Running Gauntlet V5.5 on Solaris 2.6, the HTTP proxy seems to behave inconsistently. There is one site in particular that I had not been able to reach (port 80) from an internal machine. We have been noticing some MTU-related problems and have been able to address some of them by adjusting (lowering) MTU size to something on the order of 1400 bytes on the internal Windows clients.
The MTU tweak, however did not have an effect on this particular site no matter how low I made it. I have also tried to get to site with both PMTU discovery turned on and off on the Solaris machine. My perimeter router allows ICMP types 3&4 (fragmentation needed). I finally created a packet filter on the firewall and made corresponding router change to allow port 80 traffic to pass directly from my internal NT workstation to the web server and back. I was then able to reach site instantly from my internal workstation. I am also able to web to site from an unproxied workstation off another router interface. Is there some known issue with the Gauntlet HTTP proxy? Is there a parameter I can tweak for the HTTP proxy itself? What could I suggest to remote web site admin if fault lies at remote end? Could encryption be at fault as it exists between us and remote end? This, however is the case for links between us and many other sites with which we have no problem. Thanks. Joe Volk Embittered Browns fan. __________________________________________________ Do You Yahoo!? Check out Yahoo! Shopping and Yahoo! Auctions for all of your unique holiday gifts! Buy at http://shopping.yahoo.com or bid at http://auctions.yahoo.com _______________________________________________ Firewalls mailing list [EMAIL PROTECTED] http://lists.gnac.net/mailman/listinfo/firewalls
