Enabling passive FTP through Cisco ASA

As I explained 1:1 NAT (with example for PPTP passthrough) in this post you can also add more PAT just based on your access-list. I recognized a problem at one customer that FTP needs an inspection firewall entry. The customer runs a passive FTP server on tcp port 3002 which I forwarded to inside: object … Read more

Enabling World of Warcraft Installer/Updater

Behind a Sophos UTM or Astaro ASG, the World of Warcrafter Installer or Updater brings always the error message BLZPTS0000J at start. In most cases this is a problem with the http-proxy. So if you want to enable the Blizzard Updater to connect, you need to skip AntiVirus for the following URLs: ^https?://[A-Za-z0-9.-]*\.battle\.net/ ^https?://[A-Za-z0-9.-]*\.edgesuite\.net/ ^https?://[A-Za-z0-9.-]*\.blizzard\.com/ … Read more

Using parent proxies with Sophos UTM or Astaro ASG

One of my customers has several attached branch offices connected via MPLS. Branch Office UK is using the webproxy from the german location (central ASG cluster). They had problems using www.google.co.uk or other websites with geo-IP-filters so we need a the usage of parent proxies based on some URLs. To do this, just use web … Read more

Wireshark with Windows 8

Today I wanted to sniff broadcast packets within a customer network, so I download and installed Wireshark (Wireshark-win64-1.8.2.exe) on my new Windows 8 x64 Installation. WinPcap couldn’t be installed. I only got the message “This version of Windows is not supported by WinPcap 4.1.2. The Installation will be aborted”. To resolve this, just download the … Read more