Hello,
I was wondering if someone could provide me with an explanation of something that happened on my firewall recently.
I run FW-1 and VPN-1 version 4.1, SP3 on a Windows NT 4.0 SP6a box.
The problem in question involves a Web Server that is limited in who can access it. Basically, I have a rule that states drops all access to this
server except for 2 hosts. If either of the two hosts has a problem in connecting to the web server, they email me. At least, this is what is
supposed to occur.
One of the hosts (Host1) could not connect to the Web Server and it could not email me. I could see traffic from that host to both the web server and
the SMTP server, but entries did not exist for it in either the Web server or SMTP server logs. Normally, I see entries for both hosts. In fact, Host2
continued to work properly through all of this. I could see entries from it through the firewall and on the web server. It didn't encounter any
problems, so it never emailed me.
I stopped and restarted the firewall, and suddenly Host1 sent me 14 emails and I could see entries from it on the web server.
I have failed connections being watched in performance monitor, but I didn't see any.
What happened? Has anyone encountered this kind of thing before?
Any help would be greatly appreciated.
Rob Michayluk
Computer Network Services Analyst
ACD Systems Ltd
Tel:
Fax:
[email protected]
www.ACDSYSTEMS.com
Come meet the ACD Systems Team!
23rd International Conference on Software Engineering, Westin Harbour Castle Hotel, Toronto, May 12-19
VAR Vision, Wyndham El Conquistador Resort & Country Club, Las Crobas, Puerto Rico, May 20-23
MacWorld 2001, New York, July 18-20, Booth 1331
Comdex Fall 2001, November 12-16