GajShield Knowledge Base

All the documents you require to help you configure and manage GajShield firewalls.

DOCUMENT FAQs

Browse by document category.

Setup

Questions related to setup of GajShield firewall.

URL Filtering

Questions on URL filtering, content filtering, mime blocking..

VPN

This section answers question on IPSEC, PPTP and L2TP VPN..

LATEST DOCUMENTS IN FAQS


Q. What VPN protocol does GajShield support?
A. GajShield supports IPSEC, PPTP, and L2TP over IPSEC. You can connect a normal Windows IPSec client using L2TP over IPSec to GajShield UTM. .....
Can I create custom regular expression to be used in DLP policies
Yes, you can create your own customer regular expression which can be used in your DLP policies. This can be created at Definitions : RegEx Pattern : Patterns .....
Can I configure a range of ports for a single service in GajShield?
Yes, you can do that while configuring a Service. Here you can specify a range of ports either in the Source Port or in Destination Port .....
Can I create a group of services to be used in a firewall rule ?
Yes, GajShield allows to bundle services together in a group which could then be used in a firewall rule. A service group can be created at Definitions : Protocols and Services : Service Groups This added service group can be then used in firewa.....
How do I configure a FQDN based host in GajShield DC series Appliance ?
GajShield supports Fully Qualified Domain Name (FQDN) based Hosts so that it can be referenced in Firewall policies without having to know the IP address FQDN hosts are resolved even for multiple addresses for a single domain or host. To use FQDN on .....
Data Leakage Prevention
Data leakage prevention is a system that is designed to detect potential data breach incidents......
Steps to install and configure Single Sign On(SSO)
Firewall Configuration: 1. After applying patch select option GajShield userSense NTLM from Browsing->Setup->Browsing options. 2. There you will get an option to enable or disable single sign on, to enable choose "yes". 3. After chosi.....
Q. Can I limit the size of downloads?
A. You can limit the size of downloaded files by stating the 'Maximum Download Size' while creating groups......
Q. What is 'Trusted Domain'?
A. If you have enabled http virus scanning and if you wish to bypass the virus scanning engine for particular domains, you can do that by adding these domains in 'Trusted Domain'.....
Q. I have blocked 'Mail' category for a particular group. But I would like them to have access to Yahoo mail.
A. You can add sites that you wish to allow for a particular group at Browsing->Category->White List. These sites will be allowed even though they belong to a particular category which is blocked......
Q. I would like to allow our users to only browse during non-peak hours. How do I do that in Gajshield?
A. Go to Browsing->Site Policy->Schedule. Enable only the time you wish a group to browse. By default, all groups are allowed to browse at all times. After modifying the schedule for a group, restart proxy at Browsing->Setup->Start Proxy......

POPULAR DOCUMENTS IN FAQS


Can I configure a range of ports for a single service in GajShield?
Yes, you can do that while configuring a Service. Here you can specify a range of ports either in the Source Port or in Destination Port .....
Can I create custom regular expression to be used in DLP policies
Yes, you can create your own customer regular expression which can be used in your DLP policies. This can be created at Definitions : RegEx Pattern : Patterns .....
Can I create a group of services to be used in a firewall rule ?
Yes, GajShield allows to bundle services together in a group which could then be used in a firewall rule. A service group can be created at Definitions : Protocols and Services : Service Groups This added service group can be then used in firewa.....
How do I configure a FQDN based host in GajShield DC series Appliance ?
GajShield supports Fully Qualified Domain Name (FQDN) based Hosts so that it can be referenced in Firewall policies without having to know the IP address FQDN hosts are resolved even for multiple addresses for a single domain or host. To use FQDN on .....
Q. What is Site Block Logs and how is it useful?
A. The 'Site Block Logs' gives a detailed report on the sites which have been blocked by the firewall. It also provides the category for which these sites have been blocked. You can click on any of these categories to find the users which have visited a pa.....
Q. Can I find out the top users who have downloaded from the web?
A. GajShield gives a very detailed report on each user. You can get the top users by download, by url hits and categories visited by the organisation. This give an insight on where the traffic is being utilised and where do users spend their time on the we.....
Q. Users on the LAN are unable to reach the Internet after installing GajShield. The Internet connection was working fine before GajShield was installed. What is wrong?
A. Make sure to restart the Internet router after installing GajShield. There is a possibility that the arp address in the router has not been refreshed and is still pointing to the old system. Also, try to ping the router from the GajShield UPTM using the.....
Q. Does GajShield support remote syslog?
A. Yes, you can configure GajShield to log on a remote syslog server. This can be done at REPORT->System->Syslog Options......
Q. A proxy server firewall was removed when GajShield was installed. Now clients on the LAN are unable to access any Internet services. What is going wrong?
A. Proxy servers require the client software be configured to connect to the proxy, breaking the basic client-server model of the Internet. To allow client access to the Internet without the proxy, disable the proxy setting in each client application. .....
Q. What VPN protocol does GajShield support?
A. GajShield supports IPSEC, PPTP, and L2TP over IPSEC. You can connect a normal Windows IPSec client using L2TP over IPSec to GajShield UTM. .....
Q. Can I use certificates to authenticate the users?
A. You can use certificates or pass phrase to authenticate users. For mobile users, who do not have a fixed IP, certificates are recommended......