Firewall-1
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

[FW-1] https sites are not displaying on browser

from Sahul [Permanent Link]
Subject: [FW-1] https sites are not displaying on browser
From: Sahul <shameed AT MANAMA.SNS.SLB DOT COM>
To: FW-1-MAILINGLIST AT AMADEUS.US.CHECKPOINT DOT COM
Date: Sat, 15 May 2004 18:51:20 +0300 
All,

We have installed one Nokia IP 380 in one of our customer with checkpoint NG AI 
R55. Before the customer was using checkpoint firewall 4.1 with sp6 with 
management and firewall all in one winnt server.We have taken the policies are 
from checkpoint 4.1 sp6 . The checkpoint firewall 4.1 sp6 was used before as 
proxy server for the entire users. They were using http proxing /https proxing 
option in the rule base. After importing the rule base we have tested that 
internet browsing is working fine, the out going mails are fine. But the sites 
containing https or ssl using the port number 443 is not displaying. For 
example if you type hotmail.com with username & password which is using https 
for username/password , the page is not displaying. The smart tracker shows the 
 port https (443) reject and

the information https://login.passport.net/ppsecure

Browser error: FW-1: access denied

Error: "reason Web Content Security - access denied to resource.

I found the solution for this above error on checkpoint knowledge base the 
solution id is sk294/41 compatibility, sk11728/ng compatibility both of them 
are asking to edit the object.c file

The procedure is :
Modify the following parameters to be (true) on the Management Server using the 
dbedit utility.


http_connection_method_proxy (false)
http_connection_method_tunneling (false)

dbedit instructions;
1. Type 'dbedit' on the Management Server to login.
2. Type 'modify properties firewall_properties 
http_connection_method_transparent true' and press Enter.
3. Repeat the step two for each parameter above.
4. Type 'update properties firewall_properties' and press Enter.
5. Type 'exit' to leave dbedit.
6. Install the policy.


I have done this procedure , I can see inside the file contains the above 
options with true parameter. But still we are not getting the page displayed . 
Please if you have any solution provide me.

Thanks in advance,

Regards,
Sahul


=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to LISTSERV AT amadeus.us.checkpoint DOT com
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
fw-1-owner AT ts.checkpoint DOT com
=================================================
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
  • [FW-1] https sites are not displaying on browser, Sahul <=
Previous by Date:  [FW-1] Second management server log problem, Udo, Dhr. D. (Dirk)
Next by Date:  [FW-1] New Ethernet Card in Nokia IP350, Brett, Gary
Previous by Thread:  [FW-1] Second management server log problem, Udo, Dhr. D. (Dirk)
Next by Thread:  [FW-1] New Ethernet Card in Nokia IP350, Brett, Gary
Indexes:  [Date] [Thread] [Top] [All Lists]