Got it
Huawei Enterprise Support Community
Community Forums Security
USG6330 AV profile proble...

USG6330 AV profile problem

Created: Jan 25, 2017 09:08:13Latest reply: Jan 30, 2017 12:08:29 1961 5 0 0 0
  Rewarded HiCoins: 0 (problem resolved)
View the author 1#
This post was last edited by asmolarek at 2017-01-25 09:41.     Hi,
I have prblem with Anty Virus profile. I have simple configuration. I have two zones, trust and ustrust. In the trust zone I have Exchange server for office email services. My configuration:
Security policies:

Name



Source Zone



Destination Zone



Source Address



Destination Address



Service



Application



Action



Content Security



LAN_NAT



trust



untrust



LAN_SUBNET



any



any



any



permit







Exchange



untrust



trust



any



Private_Exchange_Address



smtp



any



permit








NAT policies:

Name



Public IP Address



Private IP Address



Protocol



Public Port



Private Port



Exchange_NAT



WAN interface public IP



Private_Exchange_Address






TCP



25



25




When I use Anty Virus profile (not default, all action in profile = ALERT) in LAN_NAT security profile I have problem with e-mail services.
The problem is that I can't send emails for some domain (gmail for example). I don't have to high device or link load. I don't see any log messages. Only on Exchange server I see "Connection timeout" message to particular receivers servers. When I disconnect AV profile everything work normal. I also would like to use IPS or URL filtering but I'm afraid when I enable it my whole network stops :(
Thank you for any help.
Regards.

Like (0) Dislike (0) Favorite(0) Share Report
Previous: Send email alert
Next: USG6330 Problem with Update Center
Featured Answers

Best answer

(0) (0)
javinet
Created Jan 25, 2017 09:08:14

This post was last edited by javinet at 2017-01-27 18:19. please can you post: display av statistics

if the action is alert there is no way to fail, in your av profile prove activate smtp on download direction too
regards
View more
  • x
  • convention:
All Answers
(0) (0)
4#
javinet
javinet Created Jan 25, 2017 09:08:14

This post was last edited by javinet at 2017-01-27 18:19. please can you post: display av statistics

if the action is alert there is no way to fail, in your av profile prove activate smtp on download direction too
regards
View more
  • x
  • convention:
(0) (0)
2#
sertan_akyuz
sertan_akyuz Created Jan 26, 2017 10:19:05

Hi,

Could you please post your "display profile type av" please.
View more
  • x
  • convention:
(0) (0)
3#
Poland_Arek
Poland_Arek Created Jan 27, 2017 07:37:45

Posted by sertan_akyuz at 2017-01-26 10:19 Hi,Could you please post your "display profile type av" please.
2017-01-26 10:19.630 01:00
AV Profile Configurations:
Total Profiles: 2
-------------------------------------------------------------------
AV Profile Name : dms_av
Description Text :
Attack Evidence Collection : Disable
Heuristic Detection : Disable
Interworking Detection : Disable

Scan Protocol Configurations:
---------------------------------------------------------------
Protocol Name Direction Action
---------------------------------------------------------------
HTTP both alert
FTP both alert
SMTP upload alert
POP3 download alert
IMAP both alert
NFS both alert
SMB both alert
---------------------------------------------------------------

Exception Application Configurations:
---------------------------------------------------------------
Application name Action
---------------------------------------------------------------
---------------------------------------------------------------

Exception AV-Signature-Id Configurations:
---------------------------------------------------------------
AV-Signature-Id Name
---------------------------------------------------------------
---------------------------------------------------------------

Whitelist Configurations:
---------------------------------------------------------------
Type Whitelist
---------------------------------------------------------------
---------------------------------------------------------------
-------------------------------------------------------------------
View more
  • x
  • convention:
(0) (0)
5#
Poland_Arek
Poland_Arek Created Jan 30, 2017 08:45:00

Posted by javinet at 2017-01-27 18:13 please can you post: display av statistics if the action is alert there is no way to fail, in your a ...
Hi,
It's hard to collect av statistics because I have to disabled this option (there is needed full email functionality all time). Also there is no upload option for smtp.
View more
  • x
  • convention:
(0) (0)
6#
sertan_akyuz
sertan_akyuz Created Jan 30, 2017 12:08:29

I am sure there is something we are missing. Could you please attach your disp curr
View more
  • x
  • convention:
Back to list

Comment

Advanced
B Color Image Link Quote Code Smilies
You need to log in to comment to the post Login | Register
Comment

Notice: To protect the legitimate rights and interests of you, the community, and third parties, do not release content that may bring legal risks to all parties, including but are not limited to the following:
  • Politically sensitive content
  • Content concerning pornography, gambling, and drug abuse
  • Content that may disclose or infringe upon others ' commercial secrets, intellectual properties, including trade marks, copyrights, and patents, and personal privacy
Do not share your account and password with others. All operations performed using your account will be regarded as your own actions and all consequences arising therefrom will be borne by you. For details, see " User Agreement."

My Followers

Login and enjoy all the member benefits

Login
Huawei Website Support About Huawei Privacy User Agreement Terms of Use Cookies Cookie Settings
Huawei Enterprise Huawei Carrier Forum Training & Certification

Contact Us: e_online@huawei.com Copyright © 2022 Huawei Technologies Co., Ltd. All rights reserved.

APP

Block
Are you sure to block this user?
Users on your blacklist cannot comment on your post,cannot mention you, cannot send you private messages.
Reminder
Please bind your phone number to obtain invitation bonus.