SSl/tls certifcate

Find the answers to GD eSeries queries in this forum. The experts will help you out!
Post Reply
salmanryk
Registered user
Registered user
Posts: 15
Joined: Mon, 09 Jun 2014, 09:08

SSl/tls certifcate

Post by salmanryk »

i have installed Panda Gate Defender Software e Series 5.50.00.But i am failed to push my certifcate of digicert used for tls communication.plz guide urgent as my tls based comunication stopped
GDsupporter
Official moderator
Official moderator
Posts: 22
Joined: Mon, 09 Jun 2014, 17:32

Re: SSl/tls certifcate

Post by GDsupporter »

Dear salmanryk,

Have You activated the proxy httpS? To do so go to Proxy --> HTTP --> HTTPS

Once activated make sure that yout digicert certficate its on the appliance. To do so, in the https proxyu Upload Your certificate to the appliance clicking on upload proxy certificate

Best Regards

GDsupporter
salmanryk
Registered user
Registered user
Posts: 15
Joined: Mon, 09 Jun 2014, 09:08

Re: SSl/tls certifcate

Post by salmanryk »

My Https is not enable,but even after entering the certifcate in panda,my tls domains emails is not reaching to exchange or giving certifcate error mismatching.i have disable the port 25 in rules and allowed only for tls doamin IP.then it work fine.if i open the 25 for all it cause lot of spam.Kindly recommend me solution in which tls doamin are added to panda not IPs & port 25 be open for all with no spam inside.

Also guide if available diect support frm head office on call ?
GDsupporter
Official moderator
Official moderator
Posts: 22
Joined: Mon, 09 Jun 2014, 17:32

Re: SSl/tls certifcate

Post by GDsupporter »

Dear Salmaryk,

From what We understand from Your post, the issue is in regards the proxy smtp settings using port 587.

Please check below:

- If You are not using port 25 to send emails, You can deactivate the rule on the firewall for the outgoing traffic.

- In the next link You can see how to setup the smtp proxy with an internal email server:

http://www.pandasecurity.com/enterprise ... d?id=41812

On the other hand, could You please send me Your client number in a private message so We can check the information in our database?

Best Regards

GDsupporter
salmanryk
Registered user
Registered user
Posts: 15
Joined: Mon, 09 Jun 2014, 09:08

Re: SSl/tls certifcate

Post by salmanryk »

currently i have added the IPS of all domain(regarding tls) in firewall rule.But mails still strucking and shows in mail queue .On my finding I reach on point that mails from tls domain using smart host are strucking bcz i have not whitelisted smart host IPS .Plz gude me futhermore i have sugestion for this that if we white list the domain some whr in panda like xyz.com it will allow all mails coming frm xyz.com

whr i can find my client number ????
GDsupporter
Official moderator
Official moderator
Posts: 22
Joined: Mon, 09 Jun 2014, 17:32

Re: SSl/tls certifcate

Post by GDsupporter »

Dear Salmaryk,

How is the proxy on the green zone, transparent or not transparent mode?

Have You defined the smarthost within the proxy configuration?

As Panda customer, You should have received an email from Panda with the details, please send me a private message with that information as well as a network diagram so We can figure out the best configuration for the appliance.

Best Regards

GDsupporter
salmanryk
Registered user
Registered user
Posts: 15
Joined: Mon, 09 Jun 2014, 09:08

Re: SSl/tls certifcate

Post by salmanryk »

Proxy is in transparrent mode.
NO smart host defined.

more details are in private message
GDsupporter
Official moderator
Official moderator
Posts: 22
Joined: Mon, 09 Jun 2014, 17:32

Re: SSl/tls certifcate

Post by GDsupporter »

Thank You very much for all the information.

We will check it and We will answer You back as soon as We can.
Post Reply

Return to “GD eSeries - Issues”