Jump to content


Photo

Spyware WAN-side not working


  • This topic is locked This topic is locked
7 replies to this topic

#1 gijsbert

gijsbert
  • Members
  • 1 posts

Posted 06 July 2005 - 11:33 AM

I've installed a spyware 210 box behind a cisco pix firewall. However, no matter what I try, when switching to the 'live' situation (active in pass through management), I can no longer connect to the Internet. I tested this with a straight and crossed cable, but without any results. I've been told that the spywarebox is completely transparant, so there should be no modification necessary on my cisco pix. The current situation is a very simple networksetup:internet --> adsl-modem --> cisco pix (192.168.1.1) --> switch --> lanI gave the spyware ip-address 192.168.1.200 and followed the instructions in the quick start guide. The new situation is:internet --> adsl-modem --> cisco pix (192.168.1.1) --> wan-spyware-lan --> switch --> lanDoes anyone have an idea what I'm doing wrong? Kind regards,Gijsbert RochatThe Netherlands

#2 pbennett

pbennett
  • Members
  • 5 posts

Posted 06 July 2005 - 02:24 PM

I am having the exact same problem using a Pix 501.I have a Barracuda 210, Firmware 1.0.22 (Jul 5, 2005).We have T1 - Router - Pix - Barracuda.Using the Troubleshooting Tools (Advanced Menu) I can ping any internal address on my network, but nothing on the internet. I verified that my DNS server IP's were correct also.When I try to do a browse test from the firewall, it is unable to access any sites at all (even msn.com).Also, it doesn't show my subscription as active (I assume for the same reasons as above).Passes traffic just fine in soft bypass, chokes on active.

#3 pbennett

pbennett
  • Members
  • 5 posts

Posted 06 July 2005 - 09:45 PM

Problem resolved.It turns out that when updating the firmware, you need to make sure the unit is in soft bypass mode. While I could swear up and down that it was, maybe not.Anyway, what happens is that a log file in the OS get's screwed up, and a technician from Barracuda had to remote in to the unit to delete the corrupted file. Once that was done, we were able to place the unit into active mode and everything worked 100% as advertised.It looked like a rights issue, a DNS issue, all sorts of things, but it was just that one corrupted file.I think the key here is to remember that when upgrading the firmware, make sure that you place the unit in soft bypass mode and save that change once you make it. Then upgrade the firmware, reboot the unit, and place it back in active mode. I haven't had a chance to test this, but it is what is recommended by tech support.Once my unit went active, it worked like a charm. I have been monitoring the log file for suspect url's and blocking as needed for things like Weatherbug. I need to find a way to work a proxy server into this for web caching, but this should save a lot of problems in terms of wasted bandwidth, spyware, etc.

#4 fleming

fleming
  • Barracuda Team Members
  • 21 posts

Posted 08 July 2005 - 05:46 PM

This is related to a bug in the postinstall process of the spyware update, it is fixed now. The easiest thing to do is:1. Set the box to SOFT_BYPASS2. Revert back to 1.0.20 which should be your last Firmware version3. Re-install the new firmware 1.0.22 in SOFT_BYPASS mode4. As the box recycles itself, it will fix the problem

#5 David Judd

David Judd
  • Members
  • 0 posts

Posted 18 July 2005 - 02:36 AM

my 410 WAS in soft-bypass before and during the update, but after the 1.0.22 update, the 'browse test' failed, and client access to web sites in active mode.ping, nslookup, etc. still worked ok, but no browse.Did the revert to 1.0.20 and back to 1.0.22, all is well now.Looking forward to the firmware update to make the box 'transparent'so that we can run it in Active mode.thanks. 8)

#6 Von Housen

Von Housen
  • Members
  • 31 posts

Posted 26 July 2005 - 01:42 AM

will this issue be fixed in later releases? or is this the newly documented way to upgrade firmware?

#7 swaters

swaters
  • Members
  • 2 posts

Posted 11 August 2005 - 04:04 PM

Any fixes for this yet? I have called support however I am waiting on the call back, I figured I would try here.I have Internet router --> Cisco PIX 515 --> Spyware Firewall --> corporate router ---> switchThanks

#8 Richard Smith

Richard Smith
  • Members
  • 0 posts

Posted 19 August 2005 - 05:29 PM

I am also experiencing this problem. I had updated to 1.1.0 without solving my problem so I tried to revert to 1.0.20 and now it will not let me connect back into it. I have a call into Barracuda, but haven't heard back yet. My configuration is Internet router --> Cisco PIX 515 --> Spyware firewall --> Layer 3 switch routing to corporate Vlan.Any suggestions while I am waiting for tech support?Thanks