Providing Access to the Cipafilter for the Support Team

Info - Providing Access to the Cipafilter for the Support Team

Issue

If the Cipafilter is installed behind an existing firewall, access to the Cipafilter will need to be provided for our support team.  

Solution

In the firewall:
  1. Allow TCP port 22 (SSH), TCP port 443 (HTTPS), and TCP port 6226 (web proxy) inbound from the following Cipafilter subnets to the Cipafilter:

    1. 216.24.127.0/25 - Primary Subnet
    2. 208.123.231.40/29 - Secondary Subnet

  2. If user devices will be filtered when off-site, please allow TCP port 6226 (web proxy) to be accessed from the world.  This is the default proxy port used for remote filtering.

  3. Configure a port forward from a public IP address to the private IP address of the Cipafilter using the previously specified ports.

  4. Please allow all outbound traffic from the Cipafilter.

    • Related Articles

    • Info - Quick Start Guides

      Cipafilter provides a Quick Start Guide for each current hardware model.  PDFs of those guides are attached to this article.
    • Manual - Appendix II: Privacy / remote access disclosures

      Your Cipafilter contains several features which, while designed to enhance usability and provide for excellent support, may create privacy concerns for some.  In the interest of maintaining openness and an informed user base, these features are ...
    • Introducing Cipafilter 11.4

      January 15, 2020 We are excited to introduce another great version of Cipafilter! Our teams have worked hard to bring you the best in firewall, web filtering, and reporting technology. Firewall Improvements Cipafilter already has an incredibly easy ...
    • Info - IPSec VPN Compatibility

      Although these technologies are industry-standard and in wide deployment, the site-to-site VPN functionality is designed primarily to interconnect two Cipafilter units — it may or may not function with other devices.  If you would like to create a ...
    • Info - Google Apps Domain Restriction

      Google Apps Domain Restriction requires SSL Decryption to be enabled in order to function. Any groups without SSL Decryption enabled will not be effected by this feature.  Many Google Web properties, including Gmail, support a custom header which ...