Firewall Properties
Dialog
Name
Enter unique name for this firewall. This name will be used in the Session Options dialog to specify the firewall for a given session .
Type group
Select the firewall type from the drop-down list. The supported firewalls are listed below.
Generic/Telnet
- Choose this option if you connect through a proxy server that uses
a simple send/expect interface. Selecting this type will enable the Proxy prompt and Proxy command
options described below.
SOCKS
Version 4
SOCKS
Version 5 (no authentication
)
SOCKS
Version 5 (username/password) - If your firewall server is running
either SOCKS version 4 or SOCKS version 5, select one of these types for
the Type field. Enter the hostname or IP
address of your SOCKS firewall server in the "Hostname
or IP" field, and enter the SOCKS firewall port number in the "Port"
field. The conventional port number for SOCKS is 1080.
The "username/password"
version of the SOCKS firewall choices allows for firewall user
authentication. The only method of authentication currently supported
is the "Username/Password Authentication" protocol, which requires
the username and password to be sent as clear text. Therefore, this method
is not recommended for nonsecure environments
HTTP
(no authentication) - This type allows your server to connect through
an HTTP proxy server.
HTTP
(Basic username/password) - This type allows your server to connect
through an HTTP proxy server that supports "Basic" authentication
(this is an HTTP standard). "Basic" authentication sends usernames
and passwords in the clear, therefore, this method is not recommended
for nonsecure environments.
OPEN
host - Select this type if your firewall server requires the OPEN
command. This type may be selected for the CSM
proxy server. Also, enter the hostname and port of the firewall server
in the appropriate fields.
USER
user@host:port - Select this type if your server is running the WinGate proxy server. Enter the hostname
or IP address and port of the firewall server in the appropriate fields.
This type may also be selected for use with the CSM
proxy server.
This type should also be used for the WinProxy
proxy server. For this particular proxy server you may also need to have
the Use outgoing data connections (PASV) option unchecked
in the Connection/FTP
category of the Session Options
dialog.
USER
user@host port
USER
user@host port (with login) - Select these types if your server is
running the TIS Internet Firewall Toolkit. Choose the first form if the
firewall server does not require authentication. If your firewall server
requires authentication, choose the second form. Also, enter the hostname
or IP address and port of the firewall server in the appropriate fields.
USER
user@host login - This type will send the remote username and the
server address followed by the firewall user ID. It then expects to send
the password for the remote user and the password for the firewall user.
This type should be used if your server is running the Raptor
Firewall.
For this firewall type you will need to enter the username and password
that is required by the firewall server to authenticate your connection . Also, enter the hostname
or IP address and port of the firewall server in the appropriate fields.
Parameters group
This group allows you to configure the parameters for the firewall Type that you selected above. The options in this group vary based on the Type selection.
Hostname or IP
Enter the hostname or IP address of the machine to which you want to connect.
Port
Enter the port to which you want to connect. For a SOCKS firewall, this is usually 1080.
Username
Enter the username for this connection.
Password
Enter the password for this connection.
Proxy prompt
This option applies only if you have selected Generic/Telnet proxy as your firewall Type.
Enter the prompt that SecureFX can expect to receive from the generic proxy. For example, to use the TIS Firewall toolkit, the prompt would be:
tn-gw>
For WinGate, the prompt would be:
WinGate>
Proxy command
This option applies only if you have selected Generic/Telnet proxy as your firewall Type.
Enter the connect or open command that SecureFX needs to send to the generic proxy. For example, to use the TIS Firewall toolkit, the command would be:
c %h %p\r
For WinGate, the command would be:
%h %p\r\n
The SSH protocol imposes some special constraints on what firewall software can be used. SSH does work with SOCKS firewalls. SSH does not work with generic firewalls that are not 8-bit clean or that modify the contents of the data stream. SSH cannot be used through the TIS tn-gw generic proxy.