Search

	display results
words begin exact words any words part

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[FW-1] CVP to NAV Died....have disabled NAVFW CVP but can't flush spool

To: [email protected]
Subject: [FW-1] CVP to NAV Died....have disabled NAVFW CVP but can't flush spool
From: "McDuff, Malcolm" <[email protected]>
Date: Thu, 28 Mar 2002 20:11:45 -0800
Comments: To: "[email protected]" <[email protected]>
Reply-to: Mailing list for discussion of Firewall-1 <[email protected]>
Sender: Mailing list for discussion of Firewall-1 <[email protected]>

Title: CVP to NAV Died....have disabled NAVFW CVP but can't flush spool

Hello...

This afternoon we started receiving messages in our firewall logs that all SMTP traffic was being denied because the firewall couldn't establish a connection to our Norton Anti-Virus for firewall server.

We have not been able to isolate the problem, despite loading the most recent patches to both NT and NAV, so we have edited our anti-virus resources on the firewall so that the radio button on the CVP section of Action 2 is now set to None.

This has all new e-mails bypassing the CVP, however I have a number of messages left on the fw1/spool directory. I need to know what I can do to edit the AV header information to allow these files to be passed through the system now (right now all of the spool items will be rejected because the cvp server cannot be processed).

I have tried by comparing headers on successful messages vs. the stuck ones

        Changing AV_SETTING from "cure" to "none"
        Changing AV_PORT from 0 to 18181
        Changing COMPOUND from 0 to 1

...so far no success.

Are there any other suggestions for re-processing these files?

Malcolm McDuff

-----Original Message-----
From: Ashe Richards [mailto:[email protected]]
Sent: Wednesday, March 27, 2002 8:03 PM
To: [email protected]
Subject: [fw1-wizards] routing problem

I'm fairly new to FW-1, but am seeing what I think is a routing problem
between the two networks I've configured. This is older software, 4.0 to be
exact. Here's my scenario, I have one subnet that has the firewall and the
router to the net:

Fw INterface 1: 64.46.169.189
Mask: 255.255.255.252
Gw: 64.46.169.190

Router: 64.46.169.190

Then my other subnet is the internal which hosts my web server, data server,
and web site addresses. I have it configured as such:

Fw Interface 2: 64.46.169.129
Mask: 255.255.255.196
Gw: Blank

WebServ: 64.46.169.130
Mask: 255.255.255.196
Gw: 64.46.169.129

My results are that I can ping the internat net from the firewall, the
router from the firewall, and the internet from the firewall. I can also
ping the firewall from the router, and the firewall from the webserv, but
not the router from the webserv or vice versa. I've gone through and insured
that FW1 is controlling IP forwarding, and that it's also enabled at the OS
level (NT4). I have rules that should allow pinging to go both ways
(temporarily, of course) from the external net to the internal net, and am
at a loss as to what to try next. Any help would be greatly appreciated.

Thanks!
Ashe Richards

---------------------------------------------------------------------
FireWall-1 Wizards Mailing List (http://www.phoneboy.com/wizards/)
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

Prev by Date: [FW-1] firewall-1 ng tuning
Next by Date: [FW-1] FW: NAVFW CVP Died...have disabled, can't clear messages in spool on firewall
Previous by thread: [FW-1] firewall-1 ng tuning
Next by thread: [FW-1] FW: NAVFW CVP Died...have disabled, can't clear messages in spool on firewall
Index(es):
- Date
- Thread