GajShield Knowledge Base

All the documents you require to help you configure and manage GajShield firewalls.

DOCUMENT FAQs

Browse by document category.

Setup

Questions related to setup of GajShield firewall.

URL Filtering

Questions on URL filtering, content filtering, mime blocking..

VPN

This section answers question on IPSEC, PPTP and L2TP VPN..

LATEST DOCUMENTS IN FAQS


Q. I would like to allow our users to only browse during non-peak hours. How do I do that in Gajshield?
A. Go to Browsing->Site Policy->Schedule. Enable only the time you wish a group to browse. By default, all groups are allowed to browse at all times. After modifying the schedule for a group, restart proxy at Browsing->Setup->Start Proxy......
Q. I would like to block all URLs for a group of users and allow only a few. Can I do that with GajShield?
A. Yes, you can create user groups which are allowed to only browse a certain sites. To do that, create groups with a Site policy as 'Default Block'. This can be done in the group creation form......
Q. Can I load balance my internet traffic through 2 ISPs?
A. Yes. You can load balance your internet traffic through 2 ISPs. There is no limitation on GajShield UPTM on the number of ISPs you can load balance the traffic. It will be limited by the number of interfaces on the GajShield UPTM......
Q. Does GajShield UPTM support ISP failover?
A. GajShield UPTMs not only support global ISP failover, but can be configured to support policy based ISP failover. For example, you can have HTTP traffic flowing through ISP1 as primary link, and ISP2 as secondary whereas SMTP traffic can flow through IS.....
Q. Can I user RSA SecurID token to authenticate users?
A. You can configure radius protocol on GajShield UPTM to authenticate users with two-factor authentication devices like RSA......
Q. Can I use certificates to authenticate the users?
A. You can use certificates or pass phrase to authenticate users. For mobile users, who do not have a fixed IP, certificates are recommended......
Q. What is Site Block Logs and how is it useful?
A. The 'Site Block Logs' gives a detailed report on the sites which have been blocked by the firewall. It also provides the category for which these sites have been blocked. You can click on any of these categories to find the users which have visited a pa.....
Q. Can I find out the top users who have downloaded from the web?
A. GajShield gives a very detailed report on each user. You can get the top users by download, by url hits and categories visited by the organisation. This give an insight on where the traffic is being utilised and where do users spend their time on the we.....
Q. How long can I keep the local logs?
A. You can configure the number of days to keep the logs at ADMIN->Settings->Misc Options......
Q. Does GajShield support remote syslog?
A. Yes, you can configure GajShield to log on a remote syslog server. This can be done at REPORT->System->Syslog Options......
Q. Can I block files of a particular type?
A. GajShield supports file-block by mime-types. You can configure the required mime types to block for a group. This can be done at BROWSING->MimePolicy. If a group has been configured to block mime-types by default, you can specify the mime-types who w.....
Q. A particular URL is not categorised by GajShield, can I send it to you?
A. Please send the URL to support@gajshield.com along with the Category, you feel that it belongs to. Our team will review it and update the relevant category......

POPULAR DOCUMENTS IN FAQS


Q. When attempting to connect to GajShield for initial configuration, the Web browser displays "Host not responding" errors. How is this corrected?
A. Make sure to set the IP address of the computer being used for initial configuration to the same subnet address of the GajShield.. During initial configuration, it is suggested that this address be 192.168.0.1 with a Subnet Mask of 255.255.255.0. If sma.....
Q. Can I use certificates to authenticate the users?
A. You can use certificates or pass phrase to authenticate users. For mobile users, who do not have a fixed IP, certificates are recommended......
Data Leakage Prevention
Data leakage prevention is a system that is designed to detect potential data breach incidents......
Q. Can I user RSA SecurID token to authenticate users?
A. You can configure radius protocol on GajShield UPTM to authenticate users with two-factor authentication devices like RSA......
Q. How long can I keep the local logs?
A. You can configure the number of days to keep the logs at ADMIN->Settings->Misc Options......
Q. Can I load balance my internet traffic through 2 ISPs?
A. Yes. You can load balance your internet traffic through 2 ISPs. There is no limitation on GajShield UPTM on the number of ISPs you can load balance the traffic. It will be limited by the number of interfaces on the GajShield UPTM......
Q. Once GajShield is installed, is it necessary to change the IP settings of each node on the network?
A. No, GajShield is installed between the router and LAN and configures itself to intercept and pass traffic destined for the Internet router. No client configuration is required, unlike for proxy servers......
Steps to install and configure Single Sign On(SSO)
Firewall Configuration: 1. After applying patch select option GajShield userSense NTLM from Browsing->Setup->Browsing options. 2. There you will get an option to enable or disable single sign on, to enable choose "yes". 3. After chosi.....
Q. Does GajShield support PPPOE?
A. Yes, you can configure any interface as PPPOE. You will need to provide the following information Interface Name: indicates the default function of the interface (for example, Secure, Insecure, DMZ) Interface Type: indicates whether PPPoE is to.....
Q. How can one configure interfaces?
A. All GajShield's UPTM interfaces can be configured using NETWORK->Basic->Interfaces. You can assign the required IP, give it a name, type. If this interface is connected to your Internet, you should also provide the gateway or router to which it is.....
Q. What are aliases?
A. GajShield UPTM can be used to NAT servers behind the firewall. This can be done using proxyarp or by reverse NATs. If you configure the firewall to provide reverse NAT, you will need to assign the external IP address to the firewall as an alias. This ca.....
Q. GajShield is managed fine from any computer in the LAN but not from the other systems in DMZ, Why?
A. The default policy of GajShield allows systems from the LAN interface to configure the UPTM. You can change the policy to allow other systems to configure the firewalls by adding their IPs in FIREWALL->Policies->Admin Ips.....