP address and set the destination in the LAN WAN inbound services rules to WAN2 and outbound 80 and 443 to WAN1, with the tunnel to Bluecoat. Would that work? (right now, we are in auto-rollover mode, since WAN1 is much faster. But WAN2 should be fast enough to handle the email and RWW.) - My suggestion would be to ditch Bluecoat and get ProSecure a UTM device. Link is in my sig.
NETGEAR Academy
Boost your skills with the Netgear Academy - Get trained, certified and stay ahead with the latest Netgear technology!
Join Us!
