[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [FW-1] Strange problem with Web access to an Access Point defined in a DMZ lan
Title: RE: Re: [FW-1] Strange problem with Web access to an Access Point defined in a DMZ lan Warrior woman :) No, the specific rule is not an authentication rule, it's a standard WS to AP's allow all. Mike -----Original Message----- From: Xena Warrior [SMTP:[email protected]] Sent: à ôáøåàø 24 2002 11:47 Subject: Re: [FW-1] Strange problem with Web access to an Access Point defined in a DMZ lan Is the rule allowing access to the APs also authenticating? --- [email protected] wrote: > Thanks. > > I'll look into that today, and possibly move the > rule in question above the other one and check. > > >From a quick scan, neither the AP's or the WS > onjects which have access to the AP's are in the > HTTP with resource rules, but I will check more in > depth a bit later. > > Thanks for the idea, > > Mike > > > -----Original Message----- > > From: David Knoll [SMTP:[email protected]] > > Sent: à ôáøåàø 24 2002 9:32 > > To: [email protected] > > Subject: Re: [FW-1] Strange problem with > Web access to an Access Point defined in > a DMZ lan > > > > Well if it comes before the rule you are talking > about and it looks like this: > > WS-Objects (or any other group that includes > WS-Objects) Any (or any other group that includes > Access Point Group) Http with resource > > > > Then traffic passes through the security server. > > Try the PTR records see if it solves your problem. > > > > > > > > > David Knoll > > UpBIT Solutions Ltd > > > > > > Tel:+ 972-3-6476387 > > > > Fax:+ 972-3-6476396 > > > > Cellular:+ 972-54-496357 > > > > > > > > E-mail: [email protected] > > > > > > > > Upbit Solutions Ltd > > > > 9 Nissan Street > > > > Tel-Aviv 69715, Israel > > > > -------------------------------------------- > > This message may contain confidential and/or > proprietary information, and is intended only for > the person / entity to whom it was originally > addressed. The content of this message may contain > private views and opinions which do not constitute a > formal disclosure or commitment unless specifically > stated. > > > > > > > > > > > > > > > > > > -----Original Message----- > > From: Mailing list for discussion of > Firewall-1 > > On Behalf Of [email protected] > > Sent: Sunday, February 24, 2002 8:37 AM > > To: > > Subject: Re: [FW-1] Strange problem with Web > access to an Access Point defined in a DMZ lan > > > > > > > > Dave, > > > > Yes I do, but not in this specific rule, so > as far as I know it should not catch this HTTP. > > > > Mike > > > > -----Original Message----- > > > > From: David Knoll [SMTP:[email protected]] > > > > Sent: ä ôáøåàø 21 2002 0:23 > > > > To: > > > > Subject: Re: [FW-1] Strange > problem with Web access to an Access Point > defined in a DMZ lan > > > > Do you use a security sever (add with > resource) for HTTP? > > > > > > > > David Knoll > > UpBIT Solutions Ltd > > > > > > Tel:+ 972-3-6476387 > > > > Fax:+ 972-3-6476396 > > > > Cellular:+ 972-54-496357 > > > > > > > > E-mail: [email protected] > > > > > > > > Upbit Solutions Ltd > > > > 9 Nissan Street > > > > Tel-Aviv 69715, Israel > > > > -------------------------------------------- > > This message may contain confidential and/or > proprietary information, and is intended only for > the person / entity to whom it was originally > addressed. The content of this message may contain > private views and opinions which do not constitute a > formal disclosure or commitment unless specifically > stated. > > > > > > > > > > > > > > > > > > -----Original Message----- > > From: Mailing list for discussion of > Firewall-1 > > On Behalf Of [email protected] > > Sent: Wednesday, February 20, 2002 4:26 PM > > To: > > Subject: [FW-1] Strange problem with Web > access to an Access Point defined in a DMZ lan > > > > > > > > Afternoon all, > > > > I have a very odd situation here that I am > unable to work out. > > > > I have a setup as follows : > > > > Internal Network > > > > | > > > > | > > > > FW ---- Secured VLAN > > > > | > > > > | > > > > Internet > > > > On the secured VLAN I have a Lan dedicated > only to Access Points. > > > > I have a rule allowing specific users to > access the AP's from the Internal Network using HTTP > and Telnet. > > > > The users can Telnet to the AP's fine. > > > > The users attempt to access the AP's via > HTTP. I see the sessions established in the log' and > in the browser I get :> > > > > "FW-1 at fw: Failed to connect to the WWW > server". > > > > This again, despite the fact that I see the > session established in the logs, and Telnet > (standard) works fine. > === message truncated === __________________________________________________ Do You Yahoo!? Yahoo! Sports - Coverage of the 2002 Olympic Games ================================================= To set vacation, Out Of Office, or away messages, send an email to [email protected] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email =================================================
|