14. [Symptom] Block ActiveX & Java Applet via IPSec tunnel fails.
[Condition]
HQ and branch office application scenario
PC1------------Branch_1(ZW2+)-----------HQ(ZW2+)----------Branch_2(ZW35)----
(192.168.2.0) (192.168.1.0)
----------PC2
(192.168.4.0)
DUT1 (HQ)
(1). Register CF service; Enable Content Filter and Content Filter for traffic that
matches IPSec Policy.
(2). CF service blocks "ActiveX, Java Applet, Cookies and Web Proxy".
(3). Edit Denied Access Message & Redirect URL.
(4). Edit web eWC/VPN,add gateway policy,Name=IKE1,Remote Gateway
Address=0.0.0.0,Pre-Shared Key=12345678
(5). Edit web eWC/VPN,add network policy for IKE1,Active=enable,
Name=IPSec1,Local Address Type=Single,Local Network/Starting IP
Address=0.0.0.0,Remote Address Type=Single,Remote Network/Starting IP
Address=0.0.0.0
DUT2 (Branch_1,LAN=192.168.2.0)
(1). Edit web eWC/VPN,add gateway policy,Name=IKE1,Remote Gateway
Address=DUT1 WAN IP address,Pre-Shared Key=12345678
(2). Edit web eWC/VPN,add network policy for IKE1,Active=enable,
Name=IPSec1,Local Address Type=Subnet,Local Network/Starting IP
Address=192.168.2.0,Local Network/End IP Address=255.255.255.0,Remote
Address Type=Single,Remote Network/Starting IP Address=0.0.0.0
Result:
(1). PC1 can't http http://dob.tnc.edu.tw/themes/old/showPage.php?s=152&t=5
with Java Applet example and there is blocked log on DUT1. But there is no
"Denied Access Message" and can't redirect to configured URL.
(2). Setup same configuration on Branch_2 (ZW35). PC2 can't http
http://dob.tnc.edu.tw/themes/old/showPage.php?s=152&t=5 with Java Applet
example and there is blocked log on DUT1. There is "Denied Access Message"
and can redirect to configured URL.
Features:
Modifications in V 4.01(XU.0) | 10/16/2006
1. Formal Release.
Modifications in V 4.01(XU.0)b4 | 10/11/2006
1. [BUG FIX]
Symptom: There is not the help page for IPSec_PortForw_Server.html.
Condition:
1) SECURITY>>VPN, add Gateway Policy.
2) Add Network Policy.
3) Active check box “active” of Virtual Address Mapping Rule.
To Next Page
Loading...
