[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [FW-1] http security server and IIS logging
> I have Checkpoint Firewall-1 version 4.1 SP5 running on Windows NT > 4.0 SP6a. I recently inplemented a rule that checks for the existence of > certain characters in a URL incoming to one of our DMZ web servers. Since > applying that rule, Microsoft IIS 5.0 logging for the site shows the > souce > IP addresses as the Firewall IP. When that rule is disabled, IIS logs the > source IP as the Internet user as it should. > Does anyone know of a way to keep the HTTP Security server from modifying > the source address of the packets ? No, this is the way the security servers operate. They proxy the connection and so all connections appear to come from the firewall. For outbound connections this is not a problem. For inbound connections it causes the undesirable side effects you have seen. -don ================================================= To set vacation, Out Of Office, or away messages, send an email to [email protected] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [email protected] =================================================
|