[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [FW-1] NG AI Problem
Hello guys, after upgrading from "NG FP3" to "NG AI" I have a cannot access https-Site over a proxychain. Here is the scenario: Client ------> SQUID1 -------> CP NG AI -------> SQUID2 --------> SSL-Webserver SQUID1 (Proxyserver) communicates over Port 80 with SQUID2 and I cannot change this Port, because I don't administrate SQUID2. HTTP-Connections work fine, but If the client want to connect to an Webserver with HTTPS, Firewall1 drops the connection with: CONNECT command found in http request It seems, that Firewall1 with AI checks the http-protocol for connect-commands and that is true for untunneled connection, but for tunneled connections is a CONNECT method in the request. So how can I disable this checking for tunneled connections without changing the port ???? BTW: I also tried to change the service in the rulebase to TCP Port 80 without TYPE HTTP, but no success best regards ztif ================================================= To set vacation, Out-Of-Office, or away messages, send an email to [email protected] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [email protected] =================================================
|