Search

	display results
words begin exact words any words part

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [FW1] Strange FW behaviour with Proxy

To: "Mike Glassman - Admin" <[email protected]>, "'fw-1 listserv'" <[email protected]>
Subject: Re: [FW1] Strange FW behaviour with Proxy
From: "Tim Holman" <[email protected]>
Date: Thu, 12 Apr 2001 20:21:04 +0100
Cc: "Mike Glassman - Admin" <[email protected]>
References: <[email protected]>
Sender: [email protected]

Post me your NAT rules.
Also - what platform is it ?
Do you have static routes / proxy arps in place ?

----- Original Message -----
From: Mike Glassman - Admin <[email protected]>
To: 'fw-1 listserv' <[email protected]>
Cc: Mike Glassman - Admin <[email protected]>
Sent: 09 April 2001 10:25
Subject: [FW1] Strange FW behaviour with Proxy


>
> All,
>
> We have an internal Proxy server which has been static NAT'd to a legal
> external address to allow it to access the Internet, and for logging
> purposes.
>
> In the FW rulebase, the rules define what the Proxy may do and so on. So
the
> rules would be for eg....
>
> Proxy Any HTTP Log
> Proxy Any FTP Log
>
> And so on.
>
> When I look at the FW log's, I see the Proxy server as it should be (The
> internal address).
>
> When on the other hand I look at the logs generated beyond my FW, and
before
> my Router, using a shaping/logging tool we have, I see that the Proxy is
> going out on the FW's legal Internet address and not as the NAT'd address
I
> gave it.
>
> So, if I NAT'd the Proxy to 192.178.116.72 (for eg), I should see that
> address, instead I see 192.178.116.1 (for eg) which is the FW's external
> leg. (Those addresses are not the actuall ones for obvious reasons).
>
> I know for a fact that this is happening, but I can't for the life of me
> figure out why.
>
> Anyone ?
>
> Mike Glassman
> System & Security Admin
> Israeli Airports Authority
> Ben-Gurion Airport
> http://www.ben-gurion-airport.co.il
>
> Tel : 972-3-9710785
> Fax : 972-3-9710939
> Email : [email protected]
>
> Usage of this email address or any email address at iaa.gov.il for the
> purpose of sales pitches, SPAM or any other such unwanted garbage, is
> illegal, and any person, whether corporate or alone doing so, will be
> prosecuted to the fullest possible extent.
>
>
>
>
>
>
>
============================================================================
====
>      To unsubscribe from this mailing list, please see the instructions at
>                http://www.checkpoint.com/services/mailing.html
>
============================================================================
====
>
>


================================================================================
     To unsubscribe from this mailing list, please see the instructions at
               http://www.checkpoint.com/services/mailing.html
================================================================================

References:
- [FW1] Strange FW behaviour with Proxy
  - From: Mike Glassman - Admin <[email protected]>

Prev by Date: [FW1] Re: fw-1-mailinglist-digest V1 #5
Next by Date: [FW1] in.pingd problems
Previous by thread: Re: [FW1] Strange FW behaviour with Proxy
Next by thread: RE: [FW1] Strange FW behaviour with Proxy
Index(es):
- Date
- Thread