SRX210 UTM - AV doesn't work on port 8080(HTTP)

Duso · ‎05-29-2009

Hello,

AV(Kaspersky) doesn't work on port 8080(HTTP). On 80(HTTP) works OK. For testing I used EICAR.

How can I enable scanning for HTTP on port 8080 ?

Any ideas ?

Thanks in advance

Duso

ScreenOS · ‎12-28-2007

You must configure a firewall policy with TCP port 8080 and with AV profile attached to it for the AV engine to scan on non standard port.

Duso · ‎05-29-2009

Hello,

in the firewall policy I have configured custom TCP 8080 port (set applications application http-8080 protocol tcp destination-port 8080) & AV-profile attached for FW rule.

from-zone untrust to-zone untrust {
    policy proxy-DNAT {
        match {
            source-address any;
            destination-address any;
            application http-8080;
        }
        then {
            permit {
                application-services {
                    utm-policy custom-utm-policy;
                }
            }
        }
    }
}


utm-policy custom-utm-policy {
    anti-virus {
        http-profile av_test;
    }
}

Is it possible to somehow define in 'UTM Policies > AV-profiles > HTTP profile' a different port ?

Duso

msheikoh · ‎12-09-2009

have a look at this doc.

set port 80 and 8080 (http-ext )

www.pmi.it/file/whitepaper/000351.pdf

Duso · ‎05-29-2009

Hello,

port 8080 (HTTP-EXT) is predefined only for ScreenOS

for JUNOS HTTP-EXT = 7001

# show groups junos-defaults applications application junos-http-ext
term t1 protocol tcp destination-port 7001;

Regards,

Duso

ScreenOS · ‎12-28-2007

No you cannot

SRX210 UTM - AV doesn't work on port 8080(HTTP)

Re: SRX210 UTM - AV doesn't work on port 8080(HTTP)

Re: SRX210 UTM - AV doesn't work on port 8080(HTTP)

Re: SRX210 UTM - AV doesn't work on port 8080(HTTP)

Re: SRX210 UTM - AV doesn't work on port 8080(HTTP)

Re: SRX210 UTM - AV doesn't work on port 8080(HTTP)