eWON firewall rule over internet between Azure

abouffard · October 29, 2020, 12:10pm

Hi,
I need to set a firewall rule between a computer connecter in lan port of the eWON so the computer can securely transmit and receive data from Azure ?

Azure : communication on port 443 https://decryptdisk.azurewebsites.net
Computer port ssh 22 but we want to redirect the port for another since leaving ssh 22 open is not a secure way to proceed.

What is the best way to do that on a flexy 205 ?

Thank you

deryck_hms · October 29, 2020, 6:25pm

Hello,

It sounds like you need to allow the ewon to act as a gateway. You can make the following changes in the ewon’s comcfg.cfg file to allow this lan device to reach the internet.

abouffard · October 29, 2020, 6:56pm

Settings are like you are suggesting, and we have another installation with exact same rules and it works.

VPN outgoing certificates are empty fields, how are they populated ?

deryck_hms · October 29, 2020, 8:14pm

These errors are not related to the setting changes I suggested. This looks more related to the ewon opening its ssl connection to our servers. You will want to make sure you are not blocking access or as the error suggests make sure you don’t need to go though a proxy.

SSL errors can also be from the time being wrong.

The device should have the certs it needs out of the box. If you have altered or deleted them you can perform a level 2 reset on the device to restore them.

Deryck

abouffard · October 29, 2020, 8:49pm

I did the regular reset by pushing the reset key 40 secs, but a level 2 is deaper ?
Here are logs from the device;
t2m-Talk2M: read VPN server address failed
t2m-DNS failure, using static Talk2M access server
dns-Unable to resolve host name (device.api.talk2m.com)
dns-Unable to resolve host name (talk2m_pro)
ovpn-Could not read Talk2M VPN server address, using last valid.

deryck_hms · October 29, 2020, 9:04pm

Hello @abouffard,

You can find more info about a level two reset in section 7 of the installation guide.

The error you posted make me suspect the device is not properly configured for internet access.

I recommend taking a look at the talk2m setup info on our site. https://ewon.biz/technical-support/step-by-step-guide/configuration?ordercode=Flexy20500_00MA

You can find more info on the addresses and ports the ewon needs access to here: https://www.ewon.biz/technical-support/pages/talk2m-status/talk2m-vpn-servers

Regards,
Deryck