Jan 28
This works on version 4.2.x and later.
Login to StoneGate firewall node and issue a following command:
vpninfo -S | grep login
If you want to know currently logged legacy ipsec vpn client (v.2.6.x) users issue a following command:
vpninfo -S | grep -A 10 login | grep -B 10 “UDP encap” | grep login
written by vm - 1,567 views
\\ tags: CLI, mvpn client, stonegate firewall
Jan 20
Hello World!
Just want to share with you test I’ve done with StoneGate on Citrix Xen 5.0.
Not that platform is listed as compatible or supported by Stonesoft, of course, but I wanted to check to which extent it works out of the box… and the answer is… nicely!
I’ve installed the bare metal Citrix Xen Hypervisor 5.0 on a 64bit Intel laptop with virtualization extension enabled in BIOS (otherwise it does not install).
Then I’ve installed the Management software on my Windows Vista box, accessed the server and tried to install StoneGate FW/VPN Engine software 4.3.1 from installation ISO.
Installation went on nicely, engine contacted the SMC and I’ve installed a simple Any-Any-Any-Allow policy as shown below
Validation started…
No issues have been detected.
Contacting nodes of Xen-StoneGate
Connection ok on firewall Xen-StoneGate
Preparing configuration for Xen-StoneGate
Policy snapshot started
Policy snapshot created.
Uploading configuration on Xen-StoneGate
New configuration generated for firewall Xen-StoneGate
New configuration uploaded to firewall Xen-StoneGate
Applying configuration on Xen-StoneGate
New configuration activated on firewall Xen-StoneGate
Checking connectivity on Xen-StoneGate
Contact with firewall Xen-StoneGate confirmed
Policy installation successful for Xen-StoneGate
Tried to ping it, accessing it in SSH, ping from it… all worked out beautifully!
NICs have been recognized as 8139cp.
I’m sharing this experience to have some comments from you out there:
-
to my knowledge, paravirtualization required modified kernel in guest machine: why did it work out of the box like a charm?
-
did you test any other security engine in Citrix Xen (or any other virtualization platform other than VMware)?
-
what is your opinion about Xen, compared with VMware ESX? Plusses, minuses?
-
should Stonesoft support it? Why?
written by RoarinPenguin - 1,541 views
\\ tags: stonegate firewall, Virtualization, Xen
Dec 01
Each time an event listed in the table below occurs, it is checked if the corresponding script specified in the table exists. If the script exists, a notification log message indicating script execution is produced. After that, the script is tried to be executed with the parameter(s) specified in the table. If the script can not be executed, if the script is terminated by a signal or if the script exits with a non-zero value, an error log message is produced. If the script is succesfully executed and it exits with zero value, another notification log message is produced after the script exits.
EVENT :: SCRIPT :: PARAMETER(S)
Node has been booted :: /data/run-at-boot :: (none)
Policy has been applied :: /data/run-at-policy-apply :: Id of the new configuration
Node enters “online” state :: /data/run-at-online :: Previous cluster status (1)
Node enters “locked-online” state :: /data/run-at-locked-online :: Previous cluster status (1)
Node enters “offline” state :: /data/run-at-offline :: Previous cluster status (1)
Node enters “locked-offline” state :: /data/run-at-locked-offline :: Previous cluster status (1)
Node enters “standby” state :: /data/run-at-standby :: Previous cluster status (1)
(1) One of the following strings:
- online
- locked-online
- offline
- locked-offline
written by RoarinPenguin - 1,412 views
\\ tags: hooks, state transitions, stonegate firewall
(3 votes, average: 4.33 out of 5)
Loading ...
No Comments »
Recent Comments