[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [FW1] A bug or a feature?
> Adorno Martin wrote: > > We have no problems accesing ftp or http sites from the Head Office LAN. But > some remote sites can not access some ftp and https sites. The url´s links > that they can not access are HTTPS://xxx.xxxxx.xxx/xx/xxxx/xx.CGI. or > FTP://xxx.xxxxx.xxx/xx/xxxxx.CGI. All the Browsers are configured in the > same way. We have IE 5. Is this URL specific? (htps://xxx.xx.xx/xx/xx/xx.cgi) or all HTTPS URL's ending with CGI present the problem). I think it's specific and probably what's happening is that there's some address (and port) redirection over there, to another port... > I disabled IP Spoofing and SYN Defender and it does not work too. Disabling IP Spoofing is not worth, since if the problem is that the external machine is sending you spoofed packets, then you have very hard securuty problems... Same to the SYN Defeder stuff. If you disable your protection in order to reach a site, and allow such site to attack you, you're in big problems. > Ah! and I am getting some strange entry in the firewall log: > > From: Secure Sites or FTP Sites > Action: Drop > Reason: Unknown Established TCP Packet > I don´t know if the above has a relation with the problem Probably. Check if the CGI is not redirecting you to some other address (this can be done using an ISP connection, or an Internet Coffee connection). > I think it is a time out problem Probably too.. Check it out this side.. ;-) ================================================================================ To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================================================
|