User Tools

Site Tools





  • Notification: Mailserver settings
  • Mail server should be:


  • Firmware- updated to 10.6.6 MR-3
  • HA
  • SNMP
  • Certificates
  • Diagnostics


  • Hosts
  • * Add offship_network
  • * Add data_network


  • Create a local-to-ship-traffic group containing offship_network and data_network



File Type

Network Interface Using static IP as Bridge Pair betweek PeplinkMediaFast and science/offship network.. Both these screen shots have the wrong IP number for the cyberoam.


Static Route Dynamic Route DNS

Router Advertisement DHCP ARP - NDP Dynamic DNS

Wireless Protection N/A

Identity Authentication Firewall Is there a RADIUS server on the ship??– this may need to be removed, but it did not seem to affect logons.

Captive Portal Settings

Keep alive request for captive portal- need to check w/ atlantis this might be the trick to keep VPNs up by having this disabled. Groups Users Endeavor_UserGroup for crew SCIENCE users for science (this is just a suggestion, they can be grouped and removed easily, if the group is different) Can import the science users from a text document, (science_users.template)

Clientless Users Setup w/ the same Application Filter and Web Filter as EndeavorUsers only no limit on surfing. This policy is for Clientless Users/ KIOSK computers for general use. Ship Clientless computers: Science Clientless Users This tends to be on a cruise by cruise basis. There are two static IPs set aside for science clientless users


Guest Users Policy

Live Users

Firewall Rule Allow all DNS through cyberoam These could be updated, had to allow DHCP through firewall


Virtual Host Nat Policy Spoof Prevention Do


WEB FILTER To download WebFilter settings as an xml System→Maintenance→ImportExport choose: Export Selective configuration and search on Web Click Include Dependent entity

Settings Categories Added AppleDeny DropboxDeny GoogleCloud NoSpotifyForYou NoSteamForYou Removed EndeavorBlocked Policy Created ShipBlock The rules can be turned off and on by clicking on the wrench and choosing allow or deny. If someone needs an microsoft update can change to allow for and then back to deny

APPLICATION FILTER Application List Category Policy IMPORT Armstrong’s satNAG application filter SYSTEM→MAINTENANCE→Import Export Choose Import, browse for configuration you want to import; Preserve existing configuration then click Import. EXPORT application filter to edit by hand: SYSTEM→MAINTENANCE→ Import Export Choose Export selective configuration; ApplicationFilterPolicy; include dependent entity Rename it on download something like: endeavor_cyberoam_applicationFilter_[YYYYMMDD].tar When recreating the tar, need to only include the Entities file; on a MAC need to exclude the ._Entities file : COPYFILE_DISABLE=1 tar cf nameoftarfile.tar files_put_in_tar

SETUP SYSLOG SERVER: LOGS & REPORTS→ Configuration→ Syslog Server

public/cyberoam_configuration_parsed.txt · Last modified: 2019/11/01 21:14 (external edit)