[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [FW-1] Squirrelmail Issues/CP NG + AI
Realizing this is the Checkpoint List, I figured I would take a shot. I have posted to the squirrelmail list, and got suggestions, but no real answer. Firewall: NG + AI on Secure Platform Webmail: Squirrelmail 1.4.1 on Redhat 8.0, httpd-2.0.40-11.5, php-4.2.2-8.0.8 The Webmail piece hooks into a mail server on another box, running Redhat 8.0, Postfix and Courier IMAP. I have about 20 + users who come in through the firewall that consistently get booted out of squirrelmail when replying or trying to forward a message. The webmail piece uses user authentication. The webmail box uses static NAT as well. A user authenticates through the firewall, then authenticates on the mail server. I experience no errors with the login process, mail retrieval, or use of the many plug-ins I have set up. But when these users try to reply or forward, the session dies, and they get an error message saying FW1 : access denied. A look at my logs shows no drops or rejects, just the successful authentication of the user as they came through the firewall originally. I made sure all timeouts, the user, session, squirrelmail timeouts as well as my AI settings work. Nothing seems to interferes there nor do the logs indicate so. Checking my AI drop doesn't indicate the drops can be linked to my problem. DNS resolution seems to be fine throughout. I have discovered all the users use some form of IE 6, whether it be release or SP1 + hotfixes. Those on 5 or 5.5 are OK. Also, other browser users, Opera, Netscape, Mozilla, etc. are fine. My guess it is the way IE 6 renders frames and sessions and sometimes gets boxed up and the session dies. So, even though I think it's the browser, I am curious if other Checkpoint users have seen this behavior. On the squirrelmail list, responses to this problem are usually met with, it's a browser issue. If I controlled all my users computers, I could say, don't use IE 6. Unfortuneatley, these are users are at different physical locations, some miltary bases where I cannot dictate software installation/removal. With the increased use of windows update, IE 6 as a critical update, IE 6 is more or less ubitiquous on the windows platform. So, if anybody has suggestions, great. If not, thanks for reading. Regards, Scott ================================================= To set vacation, Out-Of-Office, or away messages, send an email to [email protected] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [email protected] =================================================
|