Problem with configuring the Netgate 1100
-
At a basic level what are you seeing that makes you think you are seeing attacks?
When I say an attacker inside your network what I mean is if you are running, for example, a public wifi network and an attack is coming from that subnet inside the firewall.
Steve
-
Hi, I wonder why I dont see the Squid certificate in the padlock icon by clicking on it on websites in web browser. If you dont see it, then it can mean it doesnt work.
-
You would only see that if you implemented a 'full bump' MITM style Squid install where it's intercepting all traffic.
-
@stephenw10 you mean "splice whitelist, bump otherwise"?
I also wonder why I dont see the IPv4 address from my netgate router in system settings on computer.
-
@netgate1100guy I can see IPv4 adress now, fixed it. Still wonder about the padlock icon and Squid in webbrowser.
-
@netgate1100guy And wonder how to fix "ICAP protocol error" when I try to visit websites
-
You should see the Netgate LAN IP as the gateway on a client behind it. Assuming you're using DHCP.
-
@stephenw10 Now I get the error message "ERR_CONNECTION_TIMED_OUT" when try to view the default admin site with 192.168.1.1 IP adress, how do I fix this?
Am running Squid with MITM mode..
-
Undo whatever you last did?
If you have console access you can roll back the config there.
I would disable Squid though.
-
@stephenw10 Hi thanks, got Squid enabled but have it on just "splice all" with HTTP proxy active, works much better. I wonder about something:
If a hacker somehow blocks downloads from the internet (happens often) and there is a hacker (numerous unknown IP addresses), does that mean the hacker is inside my local network?
Can a hacker block and interfere with downloads by hitting the internet modem/central or maybe even WAN port on Netgate 1100, but without getting inside and into my computer? -
@netgate1100guy said in Problem with configuring the Netgate 1100:
If a hacker somehow blocks downloads from the internet (happens often) and there is a hacker (numerous unknown IP addresses)
What exactly are you seeing that makes you think this is happening?
It's far more likely to be a compromise on your local client if it really is malicious activity.
However simply being unable to download is probably a config issue.
Either way Squid won't help you at all here. And on an 1100 could well be causing more problems.
Steve
-
-