Re: [FW-1] Error FW-1 at firewall: Failed to connect to the WWW s erver & Error FW-1 at firewall: Unknown WWW Server

["Chontzopoulos, Dimitris" <dimitris.chontzopoulos@FW1-NOSPAMMEGATRUST.GR>]

Thank you very much for your response but i think that this is not my case. The URL type(d) is always correct, the FW doesn't have M$ DNS server installed or other DNS Server program or caching, the FW is configured to use DNS Name Resolution (and it works like a charm), the web site(s) we are trying to visit do not time out. Further more there is no BIND timeout in Policy -> Properties, Resolving Tab (to be exact there is no such thing as Resolving TAB inside Policy, Properties). Is there any other way around this problem? The FW is FW-1 4.1 CP2000 SP3 on M$ NT 4.0 SRV SP6a. Thank you. Thare is also a number of HTTP, FTP Resources (These are used for Nimda in-out, forbiden downloads, ftp access for specific PC's to specific IP Addresses).

-----Original Message-----
From: Cantwell, Steve [mailto:scantwel@enterasys.com]
Sent: Thursday, January 17, 2002 8:32 PM
To: 'dimitris.chontzopoulos@MEGATRUST.GR'
Subject:

I am using the HTTP Security Server to filter and track web content. When I try to access a particular web site, I get a web page with the following error message:

fw-1 at (firewallname): unknown www server
What does this error message mean and how can I fix it?
A:
This could mean a couple of different things:

• The URL typed was not correct.
• The firewall is not configured to use DNS for name resolution. When using the HTTP Security Server, using DNS for name resolution is required.
• When FireWall-1 attempted to look up the site in question, it timed out.

There are a couple of ways to address this problem:

• Turn off any Name Service Caching software. nscd is a known problem on Solaris 2.5.1 installations. If this process is running, kill it, remove /etc/rc2.d/S76nscd (where it is usually started from) and reboot.
• Increase the BIND timeout in Policy->Properties, Resolving tab. Re-install the security policy