1. Installation

2. WebAdmin

3. Dashboard

4. Management

4.1 System Settings

4.1.1

4.2 WebAdmin Settings

4.2.1 General

WebAdmin Language
Leave this as English
WebAdmin Access Control
Currently set superadmins to admin, dnh, ajh. I have changed the Allowed Networks to Internal (Network) for added security.

4.2.2 Access Control

No changes to these settings (AUDITOR and READONLY)

4.2.3 HTTPS Certificate

No changes to these settings

4.2.4 RESTful API

No changes to these settings

4.2.5 User Preferences

Increased the table pager items to 25

4.2.6 Advanced

No changes

4.3 Licensing

No changes

4.4 Up2Date

No changes

4.5 Backup/Restore

More reading on this section required

4.6 User Portal

5. Local Fixes

Fix the "hairpin" bug

The "hairpin" bug is a "feature" of router efficiency - when an external address that maps (externally) back to a local network object, the router recognizes this, and changes the from address to the local object (rather than the externally recognized address). When the server tries to respond to this, it uses the supplied address, which is not recognized externally, and consequently returns a "server not responding" message. The following steps will rectify this.

These steps are taken from the Sophos Community Knowledge Base.

1.    Browse to Network Protection | NAT | NAT.
2.    Click New NAT rule...
3.    Under Position, change the number such that it is the same as your existing DNAT rule.
        This will cause the new rule to be immediately above the existing rule.
        If the Full-NAT rule is below the DNAT rule, the DNAT rule will apply instead, and the Full-NAT rule will not work.
4.    Change Rule Type to Full NAT (Source + Destination).
5.    Under For traffic from, choose your affected internal network.
        For example: Internal (LAN) (Network)
6.    Under Use service, choose the appropriate service or group of services (eg. HTTP, HTTPS, etc).
7.    Under Going to, choose the external address of the server to be forwarded.
        For example: External (WAN) (Address)
8.    Under Change the destination to, choose the internal address of the server.
9.    Under Change the source to, choose your UTM's internal address object for the appropriate internal network.
        For example: Internal (LAN) (Address)
10.   Ensure Automatic Firewall rule is checked. Otherwise, ensure you create the appropriate firewall objects.
11.   Click Save.
12.   Activate the new Full-NAT object.
This page is copyright, and maintained by John Hurst. 2093 accesses since
25 Oct 2019
My PhotoMy PhotoTrain Photo

Local servers: Localhost Newport Burnley Everton Hamilton Bittern Spencer (Note that these are only accessible on my local network.)
Public Web Servers: Hurst Server/ajhurst.org Home Server/ajh.co Home Server/ajh.id.au Internode Server (In order of preference; not all of these may be active.)
Dynamically generated at 20200218:0715 from an XML file modified on 20191216:1926.

165 accesses since 04 May 2019, HTML cache rendered at 20200218:0715