Hi all, We've a bit of an oddity here after upgrading our firewalls to R75.20 from R65 HFA70. Management Server was done about 10 days ago whilst gateways were done in the last two days.
Since the upgrade of one of the gateways yesterday, everything seemed to be working as previous until we discovered that no-one could access our website anymore. A quick investigation, using tcpdump and fw monitor, revealed that the firewall was dropping all https requests when hitting the external IP of the web server. Which is the weird thing, because no-one is sending https requests, only http. It seems that the firewall is somehow converting http requests to https and then obviously dropping them as our rulebase will only allow http. There are no problems accepting and forwarding smtp traffic; there are no problems for anyone doing udp lookups against our dns server; no problems for anyone hitting our ftp server. Only the web server is causing us grief. We've opened a support case with Check Point but so far, they are stumped. This mailing list has some experienced people as members though, so thought I'd ask ye too. Has anyone seen something like this before? If all resources on the DMZ were inaccessible then that would make more sense, or at least make it easier to troubleshoot, but this specific issue with inbound http requests getting dropped as https is a little odd. Thanks, Eamonn -------------------------- Sent from my BlackBerry Device Confidentiality Notice: This electronic message contains information that is privileged or confidential, is the property of QC Data, and is intended only for the use of the intended recipient. If you are not the intended recipient, you are hereby notified that disclosure, copying, distribution or use of this information is prohibited. If you have received this message in error, please delete the original message and any copy of it in your possession and notify us by telephone or email immediately. QC Data (Ireland) Limited Registered in Ireland, Number: 158091 VAT Registration No.: IE 6556091K Registered office: 70 Sir John Rogersons Quay, Dublin 2, Republic of Ireland. Scanned by Check Point Total Security Gateway. ================================================= To set vacation, Out-Of-Office, or away messages, send an email to lists...@amadeus.us.checkpoint.com in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email fw-1-ow...@ts.checkpoint.com =================================================